Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

infected again please help [Solved]


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could I have a fresh FRST scan please
  • 0

Advertisements


#17
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2014
Ran by nickf (administrator) on NICK on 04-11-2014 16:44:59
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CMS Products, Inc.) C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\WINDOWS\system32\lxebcoms.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\tgsrvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
() C:\WINDOWS\StartupMonitor.exe
() C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
() C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
(www.gmailnotifier.com) C:\Program Files\Gmail Notifier\Gmail Notifier.exe
() C:\Program Files\SpywareGuard\sgmain.exe
() C:\Program Files\SpywareGuard\sgbhp.exe
() C:\Program Files\CMS Products\BounceBack Ultimate\BBLauncher.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Run StartupMonitor] => C:\WINDOWS\StartupMonitor.exe [86016 2000-05-20] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe [148280 2010-05-05] ()
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-19\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-19\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-20\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-20\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-08] (Google Inc.)
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [Gmail Notifier.exe] => C:\Program Files\Gmail Notifier\Gmail Notifier.exe [2155008 2011-04-07] (www.gmailnotifier.com)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BounceBack Launcher.lnk
ShortcutTarget: BounceBack Launcher.lnk -> C:\Program Files\CMS Products\BounceBack Ultimate\BBStartup.exe ()
Startup: C:\Documents and Settings\nickf\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files\SpywareGuard\sgmain.exe ()
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google%20chrome/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=en&client=dell
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com"
BHO: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files\SpywareGuard\dlprotect.dll ()
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
BHO: Lexmark Printable Web -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
ShellExecuteHooks: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll [126976 2003-08-03] ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465
FF NewTab: 
FF SelectedSearchEngine: 
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\searchplugins\.xml
FF Extension: flashlightstephennolancomau - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-11-01]
FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-12]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (YouTube) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Google Search) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Google Wallet) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-09] (SUPERAntiSpyware.com)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\WINDOWS\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 BBWatcherService; C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe [65536 2010-06-14] (CMS Products, Inc.) [File not signed]
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R2 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ehRecvr; C:\WINDOWS\eHome\ehRecvr.exe [237568 2006-10-09] (Microsoft Corporation) [File not signed]
R2 ehSched; C:\WINDOWS\eHome\ehSched.exe [102912 2005-08-05] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S2 Fax; C:\WINDOWS\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation) [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S2 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-02-15] (Oracle Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S2 lxebCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxeb_device; C:\WINDOWS\system32\lxebcoms.exe [598696 2010-04-14] ( )
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [258048 2011-12-26] (Puran Software) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe [206120 2012-09-06] (SupportSoft, Inc.)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe [185640 2012-09-06] (SupportSoft, Inc.)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
R2 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 w32time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Panda Software Controller; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe" [X]
S2 PAVSRV; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) [File not signed]
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2004-08-10] (Microsoft Corporation) [File not signed]
S4 adpu160m; C:\WINDOWS\system32\DRIVERS\adpu160m.sys [101888 2001-08-17] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S4 agp440; C:\WINDOWS\system32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 agpCPQ; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [44928 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Aha154x; C:\WINDOWS\system32\DRIVERS\aha154x.sys [12800 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78u2; C:\WINDOWS\system32\DRIVERS\aic78u2.sys [55168 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78xx; C:\WINDOWS\system32\DRIVERS\aic78xx.sys [56960 2001-08-17] (Microsoft Corporation) [File not signed]
S4 AliIde; C:\WINDOWS\system32\DRIVERS\aliide.sys [5248 2001-08-17] (Acer Laboratories Inc.) [File not signed]
S4 alim1541; C:\WINDOWS\system32\DRIVERS\alim1541.sys [42752 2008-04-14] (Microsoft Corporation) [File not signed]
S4 amdagp; C:\WINDOWS\system32\DRIVERS\amdagp.sys [43008 2008-04-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AmFSM; C:\WINDOWS\System32\DRIVERS\amm8651.sys [63240 2012-03-26] (Panda Security, S.L.)
S4 amsint; C:\WINDOWS\system32\DRIVERS\amsint.sys [12032 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc; C:\WINDOWS\system32\DRIVERS\asc.sys [26496 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S4 asc3350p; C:\WINDOWS\system32\DRIVERS\asc3350p.sys [22400 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc3550; C:\WINDOWS\system32\DRIVERS\asc3550.sys [14848 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
S4 cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cd20xrnt; C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys [7680 2001-08-17] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-10] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) [File not signed]
S4 CmdIde; C:\WINDOWS\system32\DRIVERS\cmdide.sys [6656 2001-08-17] (CMD Technology, Inc.) [File not signed]
S4 Cpqarray; C:\WINDOWS\system32\DRIVERS\cpqarray.sys [14976 2001-08-17] (Microsoft Corporation) [File not signed]
S4 dac2w2k; C:\WINDOWS\system32\DRIVERS\dac2w2k.sys [179584 2001-08-17] (Mylex Corporation) [File not signed]
S4 dac960nt; C:\WINDOWS\system32\DRIVERS\dac960nt.sys [14720 2001-08-17] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-10] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dpti2o; C:\WINDOWS\system32\DRIVERS\dpti2o.sys [20192 2001-08-17] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
R3 E100B; C:\WINDOWS\System32\DRIVERS\e100b325.sys [155648 2004-10-14] (Intel Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-10] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-17] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hpn; C:\WINDOWS\system32\DRIVERS\hpn.sys [25952 2001-08-17] (Microsoft Corporation) [File not signed]
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [212224 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [1042432 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
S3 HWHandSet; C:\WINDOWS\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
R1 i2omgmt; C:\WINDOWS\system32\Drivers\i2omgmt.sys [8576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 i2omp; C:\WINDOWS\system32\DRIVERS\i2omp.sys [18560 2008-04-14] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1302812 2005-10-14] (Intel Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ini910u; C:\WINDOWS\system32\DRIVERS\ini910u.sys [16000 2001-08-17] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-10] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-01] (Malwarebytes Corporation)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [11043 2003-04-09] (Conexant) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MODEMCSA; C:\WINDOWS\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-08-17] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mraid35x; C:\WINDOWS\system32\DRIVERS\mraid35x.sys [17280 2001-08-17] (American Megatrends Inc.) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-10] (Microsoft Corporation) [File not signed]
S3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [1897408 2004-08-03] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-10] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-10] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-10] (Microsoft Corporation) [File not signed]
R0 pavboot; C:\WINDOWS\System32\Drivers\pavboot.sys [26696 2010-06-22] (Panda Security, S.L.)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
S4 perc2; C:\WINDOWS\system32\DRIVERS\perc2.sys [27296 2001-08-17] (Microsoft Corporation) [File not signed]
S4 perc2hib; C:\WINDOWS\system32\DRIVERS\perc2hib.sys [5504 2001-08-17] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-10] (Parallel Technologies, Inc.) [File not signed]
S4 ql1080; C:\WINDOWS\system32\DRIVERS\ql1080.sys [40320 2001-08-17] (QLogic Corporation) [File not signed]
S4 Ql10wnt; C:\WINDOWS\system32\DRIVERS\ql10wnt.sys [33152 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql12160; C:\WINDOWS\system32\DRIVERS\ql12160.sys [45312 2001-08-17] (QLogic Corporation) [File not signed]
S4 ql1240; C:\WINDOWS\system32\DRIVERS\ql1240.sys [40448 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql1280; C:\WINDOWS\system32\DRIVERS\ql1280.sys [49024 2001-08-17] (QLogic Corporation) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-10] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) [File not signed]
S4 sisagp; C:\WINDOWS\system32\DRIVERS\sisagp.sys [40960 2008-04-14] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Sparrow; C:\WINDOWS\system32\DRIVERS\sparrow.sys [19072 2001-08-17] (Adaptec, Inc.) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1022040 2005-08-17] (SigmaTel, Inc.) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 symc810; C:\WINDOWS\system32\DRIVERS\symc810.sys [16256 2001-08-17] (Symbios Logic Inc.) [File not signed]
S4 symc8xx; C:\WINDOWS\system32\DRIVERS\symc8xx.sys [32640 2001-08-17] (LSI Logic) [File not signed]
S4 sym_hi; C:\WINDOWS\system32\DRIVERS\sym_hi.sys [28384 2001-08-17] (LSI Logic) [File not signed]
S4 sym_u3; C:\WINDOWS\system32\DRIVERS\sym_u3.sys [30688 2001-08-17] (LSI Logic) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
S4 TosIde; C:\WINDOWS\system32\DRIVERS\toside.sys [4992 2001-08-17] (Microsoft Corporation) [File not signed]
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ultra; C:\WINDOWS\system32\DRIVERS\ultra.sys [36736 2001-08-17] (Promise Technology, Inc.) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [44032 2012-07-09] (Apple, Inc.) [File not signed]
R3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation) [File not signed]
R0 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed]
R0 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R0 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation) [File not signed]
R0 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R0 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-16] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
S4 viaagp; C:\WINDOWS\system32\DRIVERS\viaagp.sys [42240 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ViaIde; C:\WINDOWS\system32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [680704 2003-11-17] (Conexant Systems, Inc.) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 bvrp_pci; No ImagePath
S0 cfadisk; system32\DRIVERS\cmsMDrv.sys [X]
S3 FilterService; No ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
S1 MpKslfa84aa5f; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D89FD71A-C1F3-441C-BB09-304B715B019A}\MpKslfa84aa5f.sys [X]
S3 PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) [File not signed]
S3 wanatw; No ImagePath
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-04 16:44 - 2014-11-04 16:45 - 00082226 _____ () C:\Documents and Settings\nickf\Desktop\FRST.txt
2014-11-04 12:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-11-02 13:21 - 2014-11-04 16:45 - 00000000 ____D () C:\FRST
2014-11-02 13:20 - 2014-11-02 13:20 - 01106432 ____N (Farbar) C:\Documents and Settings\nickf\Desktop\FRST.exe
2014-11-01 11:13 - 2014-11-01 11:13 - 00000000 ___HD () C:\WINDOWS\PIF
2014-11-01 10:18 - 2014-11-01 10:18 - 00000000 ____D () C:\SUPERDelete
2014-10-31 15:41 - 2014-10-31 15:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DivX
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2014-10-28 22:28 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\DivX
2014-10-28 22:27 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-10-28 15:18 - 2014-11-02 13:14 - 00000000 ____D () C:\Documents and Settings\nickf\Desktop\New Folder
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\Program Files\dvdSanta
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\dvdsanta
2014-10-28 14:18 - 2014-10-28 14:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\dvdSanta
2014-10-28 14:18 - 2007-04-22 21:11 - 01216512 ____N () C:\WINDOWS\system32\xvidcore.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00237568 ____N () C:\WINDOWS\system32\xvidvfw.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00061440 ____N () C:\WINDOWS\system32\xvid.ax
2014-10-28 14:18 - 2007-04-22 21:10 - 00237568 ____N () C:\WINDOWS\system32\OggDS.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00921600 ____N () C:\WINDOWS\system32\vorbisenc.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00188416 ____N () C:\WINDOWS\system32\vorbis.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00045056 ____N () C:\WINDOWS\system32\ogg.dll
2014-10-28 14:18 - 2006-10-28 10:11 - 00516096 ____N () C:\WINDOWS\system32\ac3filter.ax
2014-10-28 14:18 - 2004-09-23 18:20 - 00290304 ____N (DivXNetworks, Inc.) C:\WINDOWS\system32\divxdec.ax
2014-10-28 14:18 - 2004-04-30 20:46 - 00028672 ____N (Cyberlink) C:\WINDOWS\system32\qtalt.ax
2014-10-28 14:18 - 2004-03-26 15:32 - 00116224 ____N (Gabest) C:\WINDOWS\system32\rmalt.ax
2014-10-28 14:18 - 2004-01-10 17:02 - 00258048 ____N (Peter Wimmer, Gabest) C:\WINDOWS\system32\GplMpgDec.ax
2014-10-28 14:02 - 2014-10-28 14:02 - 00000797 ____N () C:\graph.txt
2014-10-28 13:54 - 2014-10-28 17:12 - 00000026 ____N () C:\WINDOWS\dvdSanta.INI
2014-10-28 13:50 - 2014-10-28 13:50 - 00000000 ____D () C:\TempDVD
2014-10-28 11:49 - 2014-10-28 11:49 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Panda Security
2014-10-28 11:47 - 2012-11-16 11:08 - 00518432 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavSHook.dll
2014-10-28 11:47 - 2012-05-17 15:42 - 00087328 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavLspHook.dll
2014-10-28 11:47 - 2010-06-22 17:13 - 00026696 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\pavboot.sys
2014-10-28 11:47 - 2010-06-21 16:02 - 00193344 ____N (Panda Security, S.L.) C:\WINDOWS\system32\TpUtil.dll
2014-10-28 11:47 - 2010-06-21 16:01 - 00055616 ____N (Panda Security, S.L.) C:\WINDOWS\system32\pavipc.dll
2014-10-28 11:47 - 2007-03-15 18:38 - 00054832 ____N (Panda Software) C:\WINDOWS\system32\pavcpl.cpl
2014-10-28 11:47 - 2007-02-08 09:53 - 00107568 ____N (Panda Software) C:\WINDOWS\system32\SYSTOOLS.DLL
2014-10-28 11:47 - 2003-10-22 17:23 - 00446464 ____N (eHelp Corporation.) C:\WINDOWS\system32\HHActiveX.dll
2014-10-28 11:46 - 2014-10-28 12:09 - 00000000 ____D () C:\Program Files\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-10-28 11:46 - 2012-03-26 17:57 - 00063240 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\amm8651.sys
2014-10-12 06:53 - 2014-10-12 06:55 - 00000071 ____H () C:\Documents and Settings\nickf\My Documents\.picasa.ini
2014-10-11 10:04 - 2014-10-16 06:43 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\msgr. ryan
2014-10-11 08:47 - 2014-10-11 08:56 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris14
2014-10-11 08:46 - 2014-10-11 08:47 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-04 16:45 - 2014-07-12 11:08 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Temp
2014-11-04 16:19 - 2012-03-06 23:55 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 15:47 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Gmail Notifier
2014-11-04 15:46 - 2014-07-12 12:19 - 02053512 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-04 15:46 - 2013-04-12 19:47 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
2014-11-04 15:46 - 2012-03-07 08:32 - 00159465 _____ () C:\Documents and Settings\All Users\lxebscan.log
2014-11-04 15:45 - 2014-07-12 12:19 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-04 15:45 - 2014-07-12 12:19 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-04 15:45 - 2014-07-12 12:06 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-04 15:45 - 2012-08-30 14:34 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-11-04 15:45 - 2012-03-06 23:55 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 15:45 - 2005-08-16 05:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-04 15:44 - 2014-07-13 08:10 - 00340354 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4230650497-4285135782-2684026053-1005-0.dat
2014-11-04 15:44 - 2014-07-12 14:12 - 00340354 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-11-04 15:44 - 2014-07-12 12:23 - 00000178 ___SH () C:\Documents and Settings\nickf\ntuser.ini
2014-11-04 15:44 - 2014-07-12 12:19 - 00032480 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-04 15:44 - 2012-03-07 09:54 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-11-04 13:59 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\screen shots
2014-11-04 12:37 - 2014-07-12 10:56 - 00000000 ____D () C:\AdwCleaner
2014-11-04 12:26 - 2005-08-16 05:33 - 00606100 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-04 12:18 - 2014-07-12 12:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Temp
2014-11-01 18:12 - 2014-07-12 11:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-01 15:00 - 2014-07-14 09:05 - 00000000 ____D () C:\Documents and Settings\All Users\Lx_cats
2014-11-01 10:16 - 2014-07-12 11:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-01 08:54 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\smith lane
2014-11-01 08:47 - 2014-05-18 15:57 - 00114904 ____N (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 08:46 - 2014-07-12 11:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-01 08:46 - 2014-05-18 15:57 - 00000781 ____N () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-01 07:48 - 2014-07-12 11:06 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\xmass list
2014-10-31 11:30 - 2014-05-28 12:51 - 00000462 ____N () C:\WINDOWS\Tasks\CMS Application Updater.job
2014-10-29 18:14 - 2012-08-30 14:34 - 00000286 ____N () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-10-29 12:44 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\danas wedding
2014-10-28 19:15 - 2014-09-27 17:49 - 00021238 ____N () C:\WINDOWS\setupapi.log
2014-10-28 17:39 - 2012-03-20 20:37 - 00030208 ____N () C:\Documents and Settings\nickf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-28 17:33 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house under const
2014-10-28 14:34 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\unused
2014-10-28 12:57 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DVD Flick
2014-10-28 11:46 - 2014-07-12 11:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-27 11:34 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house finished
2014-10-23 12:52 - 2012-03-21 15:08 - 00004335 ____N () C:\Documents and Settings\All Users\lxebDiagnostics.log
2014-10-22 09:12 - 2014-07-12 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lexmark Pro200-S500 Series
2014-10-22 09:11 - 2012-03-07 08:45 - 00042774 ____N () C:\Documents and Settings\All Users\lxebJSW.log
2014-10-20 19:34 - 2014-07-14 12:10 - 00000818 ____N () C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
2014-10-20 19:34 - 2014-07-14 12:09 - 00216628 ____N () C:\WINDOWS\system32\LexFiles.ulf
2014-10-20 19:20 - 2014-07-12 11:28 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-10-20 19:19 - 2014-07-14 12:08 - 00000000 ____D () C:\Program Files\Lexmark Pro200-S500 Series
2014-10-19 11:43 - 2012-04-13 21:35 - 00000726 ____N () C:\Documents and Settings\nickf\Application Data\burnaware.ini
2014-10-17 13:40 - 2014-09-26 11:02 - 00001209 ____N () C:\WINDOWS\wmsetup.log
2014-10-15 07:39 - 2014-07-12 12:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 07:34 - 2012-03-07 01:31 - 100290944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-13 09:08 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\home depot
2014-10-12 02:21 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\receipts
2014-10-12 02:20 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\bern cemataries
2014-10-11 10:47 - 2014-08-17 07:52 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house2014
2014-10-11 10:39 - 2014-07-12 11:13 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\FFOutput
2014-10-11 09:04 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house on8-19-2012
2014-10-11 08:47 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf
2014-10-11 08:41 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\rome pics
2014-10-07 17:45 - 2012-03-09 14:58 - 00250081 ____N () C:\Documents and Settings\nickf\Desktop\address book 030702.WAB
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================

  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Does this occur in all browsers ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#19
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2014
Ran by nickf (administrator) on NICK on 06-11-2014 07:44:28
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CMS Products, Inc.) C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\WINDOWS\system32\lxebcoms.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\tgsrvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
() C:\WINDOWS\StartupMonitor.exe
() C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
(www.gmailnotifier.com) C:\Program Files\Gmail Notifier\Gmail Notifier.exe
() C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
() C:\Program Files\SpywareGuard\sgmain.exe
() C:\Program Files\SpywareGuard\sgbhp.exe
() C:\Program Files\CMS Products\BounceBack Ultimate\BBLauncher.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Run StartupMonitor] => C:\WINDOWS\StartupMonitor.exe [86016 2000-05-20] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe [148280 2010-05-05] ()
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-19\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-19\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-20\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-20\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-08] (Google Inc.)
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [Gmail Notifier.exe] => C:\Program Files\Gmail Notifier\Gmail Notifier.exe [2155008 2011-04-07] (www.gmailnotifier.com)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BounceBack Launcher.lnk
ShortcutTarget: BounceBack Launcher.lnk -> C:\Program Files\CMS Products\BounceBack Ultimate\BBStartup.exe ()
Startup: C:\Documents and Settings\nickf\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files\SpywareGuard\sgmain.exe ()
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google%20chrome/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=en&client=dell
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com"
BHO: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files\SpywareGuard\dlprotect.dll ()
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
BHO: Lexmark Printable Web -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
ShellExecuteHooks: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll [126976 2003-08-03] ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465
FF NewTab: 
FF SelectedSearchEngine: 
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\searchplugins\.xml
FF Extension: flashlightstephennolancomau - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-11-01]
FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-12]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig#
CHR Profile: C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (WOT) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-11-05]
CHR Extension: (YouTube) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-05]
CHR Extension: (Google Search) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Photo Zoom for Facebook) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-11-05]
CHR Extension: (History Eraser) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2014-11-05]
CHR Extension: (SearchPreview) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2014-11-05]
CHR Extension: (History Eraser App) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa [2014-11-05]
CHR Extension: (Autofill) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2014-11-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-09] (SUPERAntiSpyware.com)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\WINDOWS\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 BBWatcherService; C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe [65536 2010-06-14] (CMS Products, Inc.) [File not signed]
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R2 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ehRecvr; C:\WINDOWS\eHome\ehRecvr.exe [237568 2006-10-09] (Microsoft Corporation) [File not signed]
R2 ehSched; C:\WINDOWS\eHome\ehSched.exe [102912 2005-08-05] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S2 Fax; C:\WINDOWS\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation) [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S2 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-02-15] (Oracle Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S2 lxebCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxeb_device; C:\WINDOWS\system32\lxebcoms.exe [598696 2010-04-14] ( )
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [258048 2011-12-26] (Puran Software) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe [206120 2012-09-06] (SupportSoft, Inc.)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe [185640 2012-09-06] (SupportSoft, Inc.)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
R2 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 w32time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Panda Software Controller; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe" [X]
S2 PAVSRV; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) [File not signed]
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2004-08-10] (Microsoft Corporation) [File not signed]
S4 adpu160m; C:\WINDOWS\system32\DRIVERS\adpu160m.sys [101888 2001-08-17] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S4 agp440; C:\WINDOWS\system32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 agpCPQ; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [44928 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Aha154x; C:\WINDOWS\system32\DRIVERS\aha154x.sys [12800 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78u2; C:\WINDOWS\system32\DRIVERS\aic78u2.sys [55168 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78xx; C:\WINDOWS\system32\DRIVERS\aic78xx.sys [56960 2001-08-17] (Microsoft Corporation) [File not signed]
S4 AliIde; C:\WINDOWS\system32\DRIVERS\aliide.sys [5248 2001-08-17] (Acer Laboratories Inc.) [File not signed]
S4 alim1541; C:\WINDOWS\system32\DRIVERS\alim1541.sys [42752 2008-04-14] (Microsoft Corporation) [File not signed]
S4 amdagp; C:\WINDOWS\system32\DRIVERS\amdagp.sys [43008 2008-04-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AmFSM; C:\WINDOWS\System32\DRIVERS\amm8651.sys [63240 2012-03-26] (Panda Security, S.L.)
S4 amsint; C:\WINDOWS\system32\DRIVERS\amsint.sys [12032 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc; C:\WINDOWS\system32\DRIVERS\asc.sys [26496 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S4 asc3350p; C:\WINDOWS\system32\DRIVERS\asc3350p.sys [22400 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc3550; C:\WINDOWS\system32\DRIVERS\asc3550.sys [14848 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
S4 cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cd20xrnt; C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys [7680 2001-08-17] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-10] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) [File not signed]
S4 CmdIde; C:\WINDOWS\system32\DRIVERS\cmdide.sys [6656 2001-08-17] (CMD Technology, Inc.) [File not signed]
S4 Cpqarray; C:\WINDOWS\system32\DRIVERS\cpqarray.sys [14976 2001-08-17] (Microsoft Corporation) [File not signed]
S4 dac2w2k; C:\WINDOWS\system32\DRIVERS\dac2w2k.sys [179584 2001-08-17] (Mylex Corporation) [File not signed]
S4 dac960nt; C:\WINDOWS\system32\DRIVERS\dac960nt.sys [14720 2001-08-17] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-10] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dpti2o; C:\WINDOWS\system32\DRIVERS\dpti2o.sys [20192 2001-08-17] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
R3 E100B; C:\WINDOWS\System32\DRIVERS\e100b325.sys [155648 2004-10-14] (Intel Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-10] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-17] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hpn; C:\WINDOWS\system32\DRIVERS\hpn.sys [25952 2001-08-17] (Microsoft Corporation) [File not signed]
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [212224 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [1042432 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
S3 HWHandSet; C:\WINDOWS\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
R1 i2omgmt; C:\WINDOWS\system32\Drivers\i2omgmt.sys [8576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 i2omp; C:\WINDOWS\system32\DRIVERS\i2omp.sys [18560 2008-04-14] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1302812 2005-10-14] (Intel Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ini910u; C:\WINDOWS\system32\DRIVERS\ini910u.sys [16000 2001-08-17] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-10] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-01] (Malwarebytes Corporation)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [11043 2003-04-09] (Conexant) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MODEMCSA; C:\WINDOWS\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-08-17] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mraid35x; C:\WINDOWS\system32\DRIVERS\mraid35x.sys [17280 2001-08-17] (American Megatrends Inc.) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-10] (Microsoft Corporation) [File not signed]
S3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [1897408 2004-08-03] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-10] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-10] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-10] (Microsoft Corporation) [File not signed]
R0 pavboot; C:\WINDOWS\System32\Drivers\pavboot.sys [26696 2010-06-22] (Panda Security, S.L.)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
S4 perc2; C:\WINDOWS\system32\DRIVERS\perc2.sys [27296 2001-08-17] (Microsoft Corporation) [File not signed]
S4 perc2hib; C:\WINDOWS\system32\DRIVERS\perc2hib.sys [5504 2001-08-17] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-10] (Parallel Technologies, Inc.) [File not signed]
S4 ql1080; C:\WINDOWS\system32\DRIVERS\ql1080.sys [40320 2001-08-17] (QLogic Corporation) [File not signed]
S4 Ql10wnt; C:\WINDOWS\system32\DRIVERS\ql10wnt.sys [33152 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql12160; C:\WINDOWS\system32\DRIVERS\ql12160.sys [45312 2001-08-17] (QLogic Corporation) [File not signed]
S4 ql1240; C:\WINDOWS\system32\DRIVERS\ql1240.sys [40448 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql1280; C:\WINDOWS\system32\DRIVERS\ql1280.sys [49024 2001-08-17] (QLogic Corporation) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-10] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) [File not signed]
S4 sisagp; C:\WINDOWS\system32\DRIVERS\sisagp.sys [40960 2008-04-14] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Sparrow; C:\WINDOWS\system32\DRIVERS\sparrow.sys [19072 2001-08-17] (Adaptec, Inc.) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1022040 2005-08-17] (SigmaTel, Inc.) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 symc810; C:\WINDOWS\system32\DRIVERS\symc810.sys [16256 2001-08-17] (Symbios Logic Inc.) [File not signed]
S4 symc8xx; C:\WINDOWS\system32\DRIVERS\symc8xx.sys [32640 2001-08-17] (LSI Logic) [File not signed]
S4 sym_hi; C:\WINDOWS\system32\DRIVERS\sym_hi.sys [28384 2001-08-17] (LSI Logic) [File not signed]
S4 sym_u3; C:\WINDOWS\system32\DRIVERS\sym_u3.sys [30688 2001-08-17] (LSI Logic) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
S4 TosIde; C:\WINDOWS\system32\DRIVERS\toside.sys [4992 2001-08-17] (Microsoft Corporation) [File not signed]
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ultra; C:\WINDOWS\system32\DRIVERS\ultra.sys [36736 2001-08-17] (Promise Technology, Inc.) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [44032 2012-07-09] (Apple, Inc.) [File not signed]
R3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation) [File not signed]
R0 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed]
R0 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R0 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation) [File not signed]
R0 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R0 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-16] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
S4 viaagp; C:\WINDOWS\system32\DRIVERS\viaagp.sys [42240 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ViaIde; C:\WINDOWS\system32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [680704 2003-11-17] (Conexant Systems, Inc.) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 bvrp_pci; No ImagePath
S0 cfadisk; system32\DRIVERS\cmsMDrv.sys [X]
S3 FilterService; No ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
S1 MpKslfa84aa5f; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D89FD71A-C1F3-441C-BB09-304B715B019A}\MpKslfa84aa5f.sys [X]
S3 PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) [File not signed]
S3 wanatw; No ImagePath
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-04 16:44 - 2014-11-06 07:44 - 00083230 _____ () C:\Documents and Settings\nickf\Desktop\FRST.txt
2014-11-04 12:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-11-02 13:21 - 2014-11-06 07:44 - 00000000 ____D () C:\FRST
2014-11-02 13:20 - 2014-11-02 13:20 - 01106432 ____N (Farbar) C:\Documents and Settings\nickf\Desktop\FRST.exe
2014-11-01 11:13 - 2014-11-01 11:13 - 00000000 ___HD () C:\WINDOWS\PIF
2014-11-01 10:18 - 2014-11-01 10:18 - 00000000 ____D () C:\SUPERDelete
2014-10-31 15:41 - 2014-10-31 15:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DivX
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2014-10-28 22:28 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\DivX
2014-10-28 22:27 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-10-28 15:18 - 2014-11-02 13:14 - 00000000 ____D () C:\Documents and Settings\nickf\Desktop\New Folder
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\Program Files\dvdSanta
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\dvdsanta
2014-10-28 14:18 - 2014-10-28 14:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\dvdSanta
2014-10-28 14:18 - 2007-04-22 21:11 - 01216512 ____N () C:\WINDOWS\system32\xvidcore.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00237568 ____N () C:\WINDOWS\system32\xvidvfw.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00061440 ____N () C:\WINDOWS\system32\xvid.ax
2014-10-28 14:18 - 2007-04-22 21:10 - 00237568 ____N () C:\WINDOWS\system32\OggDS.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00921600 ____N () C:\WINDOWS\system32\vorbisenc.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00188416 ____N () C:\WINDOWS\system32\vorbis.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00045056 ____N () C:\WINDOWS\system32\ogg.dll
2014-10-28 14:18 - 2006-10-28 10:11 - 00516096 ____N () C:\WINDOWS\system32\ac3filter.ax
2014-10-28 14:18 - 2004-09-23 18:20 - 00290304 ____N (DivXNetworks, Inc.) C:\WINDOWS\system32\divxdec.ax
2014-10-28 14:18 - 2004-04-30 20:46 - 00028672 ____N (Cyberlink) C:\WINDOWS\system32\qtalt.ax
2014-10-28 14:18 - 2004-03-26 15:32 - 00116224 ____N (Gabest) C:\WINDOWS\system32\rmalt.ax
2014-10-28 14:18 - 2004-01-10 17:02 - 00258048 ____N (Peter Wimmer, Gabest) C:\WINDOWS\system32\GplMpgDec.ax
2014-10-28 14:02 - 2014-10-28 14:02 - 00000797 ____N () C:\graph.txt
2014-10-28 13:54 - 2014-10-28 17:12 - 00000026 ____N () C:\WINDOWS\dvdSanta.INI
2014-10-28 13:50 - 2014-10-28 13:50 - 00000000 ____D () C:\TempDVD
2014-10-28 11:49 - 2014-10-28 11:49 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Panda Security
2014-10-28 11:47 - 2012-11-16 11:08 - 00518432 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavSHook.dll
2014-10-28 11:47 - 2012-05-17 15:42 - 00087328 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavLspHook.dll
2014-10-28 11:47 - 2010-06-22 17:13 - 00026696 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\pavboot.sys
2014-10-28 11:47 - 2010-06-21 16:02 - 00193344 ____N (Panda Security, S.L.) C:\WINDOWS\system32\TpUtil.dll
2014-10-28 11:47 - 2010-06-21 16:01 - 00055616 ____N (Panda Security, S.L.) C:\WINDOWS\system32\pavipc.dll
2014-10-28 11:47 - 2007-03-15 18:38 - 00054832 ____N (Panda Software) C:\WINDOWS\system32\pavcpl.cpl
2014-10-28 11:47 - 2007-02-08 09:53 - 00107568 ____N (Panda Software) C:\WINDOWS\system32\SYSTOOLS.DLL
2014-10-28 11:47 - 2003-10-22 17:23 - 00446464 ____N (eHelp Corporation.) C:\WINDOWS\system32\HHActiveX.dll
2014-10-28 11:46 - 2014-10-28 12:09 - 00000000 ____D () C:\Program Files\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-10-28 11:46 - 2012-03-26 17:57 - 00063240 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\amm8651.sys
2014-10-12 06:53 - 2014-10-12 06:55 - 00000071 ____H () C:\Documents and Settings\nickf\My Documents\.picasa.ini
2014-10-11 10:04 - 2014-10-16 06:43 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\msgr. ryan
2014-10-11 08:47 - 2014-10-11 08:56 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris14
2014-10-11 08:46 - 2014-10-11 08:47 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-06 07:44 - 2014-07-12 11:08 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Temp
2014-11-06 07:43 - 2014-07-12 12:19 - 02081219 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-06 07:43 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Gmail Notifier
2014-11-06 07:43 - 2013-04-12 19:47 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
2014-11-06 07:43 - 2012-03-07 08:32 - 00160002 _____ () C:\Documents and Settings\All Users\lxebscan.log
2014-11-06 07:42 - 2014-07-12 12:06 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-06 07:41 - 2014-07-12 12:19 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-06 07:41 - 2014-07-12 12:19 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-11-06 07:41 - 2012-08-30 14:34 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-11-06 07:41 - 2012-03-07 09:54 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-11-06 07:41 - 2012-03-06 23:55 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-06 07:41 - 2005-08-16 05:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-06 07:40 - 2014-07-12 14:12 - 00340354 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-11-06 07:40 - 2014-07-12 12:23 - 00000178 ___SH () C:\Documents and Settings\nickf\ntuser.ini
2014-11-06 07:40 - 2014-07-12 12:19 - 00032480 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-06 07:19 - 2012-03-06 23:55 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 19:46 - 2014-07-14 09:05 - 00000000 ____D () C:\Documents and Settings\All Users\Lx_cats
2014-11-05 19:45 - 2014-07-12 11:06 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\xmass list
2014-11-05 19:14 - 2012-08-30 14:34 - 00000286 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-11-05 09:58 - 2012-03-21 15:08 - 00004396 _____ () C:\Documents and Settings\All Users\lxebDiagnostics.log
2014-11-05 09:42 - 2012-03-08 08:57 - 00002473 _____ () C:\Documents and Settings\nickf\Desktop\Microsoft Word.lnk
2014-11-05 07:20 - 2014-07-12 10:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-11-04 15:44 - 2014-07-13 08:10 - 00340354 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4230650497-4285135782-2684026053-1005-0.dat
2014-11-04 13:59 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\screen shots
2014-11-04 12:37 - 2014-07-12 10:56 - 00000000 ____D () C:\AdwCleaner
2014-11-04 12:26 - 2005-08-16 05:33 - 00606100 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-04 12:18 - 2014-07-12 12:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Temp
2014-11-01 18:12 - 2014-07-12 11:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-01 10:16 - 2014-07-12 11:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-01 08:54 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\smith lane
2014-11-01 08:47 - 2014-05-18 15:57 - 00114904 ____N (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 08:46 - 2014-07-12 11:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-01 08:46 - 2014-05-18 15:57 - 00000781 ____N () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-31 11:30 - 2014-05-28 12:51 - 00000462 ____N () C:\WINDOWS\Tasks\CMS Application Updater.job
2014-10-29 12:44 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\danas wedding
2014-10-28 19:15 - 2014-09-27 17:49 - 00021238 ____N () C:\WINDOWS\setupapi.log
2014-10-28 17:39 - 2012-03-20 20:37 - 00030208 ____N () C:\Documents and Settings\nickf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-28 17:33 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house under const
2014-10-28 14:34 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\unused
2014-10-28 12:57 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DVD Flick
2014-10-28 11:46 - 2014-07-12 11:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-27 11:34 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house finished
2014-10-22 09:12 - 2014-07-12 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lexmark Pro200-S500 Series
2014-10-22 09:11 - 2012-03-07 08:45 - 00042774 ____N () C:\Documents and Settings\All Users\lxebJSW.log
2014-10-20 19:34 - 2014-07-14 12:10 - 00000818 ____N () C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
2014-10-20 19:34 - 2014-07-14 12:09 - 00216628 ____N () C:\WINDOWS\system32\LexFiles.ulf
2014-10-20 19:20 - 2014-07-12 11:28 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-10-20 19:19 - 2014-07-14 12:08 - 00000000 ____D () C:\Program Files\Lexmark Pro200-S500 Series
2014-10-19 11:43 - 2012-04-13 21:35 - 00000726 ____N () C:\Documents and Settings\nickf\Application Data\burnaware.ini
2014-10-17 13:40 - 2014-09-26 11:02 - 00001209 ____N () C:\WINDOWS\wmsetup.log
2014-10-15 07:39 - 2014-07-12 12:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 07:34 - 2012-03-07 01:31 - 100290944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-13 09:08 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\home depot
2014-10-12 02:21 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\receipts
2014-10-12 02:20 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\bern cemataries
2014-10-11 10:47 - 2014-08-17 07:52 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house2014
2014-10-11 10:39 - 2014-07-12 11:13 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\FFOutput
2014-10-11 09:04 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house on8-19-2012
2014-10-11 08:47 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf
2014-10-11 08:41 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\rome pics
2014-10-07 17:45 - 2012-03-09 14:58 - 00250081 ____N () C:\Documents and Settings\nickf\Desktop\address book 030702.WAB
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================

  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Which browser is showing the problem ? Or is it all

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

2014-11-06 07:43 - 2013-04-12 19:47 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#21
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts

Trouble is only in mozilla firefox

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-11-2014
Ran by nickf at 2014-11-06 10:25:12 Run:3
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
2014-11-06 07:43 - 2013-04-12 19:47 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
EmptyTemp:
CMD: bitsadmin /reset /allusers
 
*****************
 
C:\WINDOWS\Tasks\ConfigExec.job => Moved successfully.
 
=========  bitsadmin /reset /allusers =========
 
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 382.1 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Thanks I have rechecked FF and lo and behold there is a legitimate addon that is slightly mis-spelt

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

FF Extension: flashlightstephennolancomau - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-11-01]
FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#23
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-11-2014
Ran by nickf at 2014-11-06 10:56:45 Run:4
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
FF Extension: flashlightstephennolancomau - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-11-01]
FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] => Moved successfully.
C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] => Moved successfully.
 
=========  bitsadmin /reset /allusers =========
 
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 22.6 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Has that cleared it ?
  • 0

#25
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts

Essexboy Just tried it looks good Will get back to confirm.


  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Cheers, I must learn to look at all spellings now :)
  • 0

#27
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts

Thanks Essexboy. Great job.


  • 0

#28
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:


Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#29
nickf33

nickf33

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts

Many thanks essexboy cheerio.


  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My pleasure :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP