Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Omiga Plus malware [Closed]

Started by Vandaliser , Jul 20 2014 01:56 AM

  • This topic is locked This topic is locked

#1
Vandaliser
Posted 20 July 2014 - 01:56 AM

Vandaliser

    New Member

  • Member
  • Pip
  • 3 posts

My laptop appears to be infected with this now. All browser windows open ads, etc.

 

Omiga-plus has become the new homepage, and it looks like  a Google Search engine page. Ads are mostly about fixing the computer and malware, but there are others that seem more commercial. Nothing will close, just navigate to other unwanted places.

 

Geeks to Go won't work on the infected computer. Apart from opening and being able to read the site. An account can't be generated there. Well, it seems to generate one, but you can never log into it. I had to create an account on a clean computer and use it to download the OTL program onto a removable drive. I could then scan the infected computer with the OTL file from this drive.

 

I'm not sure, but I believe the infection was acquired from downloading a tv show. The person doing it can't recall what site it actually came from. Ironically the show played in the end. I suspect multiple sites were tried to download the show before I arrived. Sorry that I can't pinpoint the source any closer than that.

 

The OTL scan created two files. One was called "OTL" the other one "Extras". As per the instructions, below is the Notepad contents of "OTL".

 

 

 

 

OTL logfile created on: 20/07/2014 7:25:39 p.m. - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
 
7.91 Gb Total Physical Memory | 5.79 Gb Available Physical Memory | 73.16% Memory free
15.91 Gb Paging File | 12.91 Gb Available in Paging File | 81.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.20 Gb Total Space | 636.40 Gb Free Space | 92.61% Space Free | Partition Type: NTFS
Drive D: | 7.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 29.42 Gb Total Space | 26.04 Gb Free Space | 88.50% Space Free | Partition Type: FAT32
 
Computer Name: MARKPC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/20 19:22:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2014/07/19 21:32:06 | 000,321,824 | ---- | M] () -- C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
PRC - [2014/07/19 20:34:54 | 003,427,208 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe
PRC - [2014/07/19 20:34:50 | 000,732,040 | ---- | M] () -- C:\Program Files (x86)\SupTab\HpUI.exe
PRC - [2014/07/19 20:34:39 | 000,535,936 | ---- | M] (Fuyu LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
PRC - [2014/07/19 20:07:16 | 000,321,824 | ---- | M] () -- C:\Program Files (x86)\WebSpades\updateWebSpades.exe
PRC - [2014/07/18 13:15:32 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
PRC - [2014/07/16 11:16:28 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\SupTab\Loader32.exe
PRC - [2014/03/27 00:13:44 | 000,227,904 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2014/02/22 20:00:27 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2014/01/17 20:02:24 | 001,339,392 | ---- | M] () -- C:\WinBoard-4.7.3\WinBoard\winboard.exe
PRC - [2014/01/04 17:05:04 | 000,202,192 | ---- | M] (APN LLC.) -- C:\Users\Mark\AppData\Local\VNT\vntldr.exe
PRC - [2014/01/04 17:05:04 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2014/01/04 17:04:55 | 001,778,640 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/12/21 18:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/12 12:05:24 | 000,296,520 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
PRC - [2013/09/04 12:52:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/09/04 12:52:14 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/09/04 12:52:14 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/08/29 00:16:16 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/08/29 00:15:40 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/19 20:34:55 | 000,093,576 | ---- | M] () -- C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
MOD - [2014/07/19 20:34:50 | 000,732,040 | ---- | M] () -- C:\Program Files (x86)\SupTab\HpUI.exe
MOD - [2014/07/18 13:15:32 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
MOD - [2014/07/16 11:16:28 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\SupTab\Loader32.exe
MOD - [2014/02/12 19:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 19:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/17 20:02:24 | 001,339,392 | ---- | M] () -- C:\WinBoard-4.7.3\WinBoard\winboard.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/12 11:30:28 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/06 23:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/03 14:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/24 14:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 14:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 18:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 17:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 19:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/23 03:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 21:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 21:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 21:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 21:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 21:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 19:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 16:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/05 09:20:16 | 000,466,504 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2013/08/23 00:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 23:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 23:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 23:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 23:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 23:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 22:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 22:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 21:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 21:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 21:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 21:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 21:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 21:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 21:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 21:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/10 13:18:58 | 000,328,544 | ---- | M] (Toshiba Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2013/08/01 08:15:06 | 000,053,864 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2013/07/17 13:34:02 | 000,216,976 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe -- (THAccelSvc)
SRV:64bit: - [2013/05/12 13:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/12 13:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/29 10:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/07/19 21:32:06 | 000,321,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe -- (Util WebSpades)
SRV - [2014/07/19 20:34:54 | 003,427,208 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014/07/19 20:34:39 | 000,535,936 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
SRV - [2014/07/19 20:31:05 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/07/19 20:31:05 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/07/19 20:07:16 | 000,321,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WebSpades\updateWebSpades.exe -- (Update WebSpades)
SRV - [2014/06/18 22:27:00 | 000,036,424 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/03/27 00:13:44 | 000,227,904 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/03/14 18:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/04 17:05:04 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/12/21 18:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 08:54:38 | 000,019,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe -- (dts_apo_service)
SRV - [2013/09/04 12:52:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/04 12:52:14 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/09/04 12:52:14 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/08/31 13:03:40 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/29 00:15:40 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/08/23 00:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 22:03:34 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/08/22 15:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 14:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/02 18:31:10 | 004,278,112 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/10/13 05:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/14 16:40:28 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys -- ({ed7eb956-75ed-460d-8f69-29a93b07afd1}w64)
DRV:64bit: - [2014/05/02 01:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/01 18:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/24 14:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 14:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 14:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 15:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/14 00:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/09 08:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/09 08:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/23 04:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/23 03:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/23 03:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/23 03:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/23 03:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/23 03:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/23 00:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/05 06:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/11 14:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 23:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/11/01 02:22:28 | 000,027,032 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2013/10/26 13:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/06 03:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/15 02:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/04 12:52:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/27 07:41:14 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/08/27 07:37:33 | 004,166,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/24 04:12:46 | 000,524,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/24 04:12:44 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/23 10:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/23 10:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/23 07:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/23 07:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/23 01:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/23 01:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/23 00:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/23 00:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/23 00:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/23 00:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/23 00:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/23 00:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/23 00:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/23 00:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/23 00:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/23 00:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/23 00:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/23 00:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/23 00:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/23 00:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/23 00:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/23 00:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/23 00:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/23 00:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/23 00:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/23 00:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/23 00:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/23 00:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/23 00:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/23 00:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/23 00:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/23 00:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/23 00:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 23:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 23:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 23:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 23:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 23:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 23:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 23:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 23:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 23:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 23:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 23:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 23:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 23:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 23:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 23:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 23:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 23:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 23:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 23:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 23:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 23:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 23:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 21:59:58 | 000,590,024 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/08/22 20:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/21 10:42:44 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2013/08/20 08:32:10 | 000,032,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2013/08/16 16:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/15 21:13:32 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2013/08/13 11:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 23:36:28 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/10 12:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 10:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/07/31 06:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/30 13:24:22 | 000,150,104 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NARAx64\0405000.009\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2013/07/26 07:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/19 08:55:44 | 000,130,248 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/07/09 06:37:41 | 003,344,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/03/26 15:01:16 | 000,110,976 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\THAccel.sys -- (THAccel)
DRV:64bit: - [2013/03/18 15:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/25 20:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2012/07/22 11:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012/06/19 06:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6F41EDE7-5263-43E0-8386-4786C0F57E84}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE:64bit: - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
IE - HKLM\..\SearchScopes\{6F41EDE7-5263-43E0-8386-4786C0F57E84}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.mytoshiba.com.au/start [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKCU\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
IE - HKCU\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2013/11/15 02:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Vuze Toolbar = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahofmdcaffnndamijbbpdndopepgb\30.1_0\
CHR - Extension: Google Docs = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Quick start = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.1_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/23 01:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TheHDvid-Codec V10) - {11111111-1111-1111-1111-110611111180} - C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho64.dll (home)
O2 - BHO: (TheHDvid-Codec V10) - {11111111-1111-1111-1111-110611111180} - C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho.dll (home)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Surftastic) - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [TSSSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe (APN LLC.)
O4 - Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.20.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82FAC35F-A170-46F0-BB28-E403D52049B0}: DhcpNameServer = 192.168.20.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/19 21:33:15 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
[2014/07/19 20:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/07/19 20:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/07/19 20:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/19 20:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/19 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/07/19 20:35:03 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/07/19 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/07/19 20:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/19 20:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/19 20:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/19 20:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSpades
[2014/07/19 20:31:06 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\globalUpdate
[2014/07/19 20:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/07/19 20:31:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TheHDvid-Codec V10
[2014/07/19 20:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2014/07/19 20:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2014/07/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Various
[2014/07/18 14:20:46 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Pics
[2014/07/12 13:26:14 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Sexy Cath
[2014/07/11 22:01:57 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\WinZip
[2014/07/11 18:11:36 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\DeadImposter's Pictures - Wireclub_files
[2014/07/10 17:16:22 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/20 19:24:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/19 21:31:09 | 000,001,510 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-7.job
[2014/07/19 21:31:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/19 20:36:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/19 20:36:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/07/19 20:35:20 | 000,001,992 | ---- | M] () -- C:\Users\Mark\Desktop\Sync Folder.lnk
[2014/07/19 20:35:05 | 000,001,120 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/07/19 20:35:05 | 000,001,110 | ---- | M] () -- C:\Users\Mark\Desktop\MyPC Backup.lnk
[2014/07/19 20:33:54 | 000,002,522 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/07/19 20:33:54 | 000,002,426 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/07/19 20:33:54 | 000,001,671 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/19 20:31:36 | 000,001,478 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5_user.job
[2014/07/19 20:31:35 | 000,001,456 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5.job
[2014/07/19 20:31:28 | 000,001,350 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-2.job
[2014/07/19 20:31:25 | 000,001,578 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-1.job
[2014/07/19 20:31:23 | 000,002,254 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-4.job
[2014/07/19 20:31:16 | 000,001,582 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-6.job
[2014/07/19 20:31:12 | 000,003,818 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-11.job
[2014/07/19 20:31:08 | 000,002,448 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-3.job
[2014/07/19 20:30:41 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\HDVidCodec.lnk
[2014/07/15 22:31:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/15 14:29:08 | 000,047,779 | ---- | M] () -- C:\Users\Mark\Documents\20140103_130834.jpg
[2014/07/14 16:40:28 | 000,061,120 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
[2014/07/14 00:32:55 | 000,007,634 | ---- | M] () -- C:\Users\Mark\Documents\20140620_172331.jpg
[2014/07/12 22:30:01 | 000,477,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/12 22:29:47 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/12 22:29:40 | 2503,180,287 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/12 22:20:21 | 000,013,185 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.trn
[2014/07/12 22:20:21 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.trn
[2014/07/12 22:20:21 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.trn
[2014/07/12 22:20:21 | 000,003,682 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.sco
[2014/07/12 22:20:21 | 000,002,426 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.trn
[2014/07/12 22:20:21 | 000,002,082 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.sco
[2014/07/12 22:20:21 | 000,002,020 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.trn
[2014/07/12 22:20:21 | 000,001,876 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,001,596 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School King and Rook vs King Tournament.ini
[2014/07/12 22:20:21 | 000,001,559 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.ini
[2014/07/12 22:20:21 | 000,001,406 | ---- | M] () -- C:\Users\Mark\Documents\QMC Pawn Promotion Tournament.ini
[2014/07/12 22:20:21 | 000,001,398 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.ini
[2014/07/12 22:20:21 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\SWIS Term Two Tournament.sco
[2014/07/12 22:20:21 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.sco
[2014/07/12 22:20:21 | 000,001,147 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Queen vs Pawns Tournament.ini
[2014/07/12 22:20:21 | 000,001,134 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.ini
[2014/07/12 22:20:21 | 000,000,821 | ---- | M] () -- C:\Users\Mark\Documents\SWIS Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Thorndon After School Champs 1.sco
[2014/07/12 22:20:21 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.sco
[2014/07/12 22:20:21 | 000,000,724 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.ini
[2014/07/12 22:20:21 | 000,000,703 | ---- | M] () -- C:\Users\Mark\Documents\Thorndon After School Champs 1.ini
[2014/07/12 22:20:21 | 000,000,663 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,000,646 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.ini
[2014/07/11 22:16:08 | 000,042,956 | ---- | M] () -- C:\Users\Mark\Documents\20140103_214835.jpg
[2014/07/11 22:08:17 | 000,043,823 | ---- | M] () -- C:\Users\Mark\Documents\20120602_192411.jpg
[2014/07/11 22:08:09 | 000,043,402 | ---- | M] () -- C:\Users\Mark\Documents\20120602_192420.jpg
[2014/07/11 22:07:42 | 000,051,152 | ---- | M] () -- C:\Users\Mark\Documents\20120718_201605.jpg
[2014/07/11 22:06:27 | 000,176,693 | ---- | M] () -- C:\Users\Mark\Documents\20121028_135004.jpg
[2014/07/11 22:05:37 | 000,038,322 | ---- | M] () -- C:\Users\Mark\Documents\20121128_164446.jpg
[2014/07/11 22:04:23 | 000,058,976 | ---- | M] () -- C:\Users\Mark\Documents\20130401_141837.jpg
[2014/07/11 22:04:10 | 000,058,487 | ---- | M] () -- C:\Users\Mark\Documents\20130401_141935.jpg
[2014/07/11 22:04:01 | 000,098,114 | ---- | M] () -- C:\Users\Mark\Documents\20130401_141946.jpg
[2014/07/11 22:03:41 | 000,114,698 | ---- | M] () -- C:\Users\Mark\Documents\20130614_144523-1.jpg
[2014/07/11 22:03:19 | 000,121,993 | ---- | M] () -- C:\Users\Mark\Documents\20130709_111119.jpg
[2014/07/11 21:58:19 | 000,047,363 | ---- | M] () -- C:\Users\Mark\Documents\20131009_102711.jpg
[2014/07/11 21:58:08 | 000,053,735 | ---- | M] () -- C:\Users\Mark\Documents\20131017_140701.jpg
[2014/07/11 21:57:54 | 000,051,576 | ---- | M] () -- C:\Users\Mark\Documents\20131024_075735.jpg
[2014/07/11 21:57:40 | 000,053,601 | ---- | M] () -- C:\Users\Mark\Documents\20131024_075735-1.jpg
[2014/07/11 21:56:46 | 000,036,173 | ---- | M] () -- C:\Users\Mark\Documents\20131116_201551.jpg
[2014/07/11 21:56:38 | 000,037,406 | ---- | M] () -- C:\Users\Mark\Documents\20131116_201559.jpg
[2014/07/11 21:54:29 | 000,028,251 | ---- | M] () -- C:\Users\Mark\Documents\20131204_194909.jpg
[2014/07/11 21:54:10 | 000,067,822 | ---- | M] () -- C:\Users\Mark\Documents\20131211_181959.jpg
[2014/07/11 21:53:48 | 000,064,147 | ---- | M] () -- C:\Users\Mark\Documents\20131217_163954.jpg
[2014/07/11 21:53:26 | 000,097,313 | ---- | M] () -- C:\Users\Mark\Documents\20131228_110700.jpg
[2014/07/11 21:53:07 | 000,104,783 | ---- | M] () -- C:\Users\Mark\Documents\20131228_134801.jpg
[2014/07/11 21:52:59 | 000,109,624 | ---- | M] () -- C:\Users\Mark\Documents\20131228_134921.jpg
[2014/07/11 21:51:16 | 000,034,156 | ---- | M] () -- C:\Users\Mark\Documents\20140108_140010.jpg
[2014/07/11 21:51:08 | 000,034,657 | ---- | M] () -- C:\Users\Mark\Documents\20140108_140022.jpg
[2014/07/11 21:50:58 | 000,058,935 | ---- | M] () -- C:\Users\Mark\Documents\20140108_140844.jpg
[2014/07/11 21:48:37 | 000,037,599 | ---- | M] () -- C:\Users\Mark\Documents\20140516_234024.jpg
[2014/07/11 18:11:36 | 000,072,954 | ---- | M] () -- C:\Users\Mark\Documents\DeadImposter's Pictures - Wireclub.htm
[2014/07/10 23:06:25 | 000,106,578 | ---- | M] () -- C:\Users\Mark\Documents\Smurf.jpg
[2014/07/05 00:24:49 | 000,019,875 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (8).jpg
[2014/07/05 00:24:39 | 000,023,782 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (7).jpg
[2014/07/05 00:24:28 | 000,023,793 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (6).jpg
[2014/07/05 00:24:17 | 000,021,254 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (5).jpg
[2014/07/05 00:15:58 | 000,035,191 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (4).jpg
[2014/07/05 00:14:48 | 000,050,777 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (3).jpg
[2014/07/05 00:14:03 | 000,035,470 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (2).jpg
[2014/07/03 17:22:23 | 000,002,434 | ---- | M] () -- C:\Users\Mark\Documents\van der Hoorn Cup.sco
[2014/07/03 17:22:23 | 000,001,083 | ---- | M] () -- C:\Users\Mark\Documents\van der Hoorn Cup.ini
[2014/07/02 23:44:57 | 003,249,657 | ---- | M] () -- C:\Users\Mark\Documents\P1100902.JPG
[2014/07/02 23:44:40 | 000,026,528 | ---- | M] () -- C:\Users\Mark\Documents\unnamed (1).jpg
[2014/07/02 23:44:26 | 000,033,444 | ---- | M] () -- C:\Users\Mark\Documents\unnamed.jpg
[2014/07/02 23:44:09 | 001,021,921 | ---- | M] () -- C:\Users\Mark\Documents\P1100879.JPG
[2014/07/02 23:43:54 | 001,017,015 | ---- | M] () -- C:\Users\Mark\Documents\P1100875.JPG
[2014/07/02 11:17:36 | 000,003,727 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School Term Two Tournament Draw and Cross Table.htm
[2014/07/01 07:48:14 | 000,007,714 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.sco
[2014/07/01 07:48:14 | 000,000,630 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.ini
[2014/06/30 15:34:33 | 000,000,877 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.ini
[2014/06/30 15:34:31 | 000,000,707 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn King and Queen vs King Tournament.ini
[2014/06/30 15:34:30 | 000,001,720 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.ini
[2014/06/30 15:34:29 | 000,003,554 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.sco
[2014/06/30 15:34:29 | 000,001,197 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.ini
[2014/06/29 23:59:05 | 000,004,659 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.trn
[2014/06/29 23:59:05 | 000,001,282 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.sco
[2014/06/29 23:59:05 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn King and Queen vs King Tournament.sco
[2014/06/29 23:59:01 | 000,002,903 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament Draw and Cross Table.htm
[2014/06/29 23:58:36 | 000,003,842 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.sco
[2014/06/29 23:57:47 | 000,002,971 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.htm
[2014/06/27 18:02:23 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/27 18:02:23 | 000,735,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/27 18:02:23 | 000,139,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/26 22:05:02 | 000,279,661 | ---- | M] () -- C:\Users\Mark\Documents\screaming-scarecrow.png
[2014/06/26 12:48:40 | 000,000,336 | ---- | M] () -- C:\Users\Mark\Documents\Middle School Queen and King vs King Tournament.ini
[2014/06/24 15:14:05 | 000,005,471 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.trn
[2014/06/24 15:14:05 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\QMC Pawn Promotion Tournament.sco
[2014/06/24 15:14:03 | 000,004,162 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.sco
[2014/06/24 15:14:03 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.trn
[2014/06/24 12:52:34 | 000,005,268 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.trn
[2014/06/23 15:33:48 | 000,001,138 | ---- | M] () -- C:\Users\Mark\Documents\Wellesley Year Four Pawn vs Pawn Tournament.ini
[2014/06/23 15:33:47 | 000,000,591 | ---- | M] () -- C:\Users\Mark\Documents\Scots King and Rook vs King.ini
[2014/06/23 15:33:45 | 000,005,877 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.trn
[2014/06/20 20:19:17 | 000,001,817 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn King and Queen vs King Tournament.trn
 
========== Files Created - No Company Name ==========
 
[2014/07/19 20:35:20 | 000,001,992 | ---- | C] () -- C:\Users\Mark\Desktop\Sync Folder.lnk
[2014/07/19 20:35:05 | 000,001,120 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/07/19 20:35:05 | 000,001,110 | ---- | C] () -- C:\Users\Mark\Desktop\MyPC Backup.lnk
[2014/07/19 20:31:35 | 000,001,478 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5_user.job
[2014/07/19 20:31:34 | 000,001,456 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5.job
[2014/07/19 20:31:27 | 000,001,350 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-2.job
[2014/07/19 20:31:25 | 000,001,578 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-1.job
[2014/07/19 20:31:22 | 000,002,254 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-4.job
[2014/07/19 20:31:16 | 000,001,510 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-7.job
[2014/07/19 20:31:15 | 000,001,582 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-6.job
[2014/07/19 20:31:11 | 000,003,818 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-11.job
[2014/07/19 20:31:09 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/19 20:31:08 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/07/19 20:31:07 | 000,002,448 | ---- | C] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-3.job
[2014/07/19 20:30:41 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\HDVidCodec.lnk
[2014/07/15 14:29:07 | 000,047,779 | ---- | C] () -- C:\Users\Mark\Documents\20140103_130834.jpg
[2014/07/14 00:32:55 | 000,007,634 | ---- | C] () -- C:\Users\Mark\Documents\20140620_172331.jpg
[2014/07/11 22:16:08 | 000,042,956 | ---- | C] () -- C:\Users\Mark\Documents\20140103_214835.jpg
[2014/07/11 22:08:16 | 000,043,823 | ---- | C] () -- C:\Users\Mark\Documents\20120602_192411.jpg
[2014/07/11 22:08:09 | 000,043,402 | ---- | C] () -- C:\Users\Mark\Documents\20120602_192420.jpg
[2014/07/11 22:07:41 | 000,051,152 | ---- | C] () -- C:\Users\Mark\Documents\20120718_201605.jpg
[2014/07/11 22:06:27 | 000,176,693 | ---- | C] () -- C:\Users\Mark\Documents\20121028_135004.jpg
[2014/07/11 22:05:37 | 000,038,322 | ---- | C] () -- C:\Users\Mark\Documents\20121128_164446.jpg
[2014/07/11 22:04:22 | 000,058,976 | ---- | C] () -- C:\Users\Mark\Documents\20130401_141837.jpg
[2014/07/11 22:04:10 | 000,058,487 | ---- | C] () -- C:\Users\Mark\Documents\20130401_141935.jpg
[2014/07/11 22:04:01 | 000,098,114 | ---- | C] () -- C:\Users\Mark\Documents\20130401_141946.jpg
[2014/07/11 22:03:41 | 000,114,698 | ---- | C] () -- C:\Users\Mark\Documents\20130614_144523-1.jpg
[2014/07/11 22:03:19 | 000,121,993 | ---- | C] () -- C:\Users\Mark\Documents\20130709_111119.jpg
[2014/07/11 21:58:19 | 000,047,363 | ---- | C] () -- C:\Users\Mark\Documents\20131009_102711.jpg
[2014/07/11 21:58:07 | 000,053,735 | ---- | C] () -- C:\Users\Mark\Documents\20131017_140701.jpg
[2014/07/11 21:57:54 | 000,051,576 | ---- | C] () -- C:\Users\Mark\Documents\20131024_075735.jpg
[2014/07/11 21:57:39 | 000,053,601 | ---- | C] () -- C:\Users\Mark\Documents\20131024_075735-1.jpg
[2014/07/11 21:56:46 | 000,036,173 | ---- | C] () -- C:\Users\Mark\Documents\20131116_201551.jpg
[2014/07/11 21:56:38 | 000,037,406 | ---- | C] () -- C:\Users\Mark\Documents\20131116_201559.jpg
[2014/07/11 21:54:28 | 000,028,251 | ---- | C] () -- C:\Users\Mark\Documents\20131204_194909.jpg
[2014/07/11 21:54:09 | 000,067,822 | ---- | C] () -- C:\Users\Mark\Documents\20131211_181959.jpg
[2014/07/11 21:53:48 | 000,064,147 | ---- | C] () -- C:\Users\Mark\Documents\20131217_163954.jpg
[2014/07/11 21:53:26 | 000,097,313 | ---- | C] () -- C:\Users\Mark\Documents\20131228_110700.jpg
[2014/07/11 21:53:07 | 000,104,783 | ---- | C] () -- C:\Users\Mark\Documents\20131228_134801.jpg
[2014/07/11 21:52:57 | 000,109,624 | ---- | C] () -- C:\Users\Mark\Documents\20131228_134921.jpg
[2014/07/11 21:51:16 | 000,034,156 | ---- | C] () -- C:\Users\Mark\Documents\20140108_140010.jpg
[2014/07/11 21:51:08 | 000,034,657 | ---- | C] () -- C:\Users\Mark\Documents\20140108_140022.jpg
[2014/07/11 21:50:58 | 000,058,935 | ---- | C] () -- C:\Users\Mark\Documents\20140108_140844.jpg
[2014/07/11 21:48:36 | 000,037,599 | ---- | C] () -- C:\Users\Mark\Documents\20140516_234024.jpg
[2014/07/11 18:11:35 | 000,072,954 | ---- | C] () -- C:\Users\Mark\Documents\DeadImposter's Pictures - Wireclub.htm
[2014/07/10 23:06:23 | 000,106,578 | ---- | C] () -- C:\Users\Mark\Documents\Smurf.jpg
[2014/07/05 00:24:48 | 000,019,875 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (8).jpg
[2014/07/05 00:24:38 | 000,023,782 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (7).jpg
[2014/07/05 00:24:27 | 000,023,793 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (6).jpg
[2014/07/05 00:24:17 | 000,021,254 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (5).jpg
[2014/07/05 00:15:57 | 000,035,191 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (4).jpg
[2014/07/05 00:14:48 | 000,050,777 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (3).jpg
[2014/07/05 00:14:02 | 000,035,470 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (2).jpg
[2014/07/04 12:52:08 | 000,000,802 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.sco
[2014/07/04 12:51:09 | 000,000,724 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.ini
[2014/07/04 12:50:49 | 000,002,020 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.trn
[2014/07/03 18:52:10 | 000,003,682 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.sco
[2014/07/03 13:55:53 | 000,001,559 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.ini
[2014/07/03 13:55:49 | 000,013,185 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.trn
[2014/07/02 23:44:56 | 003,249,657 | ---- | C] () -- C:\Users\Mark\Documents\P1100902.JPG
[2014/07/02 23:44:40 | 000,026,528 | ---- | C] () -- C:\Users\Mark\Documents\unnamed (1).jpg
[2014/07/02 23:44:26 | 000,033,444 | ---- | C] () -- C:\Users\Mark\Documents\unnamed.jpg
[2014/07/02 23:44:08 | 001,021,921 | ---- | C] () -- C:\Users\Mark\Documents\P1100879.JPG
[2014/07/02 23:43:53 | 001,017,015 | ---- | C] () -- C:\Users\Mark\Documents\P1100875.JPG
[2014/07/02 09:25:17 | 000,001,134 | ---- | C] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.ini
[2014/07/02 09:25:06 | 000,003,847 | ---- | C] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.trn
[2014/07/01 07:57:13 | 000,001,218 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.sco
[2014/07/01 07:49:39 | 000,001,398 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.ini
[2014/07/01 07:49:24 | 000,002,426 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.trn
[2014/06/26 22:05:00 | 000,279,661 | ---- | C] () -- C:\Users\Mark\Documents\screaming-scarecrow.png
[2014/06/26 12:56:24 | 000,001,282 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.sco
[2014/06/26 12:50:53 | 000,000,877 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.ini
[2014/06/26 12:50:35 | 000,004,659 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.trn
[2014/06/24 13:39:54 | 000,004,162 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.sco
[2014/06/24 13:28:25 | 000,000,646 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.ini
[2014/06/24 13:28:24 | 000,003,847 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.trn
[2014/04/30 09:05:48 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/19 08:59:23 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/01/05 17:34:10 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/27 07:37:10 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/08/27 07:37:02 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/08/27 07:37:01 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/23 03:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/23 03:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/23 02:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 19:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 15:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 11:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 11:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/12 13:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2014/07/19 20:35:12 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/07 04:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/07 03:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 21:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 14:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 21:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/05 13:20:05 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Azureus
[2014/02/22 17:12:00 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\sMedio
[2014/03/06 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Mark\OneDrive:ms-properties
 
< End of report >
 

 


  • 0

Advertisements

#2
Essexboy
Posted 20 July 2014 - 01:54 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, you appear to have a tad more than Iomega.... So lets get you cleaned up

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF

:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014/07/19 21:32:06 | 000,321,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe -- (Util WebSpades)
SRV - [2014/07/19 20:34:54 | 003,427,208 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014/07/19 20:34:39 | 000,535,936 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)
SRV - [2014/07/19 20:31:05 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/07/19 20:31:05 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/07/19 20:07:16 | 000,321,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\WebSpades\updateWebSpades.exe -- (Update WebSpades)
SRV - [2014/06/18 22:27:00 | 000,036,424 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/01/04 17:05:04 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
DRV:64bit: - [2014/07/14 16:40:28 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys -- ({ed7eb956-75ed-460d-8f69-29a93b07afd1}w64)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...A4YTXXZ3DGCA4YT
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga...q={searchTerms}
O2:64bit: - BHO: (TheHDvid-Codec V10) - {11111111-1111-1111-1111-110611111180} - C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho64.dll (home)
O2 - BHO: (TheHDvid-Codec V10) - {11111111-1111-1111-1111-110611111180} - C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho.dll (home)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Surftastic) - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe (APN LLC.)
O4 - Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
[2014/07/19 21:33:15 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
[2014/07/19 20:35:03 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/07/19 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/07/19 20:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/19 20:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/19 20:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/19 20:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSpades
[2014/07/19 20:31:06 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\globalUpdate
[2014/07/19 20:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/07/19 20:31:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TheHDvid-Codec V10
[2014/07/19 20:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2014/07/19 20:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2014/07/19 21:31:09 | 000,001,510 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-7.job
[2014/07/19 20:35:05 | 000,001,120 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/07/19 20:35:05 | 000,001,110 | ---- | M] () -- C:\Users\Mark\Desktop\MyPC Backup.lnk
[2014/07/19 20:31:36 | 000,001,478 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5_user.job
[2014/07/19 20:31:35 | 000,001,456 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-5.job
[2014/07/19 20:31:28 | 000,001,350 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-2.job
[2014/07/19 20:31:25 | 000,001,578 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-1.job
[2014/07/19 20:31:23 | 000,002,254 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-4.job
[2014/07/19 20:31:16 | 000,001,582 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-6.job
[2014/07/19 20:31:12 | 000,003,818 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-11.job
[2014/07/19 20:31:08 | 000,002,448 | ---- | M] () -- C:\Windows\tasks\475883e6-be17-4a73-9009-f5d946a84ab8-3.job
[2014/07/19 20:30:41 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\HDVidCodec.lnk

:Files
C:\Program Files (x86)\WebSpades
C:\ProgramData\IePluginServices
C:\Program Files (x86)\SupTab
C:\Users\Mark\AppData\Local\VNT
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\WindowsMangerProtect
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\MyPC Backup
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahofmdcaffnndamijbbpdndopepgb
C:\Program Files (x86)\Surftastic

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#3
Vandaliser
Posted 20 July 2014 - 06:34 PM

Vandaliser

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hi Essexboy,

 

thanks for the clear instructions.

 

Here is the log produced after the OTL Quick Scan:

 

OTL logfile created on: 21/07/2014 12:00:00 p.m. - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
 
7.91 Gb Total Physical Memory | 6.50 Gb Available Physical Memory | 82.19% Memory free
9.16 Gb Paging File | 7.80 Gb Available in Paging File | 85.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.20 Gb Total Space | 644.47 Gb Free Space | 93.78% Space Free | Partition Type: NTFS
Drive D: | 7.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 29.42 Gb Total Space | 25.93 Gb Free Space | 88.11% Space Free | Partition Type: FAT32
 
Computer Name: MARKPC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/20 19:22:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2014/03/27 00:13:44 | 000,227,904 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013/12/21 18:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/12 12:05:24 | 000,296,520 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
PRC - [2013/09/04 12:52:56 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/09/04 12:52:14 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/09/04 12:52:14 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/08/29 00:16:16 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/08/29 00:15:40 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/02/12 19:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 19:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/12 11:30:28 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/06 23:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/03 14:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/24 14:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 14:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 18:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 17:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 19:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/23 03:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 21:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 21:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 21:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 21:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 21:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 19:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 16:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/05 09:20:16 | 000,466,504 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2013/08/23 00:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 23:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 23:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 23:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 23:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 23:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 22:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 22:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 22:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 21:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 21:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 21:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 21:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 21:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 21:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 21:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 21:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/10 13:18:58 | 000,328,544 | ---- | M] (Toshiba Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2013/08/01 08:15:06 | 000,053,864 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2013/07/17 13:34:02 | 000,216,976 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe -- (THAccelSvc)
SRV:64bit: - [2013/05/12 13:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/12 13:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/29 10:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/03/27 00:13:44 | 000,227,904 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/03/14 18:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/12/21 18:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 08:54:38 | 000,019,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe -- (dts_apo_service)
SRV - [2013/09/04 12:52:56 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/04 12:52:14 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/09/04 12:52:14 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/08/31 13:03:40 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/29 00:15:40 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/08/23 00:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 22:03:34 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/08/22 15:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 14:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/02 18:31:10 | 004,278,112 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/10/13 05:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/02 01:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/01 18:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/24 14:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 14:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 14:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 15:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/14 00:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/09 08:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/09 08:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/23 04:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/23 03:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/23 03:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/23 03:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/23 03:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/23 03:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/23 00:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/05 06:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/11 14:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 23:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/11/01 02:22:28 | 000,027,032 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2013/10/26 13:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/06 03:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/15 02:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/04 12:52:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/27 07:41:14 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/08/27 07:37:33 | 004,166,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/24 04:12:46 | 000,524,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/24 04:12:44 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/23 10:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/23 10:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/23 07:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/23 07:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/23 01:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/23 01:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/23 00:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/23 00:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/23 00:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/23 00:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/23 00:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/23 00:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/23 00:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/23 00:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/23 00:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/23 00:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/23 00:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/23 00:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/23 00:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/23 00:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/23 00:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/23 00:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/23 00:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/23 00:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/23 00:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/23 00:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/23 00:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/23 00:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/23 00:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/23 00:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/23 00:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/23 00:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/23 00:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 23:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 23:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 23:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 23:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 23:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 23:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 23:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 23:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 23:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 23:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 23:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 23:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 23:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 23:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 23:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 23:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 23:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 23:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 23:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 23:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 23:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 23:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 21:59:58 | 000,590,024 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/08/22 20:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/21 10:42:44 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2013/08/20 08:32:10 | 000,032,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2013/08/16 16:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/15 21:13:32 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2013/08/13 11:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 23:36:28 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/10 12:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 10:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/07/31 06:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/30 13:24:22 | 000,150,104 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NARAx64\0405000.009\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2013/07/26 07:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/19 08:55:44 | 000,130,248 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/07/09 06:37:41 | 003,344,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/03/26 15:01:16 | 000,110,976 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\THAccel.sys -- (THAccel)
DRV:64bit: - [2013/03/18 15:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/25 20:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2012/07/22 11:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012/06/19 06:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{6F41EDE7-5263-43E0-8386-4786C0F57E84}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE:64bit: - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{6F41EDE7-5263-43E0-8386-4786C0F57E84}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.mytoshiba.com.au/start [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.mytoshiba.com.au/start [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE - HKCU\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...=IE11TR&pc=TAJB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2013/11/15 02:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Quick start = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.1_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/07/21 11:26:55 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [TSSSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe (TOSHIBA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.20.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82FAC35F-A170-46F0-BB28-E403D52049B0}: DhcpNameServer = 192.168.20.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/19 20:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/07/19 20:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/07/19 20:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/19 20:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/19 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/07/11 22:01:57 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\WinZip
[2014/07/10 17:16:22 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/21 11:58:29 | 000,002,426 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/07/21 11:58:28 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/21 11:58:28 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/07/21 11:45:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/21 11:43:04 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/21 11:42:58 | 2503,180,287 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/21 11:31:18 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/21 11:26:55 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/07/19 20:36:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/19 20:35:20 | 000,001,992 | ---- | M] () -- C:\Users\Mark\Desktop\Sync Folder.lnk
[2014/07/19 20:33:54 | 000,002,522 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/07/19 20:33:54 | 000,001,671 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/12 22:30:01 | 000,477,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/12 22:20:21 | 000,013,185 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.trn
[2014/07/12 22:20:21 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.trn
[2014/07/12 22:20:21 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.trn
[2014/07/12 22:20:21 | 000,003,682 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.sco
[2014/07/12 22:20:21 | 000,002,426 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.trn
[2014/07/12 22:20:21 | 000,002,082 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.sco
[2014/07/12 22:20:21 | 000,002,020 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.trn
[2014/07/12 22:20:21 | 000,001,876 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,001,596 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School King and Rook vs King Tournament.ini
[2014/07/12 22:20:21 | 000,001,559 | ---- | M] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.ini
[2014/07/12 22:20:21 | 000,001,406 | ---- | M] () -- C:\Users\Mark\Documents\QMC Pawn Promotion Tournament.ini
[2014/07/12 22:20:21 | 000,001,398 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.ini
[2014/07/12 22:20:21 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\SWIS Term Two Tournament.sco
[2014/07/12 22:20:21 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.sco
[2014/07/12 22:20:21 | 000,001,147 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Queen vs Pawns Tournament.ini
[2014/07/12 22:20:21 | 000,001,134 | ---- | M] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.ini
[2014/07/12 22:20:21 | 000,000,821 | ---- | M] () -- C:\Users\Mark\Documents\SWIS Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Thorndon After School Champs 1.sco
[2014/07/12 22:20:21 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.sco
[2014/07/12 22:20:21 | 000,000,724 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.ini
[2014/07/12 22:20:21 | 000,000,703 | ---- | M] () -- C:\Users\Mark\Documents\Thorndon After School Champs 1.ini
[2014/07/12 22:20:21 | 000,000,663 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Normal Term Two Tournament.ini
[2014/07/12 22:20:21 | 000,000,646 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.ini
[2014/07/03 17:22:23 | 000,002,434 | ---- | M] () -- C:\Users\Mark\Documents\van der Hoorn Cup.sco
[2014/07/03 17:22:23 | 000,001,083 | ---- | M] () -- C:\Users\Mark\Documents\van der Hoorn Cup.ini
[2014/07/02 11:17:36 | 000,003,727 | ---- | M] () -- C:\Users\Mark\Documents\Karori Normal School Term Two Tournament Draw and Cross Table.htm
[2014/07/01 07:48:14 | 000,007,714 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.sco
[2014/07/01 07:48:14 | 000,000,630 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.ini
[2014/06/30 15:34:33 | 000,000,877 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.ini
[2014/06/30 15:34:31 | 000,000,707 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn King and Queen vs King Tournament.ini
[2014/06/30 15:34:30 | 000,001,720 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.ini
[2014/06/30 15:34:29 | 000,003,554 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.sco
[2014/06/30 15:34:29 | 000,001,197 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.ini
[2014/06/29 23:59:05 | 000,004,659 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.trn
[2014/06/29 23:59:05 | 000,001,282 | ---- | M] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.sco
[2014/06/29 23:59:05 | 000,000,802 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn King and Queen vs King Tournament.sco
[2014/06/29 23:59:01 | 000,002,903 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament Draw and Cross Table.htm
[2014/06/29 23:58:36 | 000,003,842 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.sco
[2014/06/29 23:57:47 | 000,002,971 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.htm
[2014/06/27 18:02:23 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/27 18:02:23 | 000,735,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/27 18:02:23 | 000,139,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/26 22:05:02 | 000,279,661 | ---- | M] () -- C:\Users\Mark\Documents\screaming-scarecrow.png
[2014/06/26 12:48:40 | 000,000,336 | ---- | M] () -- C:\Users\Mark\Documents\Middle School Queen and King vs King Tournament.ini
[2014/06/24 15:14:05 | 000,005,471 | ---- | M] () -- C:\Users\Mark\Documents\Scots College Pawn Promotion Tournament 2014.trn
[2014/06/24 15:14:05 | 000,001,218 | ---- | M] () -- C:\Users\Mark\Documents\QMC Pawn Promotion Tournament.sco
[2014/06/24 15:14:03 | 000,004,162 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.sco
[2014/06/24 15:14:03 | 000,003,847 | ---- | M] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.trn
[2014/06/24 12:52:34 | 000,005,268 | ---- | M] () -- C:\Users\Mark\Documents\Scots Term Two Tournament.trn
[2014/06/23 15:33:48 | 000,001,138 | ---- | M] () -- C:\Users\Mark\Documents\Wellesley Year Four Pawn vs Pawn Tournament.ini
[2014/06/23 15:33:47 | 000,000,591 | ---- | M] () -- C:\Users\Mark\Documents\Scots King and Rook vs King.ini
[2014/06/23 15:33:45 | 000,005,877 | ---- | M] () -- C:\Users\Mark\Documents\Term Two Tournament.trn
 
========== Files Created - No Company Name ==========
 
[2014/07/19 20:35:20 | 000,001,992 | ---- | C] () -- C:\Users\Mark\Desktop\Sync Folder.lnk
[2014/07/19 20:31:09 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/19 20:31:08 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/07/04 12:52:08 | 000,000,802 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.sco
[2014/07/04 12:51:09 | 000,000,724 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.ini
[2014/07/04 12:50:49 | 000,002,020 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Rook and King vs King Tournament 2014.trn
[2014/07/03 18:52:10 | 000,003,682 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.sco
[2014/07/03 13:55:53 | 000,001,559 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.ini
[2014/07/03 13:55:49 | 000,013,185 | ---- | C] () -- C:\Users\Mark\Documents\GKP Chess Night 2014.trn
[2014/07/02 09:25:17 | 000,001,134 | ---- | C] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.ini
[2014/07/02 09:25:06 | 000,003,847 | ---- | C] () -- C:\Users\Mark\Documents\GKP Miramar Wednesday Class Pawn Promotion Tournament.trn
[2014/07/01 07:57:13 | 000,001,218 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.sco
[2014/07/01 07:49:39 | 000,001,398 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.ini
[2014/07/01 07:49:24 | 000,002,426 | ---- | C] () -- C:\Users\Mark\Documents\QMC Suicide Tournament.trn
[2014/06/26 22:05:00 | 000,279,661 | ---- | C] () -- C:\Users\Mark\Documents\screaming-scarecrow.png
[2014/06/26 12:56:24 | 000,001,282 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.sco
[2014/06/26 12:50:53 | 000,000,877 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.ini
[2014/06/26 12:50:35 | 000,004,659 | ---- | C] () -- C:\Users\Mark\Documents\Middle School King and Rook vs Rook Tournament.trn
[2014/06/24 13:39:54 | 000,004,162 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.sco
[2014/06/24 13:28:25 | 000,000,646 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.ini
[2014/06/24 13:28:24 | 000,003,847 | ---- | C] () -- C:\Users\Mark\Documents\Kelburn Juniors Pawn Promotion Tournament 2014.trn
[2014/04/30 09:05:48 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/19 08:59:23 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/01/05 17:34:10 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/27 07:37:10 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/08/27 07:37:02 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/08/27 07:37:01 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/23 03:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/23 03:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/23 02:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 19:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 15:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 11:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 11:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/12 13:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2014/07/19 20:35:12 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/07 04:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/07 03:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 21:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 14:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 21:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/05 13:20:05 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Azureus
[2014/02/22 17:12:00 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\sMedio
[2014/03/06 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Mark\OneDrive:ms-properties
 
< End of report >
 
 
And here is the log file produced after running AdwCleaner:
 

# AdwCleaner v3.216 - Report created 21/07/2014 at 12:22:51
# Updated 17/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Mark - MARKPC
# Running from : C:\Users\Mark\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Registry Dr
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Users\Mark\AppData\Local\RegistryDr
Folder Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\iLivid.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\Users\Mark\Desktop\Sync Folder.lnk
File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061180.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061180.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061180.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061180.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622112280}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655115580}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666116680}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644114480}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622112280}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655115580}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666116680}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\omiga-plusSoftware
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\WebSpades
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1405758832&from=ild&uid=TOSHIBAXMQ01ABD075_Z3DGCA4YTXXZ3DGCA4YT
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
 
*************************
 
AdwCleaner[R0].txt - [7756 octets] - [21/07/2014 12:15:09]
AdwCleaner[S0].txt - [6591 octets] - [21/07/2014 12:22:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6651 octets] ##########
 
 
So far so good, :).

  • 0

#4
Essexboy
Posted 21 July 2014 - 07:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you using windows defender for your Antivirus ?

OK a final check to ensure that nothing is hiding, once done could you let me know of any outstanding problems

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#5
Essexboy
Posted 25 July 2014 - 10:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP