Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.Viknok Activity 3


  • Please log in to reply

#16
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Welllll....Roguekiller scan is finished it goes immediately to  http://www.adlice.co...howto/...didn't do that. Clicked "delete" and it went back to the pup screen. Rk says deleteting finished report to follow, but I do not have the screen that says "Fix Shortcuts" or any of the fixes shown on your screenshot.  For the heck of it, I went back and said yes to download the latest Rk....leads me to something to buy from (I think) Reimage ??    Here's what Rk told me anyway

 

RogueKiller V9.2.2.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : owner [Admin rights]
Mode : Remove -- Date : 07/14/2014  19:05:20

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0  -> NOT SELECTED
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSearch : 0  -> NOT SELECTED
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> NOT SELECTED
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 2  -> NOT SELECTED
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0  -> NOT SELECTED
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSearch : 0  -> NOT SELECTED
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> NOT SELECTED
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 2  -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NOT SELECTED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUP][FIREFX:Addon] imt0iusk.default : Yahoo Toolbar [{635abd67-4fe9-1b23-4f01-e679fa7484c1}] -> NOT SELECTED

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 1fb784fb6136f2d89d217c5b61a8b9c5
[BSP] 2ddba0680ab0dfee9a8f7ea6671bb68f : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 699128 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1434888192 | Size: 14775 MB
User != LL1 ... KO!
--- LL1 ---
[MBR] 8669e310039aa5f617a51cc98a094721
[BSP] b4fe96067e3c605bceeffb1bd20d8dae : Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 699128 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1434888192 | Size: 14775 MB
User != LL2 ... KO!
--- LL2 ---
[MBR] 8669e310039aa5f617a51cc98a094721
[BSP] b4fe96067e3c605bceeffb1bd20d8dae : Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 699128 MB
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1434888192 | Size: 14775 MB


============================================
RKreport_DEL_07142014_184529.log - RKreport_SCN_07132014_170147.log - RKreport_SCN_07142014_184328.log - RKreport_SCN_07142014_190106.log


  • 0

Advertisements


#17
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry that RK is causing so much trouble. Let's leave it for now and move on to the other scans.


  • 0

#18
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Looks ugly to me...report after OTL Run/Fix...on to zoek

 

 

 

Error: Unable to interpret <OTL logfile created on: 7/15/2014 7:03:18 PM - Run 5> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\owner\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.11.9600.17207)> in the current context!
Error: Unable to interpret <Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <5.89 Gb Total Physical Memory | 3.84 Gb Available Physical Memory | 65.26% Memory free> in the current context!
Error: Unable to interpret <11.78 Gb Paging File | 9.67 Gb Available in Paging File | 82.07% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 682.74 Gb Total Space | 620.38 Gb Free Space | 90.87% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2014/07/12 20:06:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe> in the current context!
Error: Unable to interpret <PRC - [2014/06/13 15:20:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe> in the current context!
Error: Unable to interpret <PRC - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe> in the current context!
Error: Unable to interpret <PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe> in the current context!
Error: Unable to interpret <PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe> in the current context!
Error: Unable to interpret <PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2014/06/13 15:20:44 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll> in the current context!
Error: Unable to interpret <MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)> in the current context!
Error: Unable to interpret <SRV - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe -- (N360)> in the current context!
Error: Unable to interpret <SRV - [2014/06/13 15:20:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)> in the current context!
Error: Unable to interpret <SRV - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)> in the current context!
Error: Unable to interpret <SRV - [2013/11/28 17:12:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)> in the current context!
Error: Unable to interpret <SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)> in the current context!
Error: Unable to interpret <SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)> in the current context!
Error: Unable to interpret <SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)> in the current context!
Error: Unable to interpret <SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)> in the current context!
Error: Unable to interpret <SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®> in the current context!
Error: Unable to interpret <SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)> in the current context!
Error: Unable to interpret <SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - [2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2014/03/04 00:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys -- (SymEFA)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2014/02/20 19:14:34 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys -- (ccSet_N360)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2014/02/17 21:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys -- (SymNetS)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2014/02/12 21:59:49 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys -- (SRTSP)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/10/30 03:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys -- (SymDS)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/10/30 02:48:51 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys -- (SymIRON)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/10/30 02:32:37 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys -- (SRTSPX)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/05/29 11:06:34 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/05/23 08:39:23 | 000,041,032 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2013/04/15 22:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/20 05:11:58 | 000,258,848 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/20 05:11:58 | 000,086,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/20 05:11:58 | 000,061,216 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/12 20:19:38 | 000,082,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)> in the current context!
Error: Unable to interpret <DRV - [2014/07/11 17:22:18 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20140714.001\IDSviA64.sys -- (IDSVia64)> in the current context!
Error: Unable to interpret <DRV - [2014/07/10 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140714.002\ex64.sys -- (NAVEX15)> in the current context!
Error: Unable to interpret <DRV - [2014/07/10 01:00:00 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)> in the current context!
Error: Unable to interpret <DRV - [2014/07/10 01:00:00 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)> in the current context!
Error: Unable to interpret <DRV - [2014/07/10 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140714.002\eng64.sys -- (NAVENG)> in the current context!
Error: Unable to interpret <DRV - [2014/07/03 17:17:17 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140703.001\BHDrvx64.sys -- (BHDrvx64)> in the current context!
Error: Unable to interpret <DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {A38B9178-817C-4704-97DE-9299CC519752}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{A38B9178-817C-4704-97DE-9299CC519752}: "URL" = http://www.google.co...sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO_enUS507> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se....ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Amazon.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Amazon.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://search.yahoo....x/?fr=sfp-yff25"> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.type: 0> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014/07/11 18:42:35 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn\ [2014/07/15 19:00:39 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2013/11/28 17:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions> in the current context!
Error: Unable to interpret <[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}> in the current context!
Error: Unable to interpret <[2014/06/13 15:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions> in the current context!
Error: Unable to interpret <[2014/06/13 15:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}> in the current context!
Error: Unable to interpret <[2014/06/13 15:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions> in the current context!
Error: Unable to interpret <[2014/06/13 15:20:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2013/05/27 18:16:59 | 000,447,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    008i.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    010402.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.10sek.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    10sek.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.1-2005-search.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    1-2005-search.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1    www.123fporn.info> in the current context!
Error: Unable to interpret <O1 - Hosts: 15354 more lines...> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)> in the current context!
Error: Unable to interpret <O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28270AC4-B16B-45F1-81E0-BA4AF7273AD6}: DhcpNameServer = 192.168.0.1> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlpg - No CLSID value found> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (ጦ)> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (潔瑰蝁Ȱᜄጔ)> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (ꅘܫᦐȰ恐ፊ撰ᆹ)> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (蓁Ȱᜄጔ)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2014/07/13 17:30:46 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\Gmer> in the current context!
Error: Unable to interpret <[2014/07/13 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller> in the current context!
Error: Unable to interpret <[2014/07/13 16:45:56 | 000,000,000 | ---D | C] -- C:\_OTL> in the current context!
Error: Unable to interpret <[2014/07/12 18:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 001,148,120 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,875,736 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,593,112 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:40 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM.sys> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1504000.00D> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360> in the current context!
Error: Unable to interpret <[2014/07/11 17:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\VS Revo Group> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:40 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\windows\SysNative\drivers\revoflt.sys> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group> in the current context!
Error: Unable to interpret <[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group> in the current context!
Error: Unable to interpret <[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller> in the current context!
Error: Unable to interpret <[2014/07/11 17:15:44 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\revosetup.exe> in the current context!
Error: Unable to interpret <[2014/07/11 17:11:23 | 000,000,000 | ---D | C] -- C:\windows\pss> in the current context!
Error: Unable to interpret <[2014/07/11 16:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro> in the current context!
Error: Unable to interpret <[2014/07/11 16:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro> in the current context!
Error: Unable to interpret <[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP> in the current context!
Error: Unable to interpret <[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses> in the current context!
Error: Unable to interpret <[2014/07/11 15:56:50 | 000,041,032 | ---- | C] (ThreatTrack Security) -- C:\windows\SysNative\drivers\gfiark.sys> in the current context!
Error: Unable to interpret <[2014/07/11 15:51:41 | 000,000,000 | R--D | C] -- C:\Users\owner\My SpeedyBackup SyncFolder> in the current context!
Error: Unable to interpret <[2014/07/11 15:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software> in the current context!
Error: Unable to interpret <[2014/07/11 15:50:49 | 000,061,216 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\sbhips.sys> in the current context!
Error: Unable to interpret <[2014/07/11 15:50:41 | 000,258,848 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFw.sys> in the current context!
Error: Unable to interpret <[2014/07/11 15:50:41 | 000,120,064 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFwIm.sys> in the current context!
Error: Unable to interpret <[2014/07/11 15:43:10 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\LogMeIn Rescue Applet> in the current context!
Error: Unable to interpret <[2014/07/11 14:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SparkTrust> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:49 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:49 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:43 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:43 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:22 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:21 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:17 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:17 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:17 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll> in the current context!
Error: Unable to interpret <[2014/07/09 19:02:15 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe> in the current context!
Error: Unable to interpret <[2014/07/09 18:55:55 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll> in the current context!
Error: Unable to interpret <[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:36 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1ce4f575a8ab0d1.job> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:36 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:36 | 000,000,474 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:33 | 000,000,552 | ---- | M] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2014/07/15 18:58:06 | 448,237,567 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2014/07/14 19:13:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2014/07/14 18:58:02 | 000,030,312 | ---- | M] () -- C:\windows\SysNative\drivers\TrueSight.sys> in the current context!
Error: Unable to interpret <[2014/07/14 18:32:56 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2014/07/14 18:26:10 | 000,001,216 | ---- | M] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk> in the current context!
Error: Unable to interpret <[2014/07/13 18:00:00 | 000,000,464 | ---- | M] () -- C:\windows\tasks\SparkTrust Registration3.job> in the current context!
Error: Unable to interpret <[2014/07/13 17:30:29 | 000,001,453 | ---- | M] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk> in the current context!
Error: Unable to interpret <[2014/07/12 19:39:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job> in the current context!
Error: Unable to interpret <[2014/07/11 18:42:04 | 002,121,736 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:48 | 000,002,406 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 18:40:42 | 000,001,315 | ---- | M] () -- C:\Users\owner\Desktop\Norton Installation Files.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:42 | 000,001,112 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 17:33:30 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3.job> in the current context!
Error: Unable to interpret <[2014/07/11 17:19:49 | 000,001,279 | ---- | M] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 16:06:40 | 000,007,620 | ---- | M] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg> in the current context!
Error: Unable to interpret <[2014/07/09 19:12:47 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2014/07/05 14:58:48 | 000,001,126 | ---- | M] () -- C:\Users\owner\Desktop\20140523-001-v5i64 - Shortcut.lnk> in the current context!
Error: Unable to interpret <[2014/07/01 05:23:42 | 000,040,105 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003> in the current context!
Error: Unable to interpret <[2014/06/27 01:55:25 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini> in the current context!
Error: Unable to interpret <[2014/06/18 21:06:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:42:57 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:42:49 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:41:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:41:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:31:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:26:41 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:24:30 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe> in the current context!
Error: Unable to interpret <[2014/06/18 20:23:53 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll> in the current context!
Error: Unable to interpret <[2014/06/18 20:14:28 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe> in the current context!
Error: Unable to interpret <[2014/06/18 20:09:47 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:59:04 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:53:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:51:38 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:50:47 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:48:44 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe> in the current context!
Error: Unable to interpret <[2014/06/18 19:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:33:07 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:27:45 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:27:07 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2014/06/18 19:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2014/06/18 19:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll> in the current context!
Error: Unable to interpret <[2014/06/18 19:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll> in the current context!
Error: Unable to interpret <[2014/06/18 18:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2014/06/18 18:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll> in the current context!
Error: Unable to interpret <[2014/06/18 18:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2014/06/18 18:15:24 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll> in the current context!
Error: Unable to interpret <[2014/06/18 18:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll> in the current context!
Error: Unable to interpret <[2014/06/17 22:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe> in the current context!
Error: Unable to interpret <[2014/06/17 21:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe> in the current context!
Error: Unable to interpret <[2014/06/16 19:56:00 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2014/06/16 19:56:00 | 000,650,892 | ---- | M] () -- C:\windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2014/06/16 19:56:00 | 000,118,628 | ---- | M] () -- C:\windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2014/07/14 18:26:10 | 000,001,216 | ---- | C] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk> in the current context!
Error: Unable to interpret <[2014/07/13 17:30:29 | 000,001,453 | ---- | C] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk> in the current context!
Error: Unable to interpret <[2014/07/13 16:54:34 | 000,030,312 | ---- | C] () -- C:\windows\SysNative\drivers\TrueSight.sys> in the current context!
Error: Unable to interpret <[2014/07/12 18:17:23 | 000,040,105 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:56 | 002,121,736 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:52 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:48 | 000,002,406 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymNet.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,001,437 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symELAM.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:16 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Iron.inf> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:15 | 000,030,068 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymVTcer.dat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,196 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnet64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\iron.cat> in the current context!
Error: Unable to interpret <[2014/07/11 18:41:14 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:42 | 000,001,112 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 17:36:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 17:19:49 | 000,001,279 | ---- | C] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk> in the current context!
Error: Unable to interpret <[2014/07/11 16:06:40 | 000,007,620 | ---- | C] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg> in the current context!
Error: Unable to interpret <[2014/07/11 15:51:22 | 000,000,552 | ---- | C] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job> in the current context!
Error: Unable to interpret <[2014/07/11 15:51:13 | 000,000,474 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job> in the current context!
Error: Unable to interpret <[2014/07/11 14:53:30 | 000,000,464 | ---- | C] () -- C:\windows\tasks\SparkTrust Registration3.job> in the current context!
Error: Unable to interpret <[2014/07/11 14:53:02 | 000,000,422 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3.job> in the current context!
Error: Unable to interpret <[2014/05/23 19:09:24 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini> in the current context!
Error: Unable to interpret <[2013/09/02 13:34:52 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dat> in the current context!
Error: Unable to interpret <[2013/02/14 22:50:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp> in the current context!
Error: Unable to interpret <[2013/02/14 22:50:02 | 000,350,795 | ---- | C] () -- C:\ProgramData\1.jpg> in the current context!
Error: Unable to interpret <[2012/10/21 14:18:07 | 000,017,408 | ---- | C] () -- C:\Users\owner\AppData\Local\WebpageIcons.db> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Free> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Free> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64> in the current context!
Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Both> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context!
Error: Unable to interpret << End of report >> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 07152014_191258
 


  • 0

#19
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Forgot to give you this....report after scan, before run/fix

 

 

OTL logfile created on: 7/15/2014 7:03:18 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.89 Gb Total Physical Memory | 3.84 Gb Available Physical Memory | 65.26% Memory free
11.78 Gb Paging File | 9.67 Gb Available in Paging File | 82.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 620.38 Gb Free Space | 90.87% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/12 20:06:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL.exe
PRC - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
PRC - [2014/06/13 15:20:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/13 15:20:44 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe -- (N360)
SRV - [2014/06/13 15:20:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/11/28 17:12:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/03/04 00:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2014/02/20 19:14:34 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2014/02/17 21:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/12 21:59:49 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/10/30 03:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/10/30 02:48:51 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/10/30 02:32:37 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/05/29 11:06:34 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2013/05/23 08:39:23 | 000,041,032 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/15 22:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012/09/20 05:11:58 | 000,258,848 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2012/09/20 05:11:58 | 000,086,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2012/09/20 05:11:58 | 000,061,216 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2012/09/12 20:19:38 | 000,082,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/07/11 17:22:18 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20140714.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/07/10 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140714.002\ex64.sys -- (NAVEX15)
DRV - [2014/07/10 01:00:00 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/07/10 01:00:00 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/07/10 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140714.002\eng64.sys -- (NAVENG)
DRV - [2014/07/03 17:17:17 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140703.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {A38B9178-817C-4704-97DE-9299CC519752}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{A38B9178-817C-4704-97DE-9299CC519752}: "URL" = http://www.google.co...1I7TSNO_enUS507
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Amazon.com"
FF - prefs.js..browser.search.selectedEngine: "Amazon.com"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo..../?fr=sfp-yff25"
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014/07/11 18:42:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn\ [2014/07/15 19:00:39 | 000,000,000 | ---D | M]
 
[2013/11/28 17:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/06/13 15:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/13 15:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/13 15:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2014/06/13 15:20:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
O1 HOSTS File: ([2013/05/27 18:16:59 | 000,447,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.123fporn.info
O1 - Hosts: 15354 more lines...
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28270AC4-B16B-45F1-81E0-BA4AF7273AD6}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ጦ)
O34 - HKLM BootExecute: (潔瑰蝁Ȱᜄጔ)
O34 - HKLM BootExecute: (ꅘܫᦐȰ恐ፊ撰ᆹ)
O34 - HKLM BootExecute: (蓁Ȱᜄጔ)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/13 17:30:46 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\Gmer
[2014/07/13 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/07/13 16:45:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/12 18:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/07/11 18:41:52 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/07/11 18:41:40 | 001,148,120 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys
[2014/07/11 18:41:40 | 000,875,736 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys
[2014/07/11 18:41:40 | 000,593,112 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys
[2014/07/11 18:41:40 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys
[2014/07/11 18:41:40 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys
[2014/07/11 18:41:40 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys
[2014/07/11 18:41:40 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys
[2014/07/11 18:41:40 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM.sys
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1504000.00D
[2014/07/11 18:41:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014/07/11 18:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2014/07/11 17:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/07/11 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/11 17:36:40 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\windows\SysNative\drivers\revoflt.sys
[2014/07/11 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/07/11 17:15:44 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\revosetup.exe
[2014/07/11 17:11:23 | 000,000,000 | ---D | C] -- C:\windows\pss
[2014/07/11 16:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/07/11 16:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/07/11 15:56:50 | 000,041,032 | ---- | C] (ThreatTrack Security) -- C:\windows\SysNative\drivers\gfiark.sys
[2014/07/11 15:51:41 | 000,000,000 | R--D | C] -- C:\Users\owner\My SpeedyBackup SyncFolder
[2014/07/11 15:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2014/07/11 15:50:49 | 000,061,216 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\sbhips.sys
[2014/07/11 15:50:41 | 000,258,848 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFw.sys
[2014/07/11 15:50:41 | 000,120,064 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFwIm.sys
[2014/07/11 15:43:10 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\LogMeIn Rescue Applet
[2014/07/11 14:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SparkTrust
[2014/07/09 19:02:49 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014/07/09 19:02:49 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014/07/09 19:02:43 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014/07/09 19:02:43 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014/07/09 19:02:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014/07/09 19:02:22 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/07/09 19:02:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/07/09 19:02:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/07/09 19:02:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/07/09 19:02:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/07/09 19:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/07/09 19:02:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/07/09 19:02:22 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/07/09 19:02:21 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/07/09 19:02:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/07/09 19:02:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/07/09 19:02:19 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/07/09 19:02:19 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/07/09 19:02:19 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/07/09 19:02:19 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/07/09 19:02:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/07/09 19:02:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/07/09 19:02:18 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/07/09 19:02:18 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/07/09 19:02:18 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/07/09 19:02:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/07/09 19:02:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/07/09 19:02:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/07/09 19:02:17 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/07/09 19:02:17 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/07/09 19:02:17 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/07/09 19:02:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/07/09 19:02:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/07/09 19:02:16 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/07/09 19:02:16 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/07/09 19:02:16 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/07/09 19:02:16 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/07/09 19:02:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/07/09 19:02:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/07/09 19:02:15 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/07/09 18:55:55 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 18:58:36 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1ce4f575a8ab0d1.job
[2014/07/15 18:58:36 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/07/15 18:58:36 | 000,000,474 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/15 18:58:33 | 000,000,552 | ---- | M] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/15 18:58:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/07/15 18:58:06 | 448,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/14 19:13:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/07/14 18:58:02 | 000,030,312 | ---- | M] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/14 18:32:56 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/14 18:26:10 | 000,001,216 | ---- | M] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 18:00:00 | 000,000,464 | ---- | M] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/13 17:30:29 | 000,001,453 | ---- | M] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/12 19:39:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/07/11 18:42:04 | 002,121,736 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:40:42 | 000,001,315 | ---- | M] () -- C:\Users\owner\Desktop\Norton Installation Files.lnk
[2014/07/11 17:36:42 | 000,001,112 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:33:30 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/07/11 17:19:49 | 000,001,279 | ---- | M] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | M] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/09 19:12:47 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/07/05 14:58:48 | 000,001,126 | ---- | M] () -- C:\Users\owner\Desktop\20140523-001-v5i64 - Shortcut.lnk
[2014/07/01 05:23:42 | 000,040,105 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/06/27 01:55:25 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/06/18 21:06:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/06/18 20:42:57 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/18 20:42:49 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/18 20:41:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/06/18 20:41:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/06/18 20:31:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/18 20:26:41 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/06/18 20:24:30 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/06/18 20:23:53 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/06/18 20:14:28 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/18 20:09:47 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/18 19:59:04 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/18 19:53:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/18 19:51:38 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/18 19:50:47 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/18 19:48:44 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/18 19:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/18 19:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/18 19:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/06/18 19:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/06/18 19:33:07 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/18 19:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/18 19:27:45 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/06/18 19:27:07 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/18 19:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/06/18 19:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/06/18 19:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/06/18 19:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/18 19:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/18 18:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/18 18:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/06/18 18:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/18 18:15:24 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/06/18 18:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/06/17 22:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014/06/17 21:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014/06/16 19:56:00 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/16 19:56:00 | 000,650,892 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/16 19:56:00 | 000,118,628 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/14 18:26:10 | 000,001,216 | ---- | C] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 17:30:29 | 000,001,453 | ---- | C] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/13 16:54:34 | 000,030,312 | ---- | C] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/12 18:17:23 | 000,040,105 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/07/11 18:41:56 | 002,121,736 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:41:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA.inf
[2014/07/11 18:41:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS.inf
[2014/07/11 18:41:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymNet.inf
[2014/07/11 18:41:16 | 000,001,437 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf
[2014/07/11 18:41:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf
[2014/07/11 18:41:16 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symELAM.inf
[2014/07/11 18:41:16 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.inf
[2014/07/11 18:41:16 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Iron.inf
[2014/07/11 18:41:15 | 000,030,068 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymVTcer.dat
[2014/07/11 18:41:14 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM64.cat
[2014/07/11 18:41:14 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.cat
[2014/07/11 18:41:14 | 000,008,196 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat
[2014/07/11 18:41:14 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnet64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat
[2014/07/11 18:41:14 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.cat
[2014/07/11 18:41:14 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\iron.cat
[2014/07/11 18:41:14 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/07/11 17:36:42 | 000,001,112 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:19:49 | 000,001,279 | ---- | C] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | C] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/11 15:51:22 | 000,000,552 | ---- | C] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/11 15:51:13 | 000,000,474 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/11 14:53:30 | 000,000,464 | ---- | C] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/11 14:53:02 | 000,000,422 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/05/23 19:09:24 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini
[2013/09/02 13:34:52 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dat
[2013/02/14 22:50:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/02/14 22:50:02 | 000,350,795 | ---- | C] () -- C:\ProgramData\1.jpg
[2012/10/21 14:18:07 | 000,017,408 | ---- | C] () -- C:\Users\owner\AppData\Local\WebpageIcons.db
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 


  • 0

#20
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

ran another scan for the  heck of it

 

OTL logfile created on: 7/15/2014 7:22:32 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.89 Gb Total Physical Memory | 3.97 Gb Available Physical Memory | 67.44% Memory free
11.78 Gb Paging File | 9.89 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 620.38 Gb Free Space | 90.87% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/12 20:06:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL.exe
PRC - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
PRC - [2014/06/13 15:20:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/13 15:20:44 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe -- (N360)
SRV - [2014/06/13 15:20:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/11/28 17:12:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/03/04 00:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2014/02/20 19:14:34 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2014/02/17 21:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/12 21:59:49 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/10/30 03:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/10/30 02:48:51 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/10/30 02:32:37 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/05/29 11:06:34 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2013/05/23 08:39:23 | 000,041,032 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/15 22:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012/09/20 05:11:58 | 000,258,848 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2012/09/20 05:11:58 | 000,086,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2012/09/20 05:11:58 | 000,061,216 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2012/09/12 20:19:38 | 000,082,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/07/11 17:22:18 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20140715.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/07/10 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140715.008\ex64.sys -- (NAVEX15)
DRV - [2014/07/10 01:00:00 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/07/10 01:00:00 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/07/10 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140715.008\eng64.sys -- (NAVENG)
DRV - [2014/07/03 17:17:17 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140703.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {A38B9178-817C-4704-97DE-9299CC519752}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{A38B9178-817C-4704-97DE-9299CC519752}: "URL" = http://www.google.co...1I7TSNO_enUS507
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Amazon.com"
FF - prefs.js..browser.search.selectedEngine: "Amazon.com"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo..../?fr=sfp-yff25"
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014/07/11 18:42:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn\ [2014/07/15 19:00:39 | 000,000,000 | ---D | M]
 
[2013/11/28 17:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/06/13 15:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/13 15:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/13 15:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2014/06/13 15:20:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
O1 HOSTS File: ([2013/05/27 18:16:59 | 000,447,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.123fporn.info
O1 - Hosts: 15354 more lines...
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28270AC4-B16B-45F1-81E0-BA4AF7273AD6}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ጦ)
O34 - HKLM BootExecute: (潔瑰蝁Ȱᜄጔ)
O34 - HKLM BootExecute: (ꅘܫᦐȰ恐ፊ撰ᆹ)
O34 - HKLM BootExecute: (蓁Ȱᜄጔ)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/13 17:30:46 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\Gmer
[2014/07/13 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/07/13 16:45:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/12 18:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/07/11 18:41:52 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/07/11 18:41:40 | 001,148,120 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys
[2014/07/11 18:41:40 | 000,875,736 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys
[2014/07/11 18:41:40 | 000,593,112 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys
[2014/07/11 18:41:40 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys
[2014/07/11 18:41:40 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys
[2014/07/11 18:41:40 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys
[2014/07/11 18:41:40 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys
[2014/07/11 18:41:40 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM.sys
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1504000.00D
[2014/07/11 18:41:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014/07/11 18:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2014/07/11 17:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/07/11 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/11 17:36:40 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\windows\SysNative\drivers\revoflt.sys
[2014/07/11 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/07/11 17:15:44 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\revosetup.exe
[2014/07/11 17:11:23 | 000,000,000 | ---D | C] -- C:\windows\pss
[2014/07/11 16:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/07/11 16:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/07/11 15:56:50 | 000,041,032 | ---- | C] (ThreatTrack Security) -- C:\windows\SysNative\drivers\gfiark.sys
[2014/07/11 15:51:41 | 000,000,000 | R--D | C] -- C:\Users\owner\My SpeedyBackup SyncFolder
[2014/07/11 15:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2014/07/11 15:50:49 | 000,061,216 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\sbhips.sys
[2014/07/11 15:50:41 | 000,258,848 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFw.sys
[2014/07/11 15:50:41 | 000,120,064 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFwIm.sys
[2014/07/11 15:43:10 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\LogMeIn Rescue Applet
[2014/07/11 14:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SparkTrust
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/15 19:13:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 18:58:36 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1ce4f575a8ab0d1.job
[2014/07/15 18:58:36 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/07/15 18:58:36 | 000,000,474 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/15 18:58:33 | 000,000,552 | ---- | M] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/15 18:58:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/07/15 18:58:06 | 448,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/14 18:58:02 | 000,030,312 | ---- | M] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/14 18:32:56 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/14 18:26:10 | 000,001,216 | ---- | M] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 18:00:00 | 000,000,464 | ---- | M] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/13 17:30:29 | 000,001,453 | ---- | M] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/12 19:39:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/07/11 18:42:04 | 002,121,736 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:40:42 | 000,001,315 | ---- | M] () -- C:\Users\owner\Desktop\Norton Installation Files.lnk
[2014/07/11 17:36:42 | 000,001,112 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:33:30 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/07/11 17:19:49 | 000,001,279 | ---- | M] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | M] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/09 19:12:47 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/07/05 14:58:48 | 000,001,126 | ---- | M] () -- C:\Users\owner\Desktop\20140523-001-v5i64 - Shortcut.lnk
[2014/07/01 05:23:42 | 000,040,105 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/06/27 01:55:25 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/06/16 19:56:00 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/16 19:56:00 | 000,650,892 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/16 19:56:00 | 000,118,628 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/14 18:26:10 | 000,001,216 | ---- | C] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 17:30:29 | 000,001,453 | ---- | C] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/13 16:54:34 | 000,030,312 | ---- | C] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/12 18:17:23 | 000,040,105 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/07/11 18:41:56 | 002,121,736 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:41:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA.inf
[2014/07/11 18:41:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS.inf
[2014/07/11 18:41:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymNet.inf
[2014/07/11 18:41:16 | 000,001,437 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf
[2014/07/11 18:41:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf
[2014/07/11 18:41:16 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symELAM.inf
[2014/07/11 18:41:16 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.inf
[2014/07/11 18:41:16 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Iron.inf
[2014/07/11 18:41:15 | 000,030,068 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymVTcer.dat
[2014/07/11 18:41:14 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM64.cat
[2014/07/11 18:41:14 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.cat
[2014/07/11 18:41:14 | 000,008,196 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat
[2014/07/11 18:41:14 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnet64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat
[2014/07/11 18:41:14 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.cat
[2014/07/11 18:41:14 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\iron.cat
[2014/07/11 18:41:14 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/07/11 17:36:42 | 000,001,112 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:19:49 | 000,001,279 | ---- | C] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | C] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/11 15:51:22 | 000,000,552 | ---- | C] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/11 15:51:13 | 000,000,474 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/11 14:53:30 | 000,000,464 | ---- | C] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/11 14:53:02 | 000,000,422 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/05/23 19:09:24 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini
[2013/09/02 13:34:52 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dat
[2013/02/14 22:50:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/02/14 22:50:02 | 000,350,795 | ---- | C] () -- C:\ProgramData\1.jpg
[2012/10/21 14:18:07 | 000,017,408 | ---- | C] () -- C:\Users\owner\AppData\Local\WebpageIcons.db
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/23 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\DriverCure
[2014/05/22 19:16:59 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\iolo
[2013/12/07 21:10:27 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ioloGovernor
[2013/07/31 18:17:58 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Leadertech
[2014/07/11 15:53:01 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\OnlineVault
[2012/11/19 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\PCPowerSpeed
[2013/01/19 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\sMedio
[2014/05/23 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\SparkTrust
[2013/07/31 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Toshiba
[2012/10/20 16:26:00 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

#21
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

and another run/fix

 

OTL logfile created on: 7/15/2014 7:22:32 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.89 Gb Total Physical Memory | 3.97 Gb Available Physical Memory | 67.44% Memory free
11.78 Gb Paging File | 9.89 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 620.38 Gb Free Space | 90.87% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/12 20:06:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL.exe
PRC - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
PRC - [2014/06/13 15:20:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/13 15:20:44 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/06/27 01:44:06 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe -- (N360)
SRV - [2014/06/13 15:20:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/30 10:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/11/28 17:12:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/03/04 00:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2014/02/20 19:14:34 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2014/02/17 21:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/12 21:59:49 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/10/30 03:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/10/30 02:48:51 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/10/30 02:32:37 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/05/29 11:06:34 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2013/05/23 08:39:23 | 000,041,032 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/15 22:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012/09/20 05:11:58 | 000,258,848 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2012/09/20 05:11:58 | 000,086,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2012/09/20 05:11:58 | 000,061,216 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2012/09/12 20:19:38 | 000,082,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2012/09/12 20:19:34 | 000,120,064 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2012/07/26 10:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/07/11 17:22:18 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20140715.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/07/10 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140715.008\ex64.sys -- (NAVEX15)
DRV - [2014/07/10 01:00:00 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/07/10 01:00:00 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/07/10 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140715.008\eng64.sys -- (NAVENG)
DRV - [2014/07/03 17:17:17 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140703.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {A38B9178-817C-4704-97DE-9299CC519752}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{A38B9178-817C-4704-97DE-9299CC519752}: "URL" = http://www.google.co...1I7TSNO_enUS507
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Amazon.com"
FF - prefs.js..browser.search.selectedEngine: "Amazon.com"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo..../?fr=sfp-yff25"
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014/07/11 18:42:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn\ [2014/07/15 19:00:39 | 000,000,000 | ---D | M]
 
[2013/11/28 17:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions
[2014/06/10 17:58:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\imt0iusk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/06/13 15:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/13 15:20:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/13 15:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2014/06/13 15:20:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
O1 HOSTS File: ([2013/05/27 18:16:59 | 000,447,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.123fporn.info
O1 - Hosts: 15354 more lines...
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\CoIEPlg.dll (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28270AC4-B16B-45F1-81E0-BA4AF7273AD6}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ጦ)
O34 - HKLM BootExecute: (潔瑰蝁Ȱᜄጔ)
O34 - HKLM BootExecute: (ꅘܫᦐȰ恐ፊ撰ᆹ)
O34 - HKLM BootExecute: (蓁Ȱᜄጔ)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/13 17:30:46 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\Gmer
[2014/07/13 16:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/07/13 16:45:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/12 18:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/07/11 18:41:52 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/07/11 18:41:40 | 001,148,120 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.sys
[2014/07/11 18:41:40 | 000,875,736 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys
[2014/07/11 18:41:40 | 000,593,112 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnets.sys
[2014/07/11 18:41:40 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.sys
[2014/07/11 18:41:40 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Ironx64.sys
[2014/07/11 18:41:40 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.sys
[2014/07/11 18:41:40 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys
[2014/07/11 18:41:40 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM.sys
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64
[2014/07/11 18:41:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1504000.00D
[2014/07/11 18:41:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014/07/11 18:41:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2014/07/11 17:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/07/11 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/11 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/11 17:36:40 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\windows\SysNative\drivers\revoflt.sys
[2014/07/11 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/07/11 17:19:49 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/07/11 17:15:44 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\revosetup.exe
[2014/07/11 17:11:23 | 000,000,000 | ---D | C] -- C:\windows\pss
[2014/07/11 16:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/07/11 16:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/07/11 16:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/07/11 15:56:50 | 000,041,032 | ---- | C] (ThreatTrack Security) -- C:\windows\SysNative\drivers\gfiark.sys
[2014/07/11 15:51:41 | 000,000,000 | R--D | C] -- C:\Users\owner\My SpeedyBackup SyncFolder
[2014/07/11 15:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2014/07/11 15:50:49 | 000,061,216 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\sbhips.sys
[2014/07/11 15:50:41 | 000,258,848 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFw.sys
[2014/07/11 15:50:41 | 000,120,064 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\SbFwIm.sys
[2014/07/11 15:43:10 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\LogMeIn Rescue Applet
[2014/07/11 14:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SparkTrust
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/15 19:13:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 19:06:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 18:58:36 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1ce4f575a8ab0d1.job
[2014/07/15 18:58:36 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/07/15 18:58:36 | 000,000,474 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/15 18:58:33 | 000,000,552 | ---- | M] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/15 18:58:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/07/15 18:58:06 | 448,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/14 18:58:02 | 000,030,312 | ---- | M] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/14 18:32:56 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/14 18:26:10 | 000,001,216 | ---- | M] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 18:00:00 | 000,000,464 | ---- | M] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/13 17:30:29 | 000,001,453 | ---- | M] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/12 19:39:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/07/11 18:42:04 | 002,121,736 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/07/11 18:41:52 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:40:42 | 000,001,315 | ---- | M] () -- C:\Users\owner\Desktop\Norton Installation Files.lnk
[2014/07/11 17:36:42 | 000,001,112 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:33:30 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/07/11 17:19:49 | 000,001,279 | ---- | M] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | M] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/09 19:12:47 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/07/05 14:58:48 | 000,001,126 | ---- | M] () -- C:\Users\owner\Desktop\20140523-001-v5i64 - Shortcut.lnk
[2014/07/01 05:23:42 | 000,040,105 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/06/27 01:55:25 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/06/16 19:56:00 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/16 19:56:00 | 000,650,892 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/16 19:56:00 | 000,118,628 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/14 18:26:10 | 000,001,216 | ---- | C] () -- C:\Users\owner\Desktop\RogueKillerX64 - Shortcut.lnk
[2014/07/13 17:30:29 | 000,001,453 | ---- | C] () -- C:\Users\owner\Desktop\mqhgmwg0 - Shortcut.lnk
[2014/07/13 16:54:34 | 000,030,312 | ---- | C] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2014/07/12 18:17:23 | 000,040,105 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\VT20140701.003
[2014/07/11 18:41:56 | 002,121,736 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014/07/11 18:41:52 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/07/11 18:41:52 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/07/11 18:41:48 | 000,002,406 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/07/11 18:41:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA.inf
[2014/07/11 18:41:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS.inf
[2014/07/11 18:41:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymNet.inf
[2014/07/11 18:41:16 | 000,001,437 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf
[2014/07/11 18:41:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf
[2014/07/11 18:41:16 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symELAM.inf
[2014/07/11 18:41:16 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.inf
[2014/07/11 18:41:16 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\Iron.inf
[2014/07/11 18:41:15 | 000,030,068 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymVTcer.dat
[2014/07/11 18:41:14 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymELAM64.cat
[2014/07/11 18:41:14 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\ccSetx64.cat
[2014/07/11 18:41:14 | 000,008,196 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat
[2014/07/11 18:41:14 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymEFA64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\symnet64.cat
[2014/07/11 18:41:14 | 000,008,192 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat
[2014/07/11 18:41:14 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\SymDS64.cat
[2014/07/11 18:41:14 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\iron.cat
[2014/07/11 18:41:14 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014/07/11 17:36:42 | 000,001,112 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/11 17:36:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/11 17:19:49 | 000,001,279 | ---- | C] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
[2014/07/11 16:06:40 | 000,007,620 | ---- | C] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
[2014/07/11 15:51:22 | 000,000,552 | ---- | C] () -- C:\windows\tasks\SparkTrust AntiVirus Startup.job
[2014/07/11 15:51:13 | 000,000,474 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3 Startup Task.job
[2014/07/11 14:53:30 | 000,000,464 | ---- | C] () -- C:\windows\tasks\SparkTrust Registration3.job
[2014/07/11 14:53:02 | 000,000,422 | ---- | C] () -- C:\windows\tasks\SparkTrust Update Version3.job
[2014/05/23 19:09:24 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini
[2013/09/02 13:34:52 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dat
[2013/02/14 22:50:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/02/14 22:50:02 | 000,350,795 | ---- | C] () -- C:\ProgramData\1.jpg
[2012/10/21 14:18:07 | 000,017,408 | ---- | C] () -- C:\Users\owner\AppData\Local\WebpageIcons.db
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/23 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\DriverCure
[2014/05/22 19:16:59 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\iolo
[2013/12/07 21:10:27 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ioloGovernor
[2013/07/31 18:17:58 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Leadertech
[2014/07/11 15:53:01 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\OnlineVault
[2012/11/19 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\PCPowerSpeed
[2013/01/19 12:02:52 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\sMedio
[2014/05/23 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\SparkTrust
[2013/07/31 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Toshiba
[2012/10/20 16:26:00 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

#22
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

One more try on the OTL fix. Locate a file called hofner.txt  Double click it and it should open in Notepad. Do a "select all", Copy, then Paste it into the OTL fix section as you've done before and Click Run Fix.

 

The issue is embeded line feeds. I think by my doing this in a Text file, we should be able to eliminate that.

 

After it's done with the Fix, post the Moved Files log as you did before.

Attached Files


  • 0

#23
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Hey there.  Where'd you come from?  Zoek just finished, rebooted...I've got the report for you.  Going to the Hofner file and OTL next.


  • 0

#24
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

whoops

 

Zoek.exe v5.0.0.0 Updated 15-07-2014
Tool run by owner on Tue 07/15/2014 at 19:42:09.44.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\owner\Downloads\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

7/15/2014 7:52:09 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3199016441-4099478238-2613309327-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM48A3.tmp deleted
C:\PROGRA~2\Inbox Toolbar deleted
C:\PROGRA~2\PCPowerSpeed deleted
C:\Users\owner\AppData\Roaming\PCPowerSpeed deleted
C:\Users\owner\AppData\Roaming\DriverCure deleted
C:\PROGRA~3\SpeedyPC Software deleted
C:\PROGRA~3\Uniblue deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\owner\Searches deleted
C:\windows\wininit.ini deleted
"C:\windows\Installer\e2791.msi" deleted
"C:\windows\Installer\1e22a.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn" [07/15/2014 07:36 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\imt0iusk.default
- Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\imt0iusk.default
EE8D96E7899D12FC3AA5DB2034C0853C    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll -    Shockwave Flash
ADC539F67D3198679F480974EE203678    - C:\windows\SysWOW64\npDeployJava1.dll -    Java Deployment Toolkit 7.0.210.11
15E298B5EC5B89C5994A59863969D9FF    - C:\windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


==== Deleted Firefox Extensions ======================

C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\imt0iusk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx[06/26/2014 06:22 AM]
nppllibpnmahfaklnpggkibhkapjkeob - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://start.toshiba.com/?cid=C001B2Y"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft..../?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{A38B9178-817C-4704-97DE-9299CC519752}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE11SR"
{A38B9178-817C-4704-97DE-9299CC519752} Google  Url="http://www.google.co...I7TSNO_enUS507"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\24BD3C721C9A44B41A463948D961D021 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{27C3DB42-A9C1-4B44-A164-93849D160D12} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\24BD3C721C9A44B41A463948D961D021 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=91 folders=24 9248256 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\owner\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\owner\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 07/15/2014 at 20:37:39.34 ======================
 


  • 0

#25
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

rut-ro   Pasted hofner.txt   OTL now appears to be locked up.  Bottom of its screen says "Processing 034-HKLM Boot execute and the following report...am I supposed to reboot?

 

:Commands
[createrestorepoint]

:OTL
PRC - [2014/07/13 17:27:15 | 000,380,416 | ---- | M] () -- C:\Users\owner\Downloads\mqhgmwg0.exe
MOD - [2014/07/13 17:27:15 | 000,380,416 | ---- | M] () -- C:\Users\owner\Downloads\mqhgmwg0.exe
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKCU\..\SearchScopes,DefaultScope = {A38B9178-817C-4704-97DE-9299CC519752}
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28270AC4-B16B-45F1-81E0-BA4AF7273AD6}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O34 - HKLM BootExecute: (?)
O34 - HKLM BootExecute: (??????)
O34 - HKLM BootExecute: (????????)
O34 - HKLM BootExecute: (????)
[2014/07/11 15:51:41 | 000,000,000 | R--D | C] -- C:\Users\owner\My SpeedyBackup SyncFolder
[2014/07/11 15:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013/02/14 22:50:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/02/14 22:50:02 | 000,350,795 | ---- | C] () -- C:\ProgramData\1.jpg

:Files
C:\Users\owner\Downloads\mqhgmwg0.exe

:commands
[resethosts]
[emptytemp]
[reboot]


  • 0

Advertisements


#26
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

wait...that's the text file isn't it?   So OTL is just locked.


  • 0

#27
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Oh well, seeya next time.  I'm gonna try to run OTL again.  What have I got to lose?


  • 0

#28
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Looking what you posted, it appears like you're pasting the results of a scan into OTL and pressing scan. That's not what needs to be done.

Reboot the machine.
Open the fix in Notepad ( it has to be Notepad). Select the entire fix and Copy it.
Start OTL and Paste the fix into the area that says Custom Scans/fixes.
Press the Run Fix button. (Make sure you don't press the Run Scan or any other button.
When OTL finishes locate the Moved File log and post it for me
  • 0

#29
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I can't believe I just lost what I was typing to you.   Norton is telling me to ignore the warning....wanna hear the details?   I may have had you chasing a ghost.


  • 0

#30
hofner

hofner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I was able to get into the "view details" of the popup. 

Activity:  an intrusion attempt by 67.63.55.3 was blocked.  Recommended Action: None 

Network traffic from masters79.org/task/2/ matched the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\SVCHOST.EXE   To stop being notified click on stop notification. 

I can only get into view details when I click on the first popup after a reboot. After that it goes into hiding as the dashboard does.

Attacking computer 67.63.55.3     URL   masters79 as above,    Destination address  OWNER-PC (192.168.0.100.494936)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP