I have been receiving messages from Constant Guard (Infinity) that one or more of my computers may be infected with a bot. I have run scans with Spy Bot and Norton and didn't find anything. HOWEVER Norton has been frequently showing messages that it has blocked an intrusion attempt by Trojan.Zbot. Activity 15. It states that it was blocked and no further action is needed but combined with the message from Infinity I figured it could be a problem. Any help would be greatly appreciated.
Below is my OTL log:
OTL logfile created on: 1/16/2015 5:25:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mark\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.91 Gb Total Physical Memory | 12.43 Gb Available Physical Memory | 78.16% Memory free
31.81 Gb Paging File | 28.15 Gb Available in Paging File | 88.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 915.51 Gb Total Space | 835.93 Gb Free Space | 91.31% Space Free | Partition Type: NTFS
Drive D: | 15.77 Gb Total Space | 1.92 Gb Free Space | 12.15% Space Free | Partition Type: NTFS
Drive F: | 74.50 Gb Total Space | 64.29 Gb Free Space | 86.30% Space Free | Partition Type: FAT32
Computer Name: MARK-HP | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/01/16 17:22:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.exe
PRC - [2014/12/17 09:29:16 | 000,451,416 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2014/12/11 12:03:12 | 000,089,864 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2014/12/03 10:06:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/10/02 12:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/11/07 02:03:22 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013/08/04 23:49:42 | 000,111,576 | ---- | M] (CyberLink) -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/05/15 19:09:14 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/05/15 19:09:14 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/05/15 19:09:12 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2010/02/11 10:07:54 | 000,710,656 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
PRC - [2009/07/02 14:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
========== Modules (No Company Name) ==========
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/04 23:49:47 | 000,627,672 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2009/07/02 14:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/21 18:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/17 08:53:36 | 000,325,224 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2013/12/12 19:10:22 | 001,008,344 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2013/12/03 17:14:45 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/11/13 01:56:14 | 000,339,456 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/02/13 12:47:04 | 000,820,184 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/02/13 12:46:48 | 000,731,648 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/01/14 17:30:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/17 09:29:16 | 000,451,416 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014/12/11 12:03:12 | 000,089,864 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/12/03 10:06:08 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/02 12:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/17 08:53:40 | 000,279,144 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/29 18:31:42 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/05/15 19:09:14 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/05/15 19:09:14 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/05/15 19:09:12 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015/01/14 20:15:57 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/09/17 08:53:22 | 004,716,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/08/25 18:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/08/25 18:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/08/25 18:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 18:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/06 11:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/05/21 04:12:56 | 000,791,256 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2014/04/07 09:44:04 | 008,071,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2014/03/24 04:30:04 | 000,901,848 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/12/03 17:18:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/12/03 17:18:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/12/03 17:06:22 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/11/13 01:56:18 | 000,551,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/11/12 14:25:22 | 000,091,912 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/11/07 02:03:22 | 000,790,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013/11/07 02:03:22 | 000,368,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013/11/07 02:03:22 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/10/02 04:35:39 | 000,172,760 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/25 18:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 18:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2013/08/29 06:13:36 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/29 06:13:32 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013/07/18 15:00:04 | 000,083,224 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2013/07/09 13:58:32 | 000,263,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2013/05/15 19:09:12 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/12/04 03:38:27 | 000,598,808 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/05/02 06:18:28 | 000,184,144 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012/03/06 11:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012/03/06 11:29:39 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/09/18 00:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 16:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 15:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015/01/14 19:49:36 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150115.040\ex64.sys -- (NAVEX15)
DRV - [2015/01/14 19:49:36 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150115.040\eng64.sys -- (NAVENG)
DRV - [2015/01/14 19:42:20 | 000,668,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150116.001\IDSviA64.sys -- (IDSVia64)
DRV - [2015/01/06 19:29:50 | 001,622,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/11/25 14:30:45 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/11/25 14:30:44 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...1TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{B59F3FC6-FD87-46DC-B523-5C2D41949ACC}: "URL" = http://www.amazon.co...ds={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...1TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{B59F3FC6-FD87-46DC-B523-5C2D41949ACC}: "URL" = http://www.amazon.co...ds={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...1TR&pc=HPDTDFJS
IE - HKCU\..\SearchScopes\{B59F3FC6-FD87-46DC-B523-5C2D41949ACC}: "URL" = http://www.amazon.co...ds={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2015/01/14 20:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2015/01/16 17:18:17 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] "C:\windows\system32\igfxpers.exe" File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AEC11D6-B86F-4411-8DD2-43ADA26BD2A8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/08 08:23:49 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/01/31 14:25:04 | 000,000,000 | RH-D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/01/16 17:22:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.exe
[2015/01/14 20:32:32 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys
[2015/01/14 20:32:32 | 000,876,248 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys
[2015/01/14 20:32:32 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\symnets.sys
[2015/01/14 20:32:32 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\symds64.sys
[2015/01/14 20:32:32 | 000,266,968 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys
[2015/01/14 20:32:32 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys
[2015/01/14 20:32:32 | 000,037,592 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys
[2015/01/14 20:32:32 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1506000.020\symelam.sys
[2015/01/14 20:30:37 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1506000.020
[2015/01/14 20:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2015/01/14 20:15:58 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2015/01/14 20:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2015/01/14 20:13:41 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64
[2015/01/14 20:13:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2015/01/14 20:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite
[2015/01/14 20:05:28 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Symantec
[2015/01/14 20:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2015/01/14 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2015/01/14 19:38:01 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2015/01/14 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2015/01/10 08:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/01/10 08:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2015/01/10 08:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2015/01/10 08:14:21 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Google
[2015/01/10 08:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/01/10 08:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/01/10 08:11:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/01/10 08:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/01/10 08:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/01/10 08:11:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/01/10 07:55:11 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\hpqlog
[2015/01/08 22:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2015/01/08 12:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2015/01/08 12:34:46 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2015/01/08 08:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2015/01/08 08:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2015/01/08 08:46:25 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Programs
[2014/12/30 20:40:13 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\HP
[2014/12/30 20:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2014/12/30 15:16:35 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Garmin
[2014/12/30 15:15:14 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Garmin
[2014/12/30 15:15:05 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Garmin
[2014/12/30 15:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/12/30 15:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2014/12/30 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2014/12/30 15:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2014/12/30 15:10:58 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Diagnostics
[2014/12/27 15:30:22 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Microsoft Games
[2014/12/26 17:29:58 | 000,000,000 | -HSD | C] -- C:\Users\Mark\IntelGraphicsProfiles
[2014/12/26 17:13:46 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2014/12/26 17:07:19 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\EmieUserList
[2014/12/26 17:07:19 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\EmieSiteList
[2014/12/26 17:07:19 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\EmieBrowserModeList
[2014/12/26 17:01:49 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014/12/26 17:01:49 | 000,000,000 | ---D | C] -- C:\windows\SysNative\appraiser
[2014/12/26 17:01:39 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2014/12/26 17:01:39 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2014/12/26 11:44:38 | 000,000,000 | ---D | C] -- C:\windows\Migration
[2014/12/25 17:01:23 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Adobe
[2014/12/25 16:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/12/25 16:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/12/25 16:46:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/12/25 14:30:46 | 000,000,000 | ---D | C] -- C:\windows\SysNative\appmgmt
[2014/12/25 13:41:47 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Macromedia
[2014/12/25 13:41:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Broadcom
[2014/12/25 13:41:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\Documents\Bluetooth Exchange Folder
[2014/12/25 13:40:55 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Adobe
[2014/12/25 13:40:54 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/12/25 13:40:54 | 000,000,000 | R--D | C] -- C:\Users\Mark\Searches
[2014/12/25 13:40:54 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/12/25 13:40:54 | 000,000,000 | -H-D | C] -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/12/25 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Identities
[2014/12/25 13:40:45 | 000,000,000 | R--D | C] -- C:\Users\Mark\Contacts
[2014/12/25 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\VirtualStore
[2014/12/25 13:40:32 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Hewlett-Packard
[2014/12/25 13:38:50 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Hewlett-Packard
[2014/12/25 13:36:57 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Power2Go8
[2014/12/25 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\RemEngine
[2014/12/25 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Hewlett-Packard_Company
[2014/12/25 13:36:24 | 000,000,000 | --SD | C] -- C:\Users\Mark\AppData\Roaming\Microsoft
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Videos
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Saved Games
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Pictures
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Music
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Links
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Favorites
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Downloads
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Documents
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\Desktop
[2014/12/25 13:36:24 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Temporary Internet Files
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Templates
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Start Menu
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\SendTo
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Recent
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\PrintHood
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\NetHood
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Videos
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Pictures
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Music
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\My Documents
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Local Settings
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\History
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Cookies
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Application Data
[2014/12/25 13:36:24 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Application Data
[2014/12/25 13:36:24 | 000,000,000 | -H-D | C] -- C:\Users\Mark\Documents\hp.system.package.metadata
[2014/12/25 13:36:24 | 000,000,000 | -H-D | C] -- C:\Users\Mark\Documents\hp.applications.package.appdata
[2014/12/25 13:36:24 | 000,000,000 | -H-D | C] -- C:\Users\Mark\AppData
[2014/12/25 13:36:24 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Temp
[2014/12/25 13:36:24 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Microsoft
[2014/12/25 13:36:24 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Media Center Programs
[2014/12/25 13:35:58 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
========== Files - Modified Within 30 Days ==========
[2015/01/16 17:25:44 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/16 17:25:09 | 000,027,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/16 17:25:09 | 000,027,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/16 17:24:17 | 000,056,558 | ---- | M] () -- C:\Users\Mark\Desktop\Bot Intrusion Block.PNG
[2015/01/16 17:22:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.exe
[2015/01/16 17:17:47 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/16 17:17:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/01/16 17:17:02 | 4220,391,422 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/15 17:30:28 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/01/15 03:37:00 | 000,069,995 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\VT20150115.002
[2015/01/14 23:09:36 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/14 20:40:23 | 000,002,442 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2015/01/14 20:40:00 | 002,031,262 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\Cat.DB
[2015/01/14 20:28:27 | 000,001,267 | ---- | M] () -- C:\Users\Mark\Desktop\Norton Installation Files.lnk
[2015/01/14 20:15:57 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2015/01/14 20:15:57 | 000,008,222 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2015/01/14 20:15:57 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2015/01/11 07:14:29 | 000,002,277 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/10 08:41:30 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
[2015/01/08 12:34:50 | 000,001,377 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015/01/08 12:12:01 | 000,000,085 | ---- | M] () -- C:\windows\wininit.ini
[2015/01/08 08:23:49 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015/01/08 07:43:55 | 000,781,298 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/01/08 07:43:55 | 000,661,656 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/01/08 07:43:55 | 000,121,524 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/12/30 22:57:30 | 000,272,016 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/12/30 15:54:20 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/12/30 15:14:22 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2014/12/27 08:43:22 | 000,000,144 | ---- | M] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/12/26 17:29:57 | 000,000,451 | ---- | M] () -- C:\windows\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[2014/12/26 17:26:56 | 001,185,316 | ---- | M] () -- C:\windows\SysNative\oem67.inf
[2014/12/26 11:45:14 | 000,773,536 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/12/25 13:43:25 | 000,001,405 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/25 13:36:45 | 000,000,000 | RHS- | M] () -- C:\windows\SysWow64\drivers\103C_HP_cPC_700-215xt_Y53316J_0U_Q2MD4480VFV_E14AM1RCW603_4A_I2AF7_SHP_V1.04_B80.19_T140718_W748-1_L409_M16290_J1000_7Intel_8_93.40_#141126_N14E44359;10EC8168_Z_G80860412_Ohp CDDVDW SH-216DB SCSI CdRom Device.MRK
[2014/12/25 13:36:45 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_cPC_700-215xt_Y53316J_0U_Q2MD4480VFV_E14AM1RCW603_4A_I2AF7_SHP_V1.04_B80.19_T140718_W748-1_L409_M16290_J1000_7Intel_8_93.40_#141126_N14E44359;10EC8168_Z_G80860412_Ohp CDDVDW SH-216DB SCSI CdRom Device.MRK
[2014/12/25 13:34:35 | 000,041,450 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2014/12/25 13:34:35 | 000,041,450 | ---- | M] () -- C:\windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2015/01/16 17:24:17 | 000,056,558 | ---- | C] () -- C:\Users\Mark\Desktop\Bot Intrusion Block.PNG
[2015/01/15 17:32:11 | 000,069,995 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\VT20150115.002
[2015/01/14 20:39:40 | 002,031,262 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\Cat.DB
[2015/01/14 20:32:32 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symelam64.cat
[2015/01/14 20:32:32 | 000,008,202 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.cat
[2015/01/14 20:32:32 | 000,008,194 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symefa64.cat
[2015/01/14 20:32:32 | 000,008,192 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symnet64.cat
[2015/01/14 20:32:32 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symds64.cat
[2015/01/14 20:32:32 | 000,008,188 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtspx64.cat
[2015/01/14 20:32:32 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtsp64.cat
[2015/01/14 20:32:32 | 000,008,184 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\iron.cat
[2015/01/14 20:32:32 | 000,003,433 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symefa.inf
[2015/01/14 20:32:32 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symds.inf
[2015/01/14 20:32:32 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symnet.inf
[2015/01/14 20:32:32 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtsp64.inf
[2015/01/14 20:32:32 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\srtspx64.inf
[2015/01/14 20:32:32 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\symelam.inf
[2015/01/14 20:32:32 | 000,000,855 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.inf
[2015/01/14 20:32:32 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\iron.inf
[2015/01/14 20:30:37 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\isolate.ini
[2015/01/14 20:15:58 | 000,008,222 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2015/01/14 20:15:58 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2015/01/14 20:15:18 | 000,002,442 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2015/01/14 19:38:01 | 000,001,267 | ---- | C] () -- C:\Users\Mark\Desktop\Norton Installation Files.lnk
[2015/01/10 08:41:30 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
[2015/01/10 08:15:15 | 000,002,277 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/10 08:15:15 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/10 08:14:24 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/10 08:14:23 | 000,000,894 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/08 12:34:50 | 000,001,389 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2015/01/08 12:34:50 | 000,001,377 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015/01/08 12:11:55 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini
[2015/01/08 08:23:49 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/12/30 15:14:22 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2014/12/27 08:43:22 | 000,000,144 | ---- | C] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/12/26 17:29:57 | 000,000,451 | ---- | C] () -- C:\windows\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[2014/12/26 17:27:01 | 001,185,316 | ---- | C] () -- C:\windows\SysNative\oem67.inf
[2014/12/26 11:13:11 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/12/25 13:43:25 | 000,001,405 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/25 13:40:55 | 000,001,411 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/12/25 13:36:49 | 000,002,224 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish.lnk
[2014/12/25 13:36:45 | 4220,391,422 | -HS- | C] () -- C:\hiberfil.sys
[2014/12/25 13:36:45 | 000,000,000 | RHS- | C] () -- C:\windows\SysWow64\drivers\103C_HP_cPC_700-215xt_Y53316J_0U_Q2MD4480VFV_E14AM1RCW603_4A_I2AF7_SHP_V1.04_B80.19_T140718_W748-1_L409_M16290_J1000_7Intel_8_93.40_#141126_N14E44359;10EC8168_Z_G80860412_Ohp CDDVDW SH-216DB SCSI CdRom Device.MRK
[2014/12/25 13:36:45 | 000,000,000 | RHS- | C] () -- C:\windows\SysNative\drivers\103C_HP_cPC_700-215xt_Y53316J_0U_Q2MD4480VFV_E14AM1RCW603_4A_I2AF7_SHP_V1.04_B80.19_T140718_W748-1_L409_M16290_J1000_7Intel_8_93.40_#141126_N14E44359;10EC8168_Z_G80860412_Ohp CDDVDW SH-216DB SCSI CdRom Device.MRK
[2014/12/25 13:36:24 | 000,000,290 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/12/25 13:36:24 | 000,000,272 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/09/17 08:53:16 | 000,186,368 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2014/09/17 08:53:12 | 016,857,968 | ---- | C] () -- C:\windows\SysWow64\igd11dxva32.dll
[2013/12/03 12:26:55 | 000,773,536 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 18:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 17:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/12/30 15:15:19 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Garmin
========== Purity Check ==========
< End of report >