Jump to content

Not sure, but best to ask the experts ....


Recommended Posts

Hi, I've not sure if I have issues with my hardware or there some malware/viruses on my system.  Weird things happen from time to time, system gets real slow and unresponsive and then the next moment it's fine.  I scaned with MalwareBytes and Symantec antivirus (Symantec Endpoint Protection v12.1.3001.165) and nothing is found, but I can't seem to shake the slowness.  I always make sure I have the latest updates installed.  I downloaded and installed HiJackthis and scaned my system, the log is below.  If someone could take a look at it and let me know if they see anything, I'd appreciate it.  Thanks.

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:44:12, on 3/9/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\APC\POWERC~2\server\PBESER~1.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Display] C:\Program Files\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1
O4 - HKCU\..\Run: [TiVme Agent] C:\Program Files\KWorld Multimedia\TiVme\ScheduleAgent.exe srec
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1338086324-3255125760-3355702696-1025\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1338086324-3255125760-3355702696-1025\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-21-1338086324-3255125760-3355702696-1025 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'UpdatusUser')
O4 - S-1-5-21-1338086324-3255125760-3355702696-1025 User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'UpdatusUser')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\PowerChute Personal Edition\Display.exe


O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.imagesrvr.com



O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341997423812
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2378654A-0EAD-4AC9-A0D6-9C1651306D08}: NameServer = 68.9.16.30,68.13.16.30
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCF2138F-70D1-4989-B1E5-8E1108C6D56D}: NameServer = 68.9.16.30,68.13.16.30
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys,linksys
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SEP - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: APC Data Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~2\server\PBESER~1.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\snac.exe
O23 - Service: SyncThru Web Admin Service (SWAS_Core) - Unknown owner - C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 19279 bytes
 

 

Prescott ....

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )

    [*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Link to post
Share on other sites

Marius,

 

I downloaded all the suggested software and was able to successfully run FRST (the logs are below).  I also ran GMER, it ran for several hours before the computer rebooted, apparently while it was running, I don;'t know because I had left the room.  When the machine cam up, the harddrive was gone.  I cold booted it and the harddrive cam back and I was able to boot but now my Symantec Endpoint Anti-virus reporsts that it is shut off.  I'm attempting to fix whatever that problem is and will report it when I figure it out.

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-03-2014 02
Ran by HP_Administrator at 2014-03-10 08:51:16
Running from C:\Documents and Settings\HP_Administrator\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Disabled - Up to date) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Symantec Endpoint Protection (Disabled) {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

==================== Installed Programs ======================

123 Movies2iPod uninstall (HKLM\...\123 Movies2iPod) (Version:  - )
1400 (Version: 50.0.206.000 - Hewlett-Packard) Hidden
1400_Help (Version: 50.0.206.000 -  Hewlett-Packard) Hidden
1400Trb (Version: 50.0.206.000 -  Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 13.1.1 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
AC3Filter (remove only) (HKLM\...\AC3Filter) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Acronis True Image Home (HKLM\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
ActiveReports for .NET 3.0 (HKLM\...\ActiveReports for .NET 3.0) (Version:  - Data Dynamics)
ActiveReports for .NET 3.0 (Version: 3.0 - Data Dynamics) Hidden
Adobe Acrobat 7.0 Professional (Version: 7.0.9 - Adobe Systems) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.0.0.4080 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (HKLM\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Common File Installer (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe GoLive CS2 (Version: 8.0.1 - Adobe Systems) Hidden
Adobe Help Center 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Illustrator CS2 (Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (Version: 1.0.7 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (Version: 2.0.1 - Adobe Systems, Inc.) Hidden
AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiO_Scan_CDA (Version: 50.0.214.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (Version: 50.0.214.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}) (Version: 2.6.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bingo Track (HKLM\...\{22466BDC-2D5B-4E59-A688-4281E2091DBA}) (Version: 1.0.0 - C & G Associates, Inc.)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{18E893B6-28F0-495B-8448-AC40F4496728}) (Version: 14.2.4.4 - Broadcom Corporation)
Broadcom NetXtreme Ethernet Controller (HKLM\...\{11BAF19D-08AC-4921-8B89-678BBBB9E036}) (Version: 14.2.6.2 - Broadcom Corporation)
BufferChm (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.290 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.328 - Hewlett-Packard) Hidden
CodeSite 3.0.1 Client Tools (HKLM\...\CodeSite 3.0.1 Client Tools) (Version: 3.0 - Raize Software, Inc.)
Compact Wireless-G USB Adapter (HKLM\...\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CP_AtenaShokunin1Config (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_CalendarTemplates1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_LightScribeConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_UpdateProjectsConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
CueTour (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Destinations (Version: 60.0.155.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.0 - DivX, Inc.)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.5.1 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.6.0 - )
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.0 - DivX,Inc.)
DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dotfuscator Software Services - Community Edition (HKLM\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
DownloadTerms (HKCU\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC) <==== ATTENTION
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Fax_CDA (Version: 50.0.214.000 - Hewlett-Packard) Hidden
ffdshow v1.1.3996 [2011-10-13] (HKLM\...\ffdshow_is1) (Version: 1.1.3996.0 - )
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Graphic Workshop Professional (HKLM\...\Graphic Workshop Professional) (Version:  - )
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 2.0.5.1 - Hewlett-Packard Company)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP Document Viewer 5.3 (HKLM\...\HP Document Viewer) (Version: 5.3 - HP)
HP DVD Play 1.0 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
HP Game Console and games (HKLM\...\HP Game Console) (Version:  - WildTangent)
HP Imaging Device Functions 6.0 (HKLM\...\HP Imaging Device Functions) (Version: 6.0 - HP)
HP LaserJet Enterprise 500 color M551 (HKLM\...\{6D6058C2-16C9-4763-B1B5-6F1C3491069B}) (Version: 4.5.12146.539 - Hewlett-Packard)
HP My Display (HKLM\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 1.30.003 - Portrait Displays, Inc.)
HP Photosmart 330,380,420,470,7800,8000,8200 Series (HKLM\...\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}) (Version: 8.1 - HP)
HP Photosmart Cameras 5.0 (HKLM\...\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}) (Version: 5.0 - HP)
HP Photosmart for Media Center PC (HKLM\...\HP Photosmart for Media Center PC) (Version:  - )
HP Photosmart Premier Software 6.0 (HKLM\...\HP Photo & Imaging) (Version: 6.0 - HP)
HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP PSC & OfficeJet 5.3.A (HKLM\...\{3E386744-10FA-44b2-98C9-DF7A270DECB3}) (Version:  - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version:  - HP)
HP Rhapsody (HKLM\...\HP Rhapsody) (Version:  - )
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPLaserJetEnterprise500colorM551_HelpLearnCenter (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe from HP Media Center (remove only) (HKLM\...\A09026AE-8F16-4929-B4E6-1825535844DB) (Version:  - WildTangent)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevices (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Quick Resume Technology Drivers (HKLM\...\Intel® Quick Resume Technology) (Version: 1.0.0.1093 - Intel Corporation)
Intel® Quick Resume Technology Drivers (Version: 1.0.0.1093 - Intel Corporation) Hidden
Intel® Viiv™ Software (HKLM\...\{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}) (Version: 1.0.2.2015 - Intel Corporation)
InterActual Player (HKLM\...\InterActual Player) (Version:  - )
Ipswitch WS_FTP 12 (HKLM\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Knowledge Xpert (HKLM\...\Knowledge Xpert) (Version: 10.0.0.0 - Quest Software)
Knowledge Xpert (Version: 10.1.0.188 - Quest Software) Hidden
Knowledge Xpert for Oracle Administration (Version: 10.1.0.188 - Quest Software) Hidden
Knowledge Xpert for PLSQL (Version: 10.1.0.188 - Quest Software) Hidden
Knowledge Xpert Oracle Common (Version: 10.1.0.188 - Quest Software) Hidden
LightScribe  1.4.62.1 (Version: 1.4.62.1 - http://www.lightscribe.com) Hidden
Linksys VPN Client (HKLM\...\{5C8AE145-C9F7-4883-9750-7ECD2B41CCCA}) (Version: 1.00.200 - Cisco Linksys  Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MCE Configuration Reset (HKLM\...\{CCC04C70-335D-4EE7-95C5-13D203175EBD}) (Version: 1.3.5 - Salloway)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (HKLM\...\{082BDF7B-4810-4599-BF0D-E3AC44EC8524}) (Version: 1.0.61025 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Corporation (Version: 9.0.0.0 - Microsoft Visual C++ 2005 CRT Redistributable) Hidden
Microsoft Device Emulator version 1.0 - ENU (HKLM\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2005 (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Easy Assist v2 (HKLM\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 5.4 (HKLM\...\{EECDDEA0-DB76-4488-8E52-0EF1DF63700A}) (Version: 5.40.633.0 - Microsoft)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6BCB7EAA-598C-4836-B7EA-3642E41AA222}) (Version: 2.4.542.0 - Microsoft Corporation)
Microsoft Money 2006 (HKLM\...\Money2006b) (Version: 15 - Microsoft)
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{91170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{83298573-A6B6-42AB-A234-FE91CA2859C0}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC90 CRT + OMP (HKLM\...\{0F931735-0098-4FF6-A49D-17882A294F51}) (Version: 1.0.0.0 - ZJMedia Ltd.)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2005 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU (Version: 8.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Web Deployment Projects (HKLM\...\{29F0F7F6-3AE6-4A04-B002-8C8CC7AD9BAD}) (Version: 8.0.51103 - Microsoft)
Microsoft Visual Studio 2008 Standard Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Standard Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Standard Edition - ENU (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - ENU (HKLM\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3AC54383-31D1-4907-961B-B12CBB1D0AE8}) (Version: 2.6.0.29 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSDN Library for Visual Studio 2005 (HKLM\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.42 - Microsoft)
MSDN Library for Visual Studio 2005 (Version: 8.0.50727.42 - Microsoft) Hidden
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
muvee autoProducer 4.5 (HKLM\...\{E073D315-3C54-44BF-A1B2-B5583AEA618C}) (Version: 4.50.050 - muvee Technologies)
muvee autoProducer unPlugged 1.2 (HKLM\...\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}) (Version: 1.20.100 - muvee Technologies)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Netscape Browser (remove only) (HKLM\...\Netscape Browser) (Version:  - )
NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden
NewCopy_CDA (Version: 50.0.214.000 - Hewlett-Packard) Hidden
NVIDIA Control Panel 310.70 (Version: 310.70 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OBD-PC Link (HKLM\...\{01C6D0D1-0829-4AB3-955D-59FF12A14931}) (Version: 1.34.0000 - Innova Electronics)
OBD-PC Link (HKLM\...\{D444D748-EB5A-4A94-A84C-EA58A9FC52F5}) (Version: 1.33.0000 - Innova Electronics)
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OptionalContentQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Oracle Data Provider for .NET Help (HKLM\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 10.2.020 - Oracle Corporation)
PanoStandAlone (Version: 53.0.13.000 - Hewlett-Packard) Hidden
PhotoGallery (Version: 60.0.155.000 - Hewlett-Packard) Hidden
PowerChute Business Edition Console (HKLM\...\{0F86FD09-BA63-4E45-A70B-604C1106C2F2}) (Version: 9.1.1.604 - Schneider Electric)
PowerChute Business Edition Server (HKLM\...\{A6491A4A-AAA0-4892-BFEF-ECD6CECE2FF3}) (Version: 9.1.1.604 - Schneider Electric)
PowerChute Personal Edition 3.0.2 (HKLM\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
ProductContext (Version: 50.0.206.000 - Hewlett-Packard) Hidden
PS2 (HKLM\...\PS2) (Version:  - )
PSPrinters08 (Version: 8.01.0000 - HP) Hidden
PSTAPlugin (Version: 8.01.0000 - Hewlett-Packard) Hidden
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version:  - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
Quest Application Integration Tool (HKLM\...\{639DED6D-3C08-4E63-A560-11E317BFD3B6}) (Version: 1.0.5 - Quest Software)
Quest Installer (HKLM\...\Quest Installer) (Version:  - )
Quest Software Toad for Data Analysts 2.5 (HKLM\...\{C021B230-6E79-4DDE-9B81-56073C76F9E7}) (Version: 2.5.0.913 - Quest Software)
Quest SQL Optimizer 7.4.1 for Oracle Trial (HKLM\...\{92472550-3E4F-4848-B3F3-D6B0B6826F82}) (Version: 7.4.1.834 - Quest Software)
Quest SQL Optimizer for Oracle (HKLM\...\{06D38937-C995-4A35-A4D9-34E71503D807}) (Version: 7.5.0.1113 - Quest Software)
Quest SQL Optimizer for Oracle Common (HKLM\...\{2FC34E5F-AC85-4F04-B95E-1E39D17BF198}) (Version: 1.0.0.100 - Quest Software)
Quest SQL Optimizer for Oracle Common (HKLM\...\{6B7930EB-D8F7-4DAE-B3A8-AE02A6823E22}) (Version: 2.0.0.100 - Quest Software)
Quest SQL Tuning for Oracle (HKLM\...\Quest SQL Tuning) (Version: SQL Tuning - Quest Software)
QuickBooks Pro 2008 (HKLM\...\{8ECB8220-F422-4BEB-9596-97033C533702}) (Version: 18.0.4010.606 - Intuit Inc.)
Quicken 2006 (HKLM\...\{2818095F-FB6C-42C8-827E-0A406CC9AFF5}) (Version: 15.1.1.29 - Intuit)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RandMap (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Readme (Version: 50.0.214.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Remove IntelliMover Demo (HKLM\...\IntelliMover Data Transfer Demo) (Version:  - )
Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SDK (Version: 1.33.004 - Portrait Displays, Inc.) Hidden
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SetIP (HKLM\...\SetIP) (Version: 1.04.01.00 - Samsung Electronics Co., Ltd.)
SkinsHP1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Snood for Windows version 3.52-W (HKLM\...\Snood_is1) (Version:  - Snood LLC)
SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.2.0 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.4 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.4 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.4 - Sonic Solutions)
Sonic_PrimoSDK (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Suite Specific (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{8693E64C-16F3-4388-ACC0-9E8D586BEC17}) (Version: 12.1.3001.165 - Symantec Corporation)
SyncThru Web Admin Service (HKLM\...\{41F630B6-3A1C-40E0-8AD6-83C39C5B99E3}) (Version:  - )
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.9947 - TeamViewer GmbH)
TiVme Software (HKLM\...\TiVme_is1) (Version:  - )
TMPGEnc DVD Author 1.5 (HKLM\...\{128F11F9-30BE-4033-8FA1-2CC6638530C3}) (Version: 1.5.34 - Pegasys Inc.)
Toad for Oracle (HKLM\...\{1E7F56F8-BA3E-40A3-B7EE-C878DCED8CFF}) (Version: 9.7.2.5 - Quest Software, Inc.)
Toad for Oracle (HKLM\...\{41DD6281-D0BF-4A4C-A67C-9F4760711046}) (Version: 10.0.0.41 - Quest Software, Inc.)
TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (Version: 6.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2008 Standard Edition - ENU (KB972221) (HKLM\...\{F434F50E-7614-3EA8-9008-2FB866B697DA}.KB972221) (Version: 1 - Microsoft Corporation)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version:  - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB913800) (Version:  - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB926251) (Version:  - Microsoft Corporation) Hidden
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB943729) (HKLM\...\KB943729) (Version:  - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
Updates from HP (remove only) (HKLM\...\HPOOVClient-9972322 Uninstaller) (Version:  - )
UrlScan 2.5 (HKLM\...\IisUrlScan) (Version:  - )
VideoCap ActiveX Control (HKLM\...\VideoCap ActiveX Control_is1) (Version:  - Viscom Software)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VSIP Interop Assembly Redist (HKLM\...\{FA7E3351-448B-4BDA-986F-8CB3DA36CE5D}) (Version: 1.00.0000 - Microsoft)
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.0.0.3995 - ZJMedia Digital Technology Ltd.)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061027.150806 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version:  - )

==================== Restore Points  =========================

10-12-2013 22:55:35 System Checkpoint
11-12-2013 09:22:32 Software Distribution Service 3.0
12-12-2013 09:48:28 System Checkpoint
13-12-2013 09:53:11 Software Distribution Service 3.0
14-12-2013 10:47:53 System Checkpoint
15-12-2013 11:47:27 System Checkpoint
16-12-2013 12:47:28 System Checkpoint
17-12-2013 13:48:35 System Checkpoint
18-12-2013 14:47:32 System Checkpoint
19-12-2013 15:47:34 System Checkpoint
20-12-2013 15:51:12 System Checkpoint
21-12-2013 16:37:12 System Checkpoint
22-12-2013 17:30:27 System Checkpoint
23-12-2013 17:46:21 System Checkpoint
24-12-2013 17:51:44 System Checkpoint
25-12-2013 18:30:31 System Checkpoint
26-12-2013 18:35:17 System Checkpoint
27-12-2013 20:32:18 System Checkpoint
28-12-2013 21:38:49 System Checkpoint
29-12-2013 22:28:13 System Checkpoint
30-12-2013 22:32:44 System Checkpoint
31-12-2013 22:55:26 System Checkpoint
01-01-2014 23:29:30 System Checkpoint
02-01-2014 23:35:31 System Checkpoint
04-01-2014 00:28:34 System Checkpoint
05-01-2014 01:29:21 System Checkpoint
06-01-2014 02:29:40 System Checkpoint
07-01-2014 03:28:39 System Checkpoint
08-01-2014 04:06:41 System Checkpoint
09-01-2014 04:28:44 System Checkpoint
10-01-2014 05:28:43 System Checkpoint
11-01-2014 06:28:48 System Checkpoint
12-01-2014 07:28:51 System Checkpoint
13-01-2014 08:29:00 System Checkpoint
14-01-2014 08:02:13 Software Distribution Service 3.0
15-01-2014 08:31:52 System Checkpoint
15-01-2014 20:45:27 Software Distribution Service 3.0
16-01-2014 21:30:25 System Checkpoint
17-01-2014 12:10:24 Installed Java 7 Update 51
18-01-2014 12:48:51 System Checkpoint
19-01-2014 13:22:15 System Checkpoint
20-01-2014 15:35:02 System Checkpoint
21-01-2014 16:22:35 System Checkpoint
22-01-2014 16:37:25 System Checkpoint
23-01-2014 17:22:23 System Checkpoint
24-01-2014 17:31:11 System Checkpoint
25-01-2014 18:26:02 System Checkpoint
26-01-2014 18:35:48 System Checkpoint
27-01-2014 19:22:02 System Checkpoint
28-01-2014 19:28:48 System Checkpoint
29-01-2014 20:22:07 System Checkpoint
30-01-2014 21:23:18 System Checkpoint
31-01-2014 22:34:15 System Checkpoint
03-02-2014 03:56:39 System Checkpoint
04-02-2014 04:30:39 System Checkpoint
05-02-2014 05:30:16 System Checkpoint
06-02-2014 06:31:34 System Checkpoint
07-02-2014 07:32:43 System Checkpoint
08-02-2014 07:53:36 System Checkpoint
09-02-2014 08:36:01 System Checkpoint
10-02-2014 09:49:40 System Checkpoint
11-02-2014 10:01:13 System Checkpoint
12-02-2014 12:59:11 System Checkpoint
13-02-2014 00:39:21 Software Distribution Service 3.0
14-02-2014 00:53:20 System Checkpoint
15-02-2014 00:58:57 System Checkpoint
16-02-2014 01:59:02 System Checkpoint
17-02-2014 02:59:03 System Checkpoint
18-02-2014 03:43:26 System Checkpoint
19-02-2014 04:00:15 System Checkpoint
20-02-2014 04:59:17 System Checkpoint
21-02-2014 05:59:18 System Checkpoint
22-02-2014 06:07:02 System Checkpoint
23-02-2014 07:06:08 System Checkpoint
24-02-2014 07:19:44 System Checkpoint
25-02-2014 08:21:37 System Checkpoint
01-03-2014 18:57:59 System Checkpoint
02-03-2014 19:18:08 System Checkpoint
03-03-2014 20:18:11 System Checkpoint
04-03-2014 21:19:16 System Checkpoint
05-03-2014 21:53:23 System Checkpoint
06-03-2014 22:53:46 System Checkpoint
07-03-2014 23:19:55 System Checkpoint
09-03-2014 00:20:05 System Checkpoint
10-03-2014 02:12:50 System Checkpoint
10-03-2014 02:43:06 Installed HiJackThis

==================== Hosts content: ==========================

2004-08-10 00:00 - 2014-02-14 19:26 - 00000540 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1            localhost
192.168.10.4         www.OrganizeMyleague.com
192.168.10.25        www.eTicketPurchase.com
192.168.10.25        www.BlackstoneValleyFootball.com
192.168.10.25        www.BlackstoneValleyCheerleading.com
192.168.10.25        wordpress.blackstonevalleyfootball.com
192.168.10.25        www.Kofc-57.org
192.168.10.25        www.mthopeharbourlandgroup.com
192.168.10.10        webmail.organizemyleague.com
192.168.10.10:1000   webadmin.organizemyleague.com
192.168.10.10        Smtp.OrganizeMyLeague.com


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\MyDefrag v4.3.1 Daily.job => ?
Task: C:\WINDOWS\Tasks\MyDefrag v4.3.1 Monthly.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-01-10 13:23 - 2007-06-29 18:54 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll
2009-01-10 13:23 - 2007-06-29 18:53 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2013-01-04 09:05 - 2010-09-28 16:56 - 06551672 _____ () C:\Program Files\Ipswitch\WS_FTP 12\res0409.dll
2006-02-13 14:07 - 2007-08-28 01:59 - 00466944 _____ () C:\WINDOWS\system32\nvshell.dll
2009-01-10 13:23 - 2007-06-29 18:54 - 00073728 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
2004-08-09 17:00 - 2006-10-09 17:12 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-09 17:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-09 17:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-09 17:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-07-11 18:55 - 2013-07-11 18:55 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_045d4977\mscorlib.dll
2009-01-10 13:23 - 2007-06-29 18:54 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
2011-06-13 18:02 - 2008-04-15 19:55 - 01449984 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
2011-06-13 18:02 - 2008-04-15 19:48 - 04976640 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\qt-mt333.dll
2011-06-13 18:02 - 2008-04-15 19:48 - 00024064 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\XalanMessages_1_9.dll
2011-06-13 18:02 - 2008-04-15 19:48 - 00118784 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\slp.dll
2011-06-13 18:02 - 2008-04-15 19:48 - 00073728 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\zlib1.dll
2011-06-13 18:02 - 2008-04-15 19:48 - 00057344 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\boost_thread-vc71-mt-1_32.dll
2011-01-28 18:23 - 2011-01-28 18:23 - 00279904 _____ () C:\Program Files\Acronis\TrueImageHome\Common\resource.dll
2011-01-28 17:03 - 2011-01-28 17:03 - 00019808 _____ () C:\Program Files\Acronis\TrueImageHome\Common\thread_pool.dll
2011-01-28 17:04 - 2011-01-28 17:04 - 00028512 _____ () C:\Program Files\Acronis\TrueImageHome\Common\rpc_client.dll
2006-11-06 19:39 - 2005-03-21 02:36 - 00036864 _____ () C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\Security.dll
2006-11-06 19:39 - 2002-04-24 01:00 - 00110592 _____ () C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\GEMWEP.DLL
2006-11-06 19:39 - 2005-10-04 21:26 - 00081920 _____ () C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\Ralinktek.DLL
2006-11-06 19:39 - 2003-10-13 16:30 - 00094208 _____ () C:\WINDOWS\system32\GTW32N50.dll
2014-02-15 06:22 - 2014-02-15 06:22 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-21 13:07 - 2014-02-21 13:07 - 16265096 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
2013-01-04 09:05 - 2010-09-28 16:53 - 00948496 _____ () C:\Program Files\Ipswitch\WS_FTP 12\LIBEAY32.dll
2013-01-04 09:05 - 2010-09-28 16:53 - 00153360 _____ () C:\Program Files\Ipswitch\WS_FTP 12\SSLEAY32.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup
MSCONFIG\startupreg: Aim => "C:\Program Files\AIM7\aim.exe" /d locale=en-US
MSCONFIG\startupreg: HPBootOp => "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MySpaceIM => C:\Program Files\MySpace\IM\MySpaceIM.exe
MSCONFIG\startupreg: Yahoo! Pager => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Port Mouse (IntelliPoint)
Description: Microsoft PS/2 Port Mouse (IntelliPoint)
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Enhanced Mulmedia PS/2 Keyboard
Description: Enhanced Mulmedia PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 08:36:59 PM) (Source: Application Error) (User: )
Description: Fault bucket -528596633.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (03/09/2014 08:36:48 PM) (Source: Application Error) (User: )
Description: Faulting application ccSvcHst.exe, version 12.3.2.6, faulting module AVHOSTPLUGIN.DLL, version 12.1.3001.165, fault address 0x000151c1.
Processing media-specific event for [ccSvcHst.exe!ws!]


System errors:
=============
Error: (03/10/2014 08:43:36 AM) (Source: Schannel) (User: )
Description: A fatal error occurred while creating an SSL server credential.

Error: (03/09/2014 09:16:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
i8042prt

Error: (03/09/2014 09:16:11 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Quick Resume Technology Drivers service terminated with the following error:
%%2

Error: (03/09/2014 08:37:03 PM) (Source: Service Control Manager) (User: )
Description: The Symantec Endpoint Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (03/09/2014 08:36:59 PM) (Source: Application Error)(User: )
Description: -528596633

Error: (03/09/2014 08:36:48 PM) (Source: Application Error)(User: )
Description: ccSvcHst.exe12.3.2.6AVHOSTPLUGIN.DLL12.1.3001.165000151c1


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 3567.3 MB
Available physical RAM: 1798.28 MB
Total Pagefile: 5446.36 MB
Available Pagefile: 3364.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.13 MB

==================== Drives ================================

Drive c: (HP_PAVILION) (Fixed) (Total:448.67 GB) (Free:196.19 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.08 GB) (Free:8.87 GB) FAT32 ==>[Drive with boot components (Windows XP)]
Drive w: () (Network) (Total:232.88 GB) (Free:215.96 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9BA7FC07)
Partition 1: (Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=17 GB) - (Type=0C)

==================== End Of Log ============================

 

Prescott ....

Link to post
Share on other sites

Marius,

 

Tried to post both logs to the same message but the system complained the post was too long.  Here's the FRST.txt log:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2014 02
Ran by HP_Administrator (administrator) on DELL-1440N-2 on 10-03-2014 08:47:24
Running from C:\Documents and Settings\HP_Administrator\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
(APC) C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehrec.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(Sonic Solutions) C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Adobe Sytems Incorporated) C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\point32.exe
(Hewlett-Packard Company) C:\HP\KBD\KBD.EXE
(Portrait Displays, Inc) C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(Microsoft Corporation
) C:\WINDOWS\vVX6000.exe
() C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(GEMTEKS) C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Linksys) C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Ipswitch) C:\Program Files\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [143360 2006-02-21] (Intel Corporation)
HKLM\...\Run: [HPHUPD08] - c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2005-06-01] (Hewlett-Packard)
HKLM\...\Run: [DMAScheduler] - c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe [90112 2005-11-01] (Sonic Solutions)
HKLM\...\Run: [Recguard] - C:\WINDOWS\SMINST\RECGUARD.EXE [237568 2005-07-22] ()
HKLM\...\Run: [Reminder] - C:\Windows\Creator\Remind_XP.exe [663552 2004-12-13] (SoftThinks)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [Adobe Version Cue CS2] - C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-04] (Adobe Sytems Incorporated)
HKLM\...\Run: [Acrobat Assistant 7.0] - C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe [483328 2006-01-12] (Adobe Systems Inc.)
HKLM\...\Run: [intelliPoint] - C:\Program Files\Microsoft IntelliPoint\point32.exe [217088 2005-06-10] (Microsoft Corporation)
HKLM\...\Run: [KBD] - C:\HP\KBD\KBD.EXE [61440 2005-02-02] (Hewlett-Packard Company)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2006-02-13] (RealNetworks, Inc.)
HKLM\...\Run: [iMEKRMIG6.1] - C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-09] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-03] ()
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-03] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-03] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [177440 2009-08-13] (Apple Inc.)
HKLM\...\Run: [DT HPW] - C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe [278528 2007-06-29] (Portrait Displays, Inc)
HKLM\...\Run: [VX3000] - C:\WINDOWS\vVX3000.exe [721936 2008-08-04] (Microsoft Corporation)
HKLM\...\Run: [VX6000] - C:\WINDOWS\vVX6000.exe [713744 2008-08-04] (Microsoft Corporation
)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5111464 2011-01-28] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [358200 2011-01-28] (Acronis)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16384512 2007-08-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [Display] - C:\Program Files\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [520424 2013-03-06] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1338086324-3255125760-3355702696-1008\...\Run: [updateMgr] - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-1338086324-3255125760-3355702696-1008\...\Run: [TiVme Agent] - C:\Program Files\KWorld Multimedia\TiVme\ScheduleAgent.exe [115712 2009-07-24] ()
HKU\S-1-5-21-1338086324-3255125760-3355702696-1008\...\Run: [spybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1338086324-3255125760-3355702696-1025\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Startup\Pin.lnk
ShortcutTarget: Pin.lnk -> C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - Backup.Old.DefaultScope {1FA4C55F-1490-4BC0-9478-F860B66A49B1}
SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100512195935132&tb_oid=21-08-2009&tb_mrud=12-05-2010
SearchScopes: HKLM - {1FA4C55F-1490-4BC0-9478-F860B66A49B1} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyBtAtCtCtCtCtAzytA0A0EzyyBtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1875403659
SearchScopes: HKCU - DefaultScope {D3DD7841-C781-4315-A5A8-77A1B922A745} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3294791&CUI=UN79123488328400249&UM=2
SearchScopes: HKCU - Backup.Old.DefaultScope {1FA4C55F-1490-4BC0-9478-F860B66A49B1}
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100512195935132&tb_oid=21-08-2009&tb_mrud=12-05-2010
SearchScopes: HKCU - {1FA4C55F-1490-4BC0-9478-F860B66A49B1} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyBtAtCtCtCtCtAzytA0A0EzyyBtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1875403659
SearchScopes: HKCU - {B466D3DD-8CF5-4627-8B05-E0B0AB943344} URL = http://search.conduit.com/Results.aspx?ctid=CT3300024&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {D3DD7841-C781-4315-A5A8-77A1B922A745} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3294791&CUI=UN79123488328400249&UM=2
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Handler: qrev - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10\RNetPin.dll ()
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2378654A-0EAD-4AC9-A0D6-9C1651306D08}: [NameServer]68.9.16.30,68.13.16.30
Tcpip\..\Interfaces\{FCF2138F-70D1-4989-B1E5-8E1108C6D56D}: [NameServer]68.9.16.30,68.13.16.30

FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\npasxf2e.default

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2240 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2298 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1348 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\npasxf2e.default\Extensions\staged [2013-09-13]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]
FF HKLM\...\Firefox\Extensions: [{5AA8EC5C-E635-42FF-93E6-4EACD387F697}] - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{5AA8EC5C-E635-42FF-93E6-4EACD387F697}
FF Extension: XUL Cache - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{5AA8EC5C-E635-42FF-93E6-4EACD387F697} [2008-12-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\IPSFF [2013-10-04]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX® Content Upload Plugin) - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U40) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-04]
CHR Extension: (Google Drive) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-04]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-04]
CHR Extension: (Google Search) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-04]
CHR Extension: (Google Wallet) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-04]

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [763816 2011-01-28] (Acronis)
S4 Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2013-06-02] (Acronis)
R2 APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 APCPBEServer; C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe [57160 2013-09-09] (APC)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712 2009-06-05] (Apple Inc.)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S4 DB2MGMTSVC_TACOM25; C:\Program Files\Quest Software\Toad for Data Analysts 2.5\SQLLIB\BIN\db2mgmtsvc.exe [38688 2009-02-20] (International Business Machines Corporation)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [73728 2007-06-29] ()
S2 ELService; C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe [180224 2005-11-08] (Intel Corporation)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MSFtpsvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2805000 2006-12-02] (Microsoft Corporation)
R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe [144368 2013-05-25] (Symantec Corporation)
R3 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\Smc.exe [1804256 2013-05-25] (Symantec Corporation)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\snac.exe [288656 2013-05-25] (Symantec Corporation)
R2 SWAS_Core; C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [1449984 2008-04-15] ()
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WUSB54GCSVC; "C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe" "WUSB54GC.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2006-11-06] (Meetinghouse Data Communications)
R2 ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [16512 2002-07-17] (Adaptec)
S3 BCM42RLY; C:\WINDOWS\System32\BCM42RLY.SYS [17992 2005-02-01] (Broadcom Corporation)
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20140304.011\BHDrvx86.sys [1098968 2013-12-17] (Symantec Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [90624 2010-05-14] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSettings_{0807952E-B22C-403B-A5F9-93CF778D514E}; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\ccSetx86.sys [134744 2013-05-25] (Symantec Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5220 2003-05-01] (Cisco Systems, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-24] (Symantec Corporation)
S3 ELacpi; C:\WINDOWS\System32\DRIVERS\ELacpi.sys [7808 2005-11-08] (Intel Corporation)
R1 ELhid; C:\WINDOWS\System32\DRIVERS\ELhid.sys [10112 2005-11-08] (Intel Corporation)
R1 ELkbd; C:\WINDOWS\System32\DRIVERS\ELkbd.sys [6912 2005-11-08] (Intel Corporation)
R1 ELmon; C:\WINDOWS\System32\DRIVERS\ELmon.sys [7040 2005-11-08] (Intel Corporation)
R1 ELmou; C:\WINDOWS\System32\DRIVERS\ELmou.sys [6400 2005-11-08] (Intel Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-24] (Symantec Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2012-05-25] (HP)
R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2012-05-25] (HP)
R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2012-05-25] (HP)
R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20140307.011\IDSxpx86.sys [383120 2014-01-15] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20140309.024\NAVENG.SYS [93272 2013-10-04] (Symantec Corporation)
R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20140309.024\NAVEX15.SYS [1612376 2013-10-04] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 pdiddcci; C:\WINDOWS\System32\DRIVERS\pdiddcci.sys [11776 2007-06-12] (Portrait Displays, Inc.)
R3 PdiPorts; C:\WINDOWS\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
S4 RsFx0105; C:\WINDOWS\System32\DRIVERS\RsFx0105.sys [238696 2011-09-22] (Microsoft Corporation)
S3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [245504 2005-11-03] (Ralink Technology, Corp.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 SI3112; C:\WINDOWS\System32\DRIVERS\SI3112.sys [74280 2008-08-20] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2008-08-20] (Silicon Image, Inc)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [15400 2008-08-20] (Silicon Image, Inc)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSP.SYS [603224 2013-05-25] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SRTSPX.SYS [32344 2013-05-25] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\SyDvCtrl32.sys [28576 2013-05-25] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMDS.SYS [367704 2013-05-25] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMEFA.SYS [934488 2013-05-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-10-04] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\Ironx86.SYS [175264 2013-05-25] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SEP\0C010BB9\00A5.105\x86\SYMTDI.SYS [396760 2013-05-25] (Symantec Corporation)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SysPlant.sys [114080 2013-10-04] (Symantec Corporation)
R3 Teefer2; C:\WINDOWS\System32\DRIVERS\teefer.sys [149912 2013-05-25] (Symantec Corporation)
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [577024 2009-07-20] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [540160 2009-07-20] (eMPIA Technology, Inc.)
S3 VX6000; C:\WINDOWS\System32\DRIVERS\VX6000Xp.sys [2077840 2008-08-04] (Microsoft Corporation
)
S0 ftsata2; system32\DRIVERS\ftsata2.sys [X]
U4 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [X]
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 srkig; System32\drivers\emytx.sys [X]
S3 sshvnic; system32\DRIVERS\sshvnic5.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-03-10 08:47 - 2014-03-10 08:48 - 00037346 _____ () C:\Documents and Settings\HP_Administrator\Desktop\FRST.txt
2014-03-10 08:45 - 2014-03-10 08:47 - 00000000 ____D () C:\FRST
2014-03-10 08:44 - 2014-03-10 08:42 - 01145856 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FRST.exe
2014-03-09 22:43 - 2014-03-09 22:43 - 00002006 _____ () C:\Documents and Settings\HP_Administrator\Desktop\HiJackThis.lnk
2014-03-09 22:43 - 2014-03-09 22:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-09 22:43 - 2014-03-09 22:43 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\HiJackThis
2014-03-09 13:59 - 2014-03-09 14:01 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Manassas 3-3-2014 to 3-7-2014
2014-03-09 12:57 - 2014-03-09 12:57 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\UPS Documentation
2014-03-07 02:14 - 2014-03-07 02:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini030714-01.dmp
2014-03-02 11:00 - 2014-03-02 11:03 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Syracuse 2-24-2014 to 2-28-2014
2014-02-22 08:02 - 2014-02-22 12:13 - 00000600 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PUTTY.RND
2014-02-22 08:00 - 2014-02-22 08:00 - 00495616 _____ (Simon Tatham) C:\Documents and Settings\HP_Administrator\Desktop\putty.exe
2014-02-21 07:50 - 2014-02-21 07:51 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Braves IRS Issue
2014-02-19 13:50 - 2014-02-19 13:51 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\2013 Court Papers
2014-02-15 06:21 - 2014-02-15 06:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-12 21:12 - 2014-02-12 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 20:49 - 2014-02-12 20:50 - 00013532 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 20:49 - 2014-02-12 20:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-02-12 20:48 - 2014-02-12 20:49 - 00018149 _____ () C:\WINDOWS\KB2904878.log
2014-02-12 20:44 - 2014-02-12 20:48 - 00006323 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-12 20:05 - 2014-02-12 21:12 - 00017738 _____ () C:\WINDOWS\KB2916036.log
2014-02-10 22:16 - 2014-02-10 22:16 - 00005804 _____ () C:\Documents and Settings\HP_Administrator\Desktop\router.txt

==================== One Month Modified Files and Folders =======

2014-03-10 08:48 - 2014-03-10 08:47 - 00037346 _____ () C:\Documents and Settings\HP_Administrator\Desktop\FRST.txt
2014-03-10 08:47 - 2014-03-10 08:45 - 00000000 ____D () C:\FRST
2014-03-10 08:47 - 2013-12-01 14:47 - 00000378 _____ () C:\WINDOWS\Tasks\MyDefrag v4.3.1 Daily.job
2014-03-10 08:42 - 2014-03-10 08:44 - 01145856 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FRST.exe
2014-03-10 08:33 - 2007-05-15 20:11 - 00001772 ____H () C:\Documents and Settings\HP_Administrator\My Documents\Default.rdp
2014-03-10 08:25 - 2012-05-01 01:20 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 08:07 - 2012-03-31 13:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-10 07:54 - 2005-08-30 17:17 - 01486301 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-10 06:13 - 2013-12-01 14:47 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-03-10 02:02 - 2008-12-10 17:16 - 00000330 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2014-03-09 23:25 - 2012-05-01 01:20 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 22:43 - 2014-03-09 22:43 - 00002006 _____ () C:\Documents and Settings\HP_Administrator\Desktop\HiJackThis.lnk
2014-03-09 22:43 - 2014-03-09 22:43 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-09 22:43 - 2014-03-09 22:43 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Start Menu\Programs\HiJackThis
2014-03-09 22:43 - 2005-11-11 11:59 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-03-09 21:19 - 2005-08-30 17:07 - 00810336 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-09 21:16 - 2005-08-30 17:06 - 00001374 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-09 21:15 - 2005-08-30 09:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-09 21:15 - 2005-08-30 09:55 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-03-09 21:13 - 2005-08-30 17:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-09 21:09 - 2013-10-04 20:38 - 00065536 _____ () C:\WINDOWS\system32\config\Symantec.evt
2014-03-09 21:09 - 2012-12-28 08:40 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-03-09 21:09 - 2006-11-05 14:40 - 00000278 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2014-03-09 21:09 - 2006-02-13 14:06 - 00065536 _____ () C:\WINDOWS\system32\config\IntelDH.evt
2014-03-09 21:09 - 2005-08-30 17:17 - 00032542 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-09 21:08 - 2006-11-05 14:40 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2014-03-09 15:46 - 2007-03-26 17:35 - 00002533 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Bingo Tracker.lnk
2014-03-09 14:01 - 2014-03-09 13:59 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Manassas 3-3-2014 to 3-7-2014
2014-03-09 12:57 - 2014-03-09 12:57 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\UPS Documentation
2014-03-08 23:24 - 2006-02-13 14:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-03-08 15:45 - 2006-02-13 14:32 - 00002433 _____ () C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
2014-03-07 02:14 - 2006-11-06 19:51 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-07 02:13 - 2014-03-07 02:14 - 00065536 _____ () C:\WINDOWS\Minidump\Mini030714-01.dmp
2014-03-06 08:09 - 2011-08-04 04:26 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-03-05 15:47 - 2011-09-15 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2616676$
2014-03-05 15:46 - 2012-12-21 12:51 - 00547802 _____ () C:\WINDOWS\setupapi.log
2014-03-04 02:35 - 2012-05-24 00:06 - 00001861 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-03-02 11:03 - 2014-03-02 11:00 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Syracuse 2-24-2014 to 2-28-2014
2014-03-01 13:25 - 2012-04-24 22:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-22 14:02 - 2007-05-28 20:32 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Visual Studio 2005
2014-02-22 12:13 - 2014-02-22 08:02 - 00000600 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\PUTTY.RND
2014-02-22 08:58 - 2007-07-09 16:33 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Personal
2014-02-22 08:00 - 2014-02-22 08:00 - 00495616 _____ (Simon Tatham) C:\Documents and Settings\HP_Administrator\Desktop\putty.exe
2014-02-21 13:07 - 2012-03-31 13:19 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-21 13:07 - 2011-05-15 11:43 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-21 07:51 - 2014-02-21 07:50 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Braves IRS Issue
2014-02-19 13:51 - 2014-02-19 13:50 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\2013 Court Papers
2014-02-15 06:23 - 2014-02-15 06:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-12 21:31 - 2005-11-14 14:52 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-12 21:14 - 2007-05-28 20:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-02-12 21:12 - 2014-02-12 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 21:12 - 2014-02-12 20:05 - 00017738 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 21:12 - 2009-12-10 04:06 - 00489280 _____ () C:\WINDOWS\msmqinst.log
2014-02-12 21:12 - 2006-02-13 13:49 - 00473709 _____ () C:\WINDOWS\updspapi.log
2014-02-12 21:12 - 2005-08-30 17:04 - 01570914 _____ () C:\WINDOWS\tsoc.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00682282 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00355056 _____ () C:\WINDOWS\iis6.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00310321 _____ () C:\WINDOWS\MedCtrOC.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00185987 _____ () C:\WINDOWS\ocmsn.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00172034 _____ () C:\WINDOWS\tabletoc.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00073871 _____ () C:\WINDOWS\comsetup.log
2014-02-12 21:12 - 2005-08-30 17:04 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-12 21:12 - 2005-08-30 16:59 - 03418982 _____ () C:\WINDOWS\FaxSetup.log
2014-02-12 21:12 - 2005-08-30 16:59 - 01658239 _____ () C:\WINDOWS\ocgen.log
2014-02-12 21:12 - 2005-08-30 16:59 - 00612347 _____ () C:\WINDOWS\netfxocm.log
2014-02-12 21:12 - 2005-08-30 16:59 - 00171442 _____ () C:\WINDOWS\msgsocm.log
2014-02-12 20:58 - 2013-08-14 03:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-12 20:53 - 2006-11-08 18:27 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-12 20:52 - 2005-08-30 17:02 - 00000685 _____ () C:\WINDOWS\win.ini
2014-02-12 20:50 - 2014-02-12 20:49 - 00013532 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 20:50 - 2009-08-21 08:14 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-12 20:50 - 2005-08-30 17:04 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-12 20:49 - 2014-02-12 20:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-02-12 20:49 - 2014-02-12 20:48 - 00018149 _____ () C:\WINDOWS\KB2904878.log
2014-02-12 20:48 - 2014-02-12 20:44 - 00006323 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-10 22:16 - 2014-02-10 22:16 - 00005804 _____ () C:\Documents and Settings\HP_Administrator\Desktop\router.txt
2014-02-10 14:54 - 2012-04-11 03:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2656378$
2014-02-09 00:29 - 2012-03-31 13:12 - 01575954 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1338086324-3255125760-3355702696-1008-0.dat
2014-02-09 00:29 - 2012-03-18 15:16 - 00364682 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-02-09 00:09 - 2004-08-10 00:00 - 00000032 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-02-08 18:05 - 2012-03-18 13:41 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\Visual Studio 2010
2014-02-08 01:40 - 2005-08-30 17:04 - 00004889 _____ () C:\WINDOWS\setupact.log

Files to move or delete:
====================
C:\Documents and Settings\HP_Administrator\en_res.dll
C:\Documents and Settings\HP_Administrator\es_res.dll
C:\Documents and Settings\HP_Administrator\fr_res.dll
C:\Documents and Settings\HP_Administrator\grm_res.dll
C:\Documents and Settings\HP_Administrator\it_res.dll
C:\Documents and Settings\HP_Administrator\jp_res.dll
C:\Documents and Settings\HP_Administrator\mfc80u.dll
C:\Documents and Settings\HP_Administrator\msvcr80.dll
C:\Documents and Settings\HP_Administrator\PCPE Setup.exe
C:\Documents and Settings\HP_Administrator\pt_res.dll
C:\Documents and Settings\HP_Administrator\ResourceReader.dll
C:\Documents and Settings\HP_Administrator\ru_res.dll
C:\Documents and Settings\HP_Administrator\zh_res.dll


Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator\Local Settings\temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\HP_Administrator\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\HP_Administrator\Local Settings\temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\HP_Administrator\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Prescott ...

Link to post
Share on other sites

Marius,

 

Fixed my Symantec Endpoint Protection issues by upgrading to v2.1.4013.4013.  I was able to finish the GMER scan, the log is below.

 

ark.txt:

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-10 21:19:33
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HDS721050CLA362 rev.JP2OA39C 465.76GB
Running: 4xu9zeor.exe; Driver: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\kwdiypog.sys


---- System - GMER 2.1 ----

SSDT            8AAC4730                                                                                                                                ZwAlertResumeThread
SSDT            8AAC47C8                                                                                                                                ZwAlertThread
SSDT            8AB3B980                                                                                                                                ZwAllocateVirtualMemory
SSDT            8AB207A0                                                                                                                                ZwAssignProcessToJobObject
SSDT            8AB83DF8                                                                                                                                ZwConnectPort
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                                                                                            ZwCreateKey [0xAFA3CF50]
SSDT            8AB20B50                                                                                                                                ZwCreateMutant
SSDT            8AB5AF38                                                                                                                                ZwCreateSymbolicLinkObject
SSDT            8A9C2420                                                                                                                                ZwCreateThread
SSDT            8AB20838                                                                                                                                ZwDebugActiveProcess
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                                                                                            ZwDeleteKey [0xAFA3D1D0]
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                                                                                            ZwDeleteValueKey [0xAFA3D890]
SSDT            8AAEA780                                                                                                                                ZwDuplicateObject
SSDT            8AB3C980                                                                                                                                ZwFreeVirtualMemory
SSDT            8AB20BF8                                                                                                                                ZwImpersonateAnonymousToken
SSDT            8AB20C90                                                                                                                                ZwImpersonateThread
SSDT            8AB991B8                                                                                                                                ZwLoadDriver
SSDT            8AB3C8E8                                                                                                                                ZwMapViewOfSection
SSDT            8AB20AB8                                                                                                                                ZwOpenEvent
SSDT            8AAC9A28                                                                                                                                ZwOpenProcess
SSDT            8AB3BA08                                                                                                                                ZwOpenProcessToken
SSDT            8AB20988                                                                                                                                ZwOpenSection
SSDT            8A9C4A38                                                                                                                                ZwOpenThread
SSDT            8AB5AFC0                                                                                                                                ZwProtectVirtualMemory
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                                                                                            ZwRenameKey [0xAFA3DDF0]
SSDT            8AAC4860                                                                                                                                ZwResumeThread
SSDT            8AB3C730                                                                                                                                ZwSetContextThread
SSDT            8AB3C7C8                                                                                                                                ZwSetInformationProcess
SSDT            8AB208D0                                                                                                                                ZwSetSystemInformation
SSDT            \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS                                                                                            ZwSetValueKey [0xAFA3DB10]
SSDT            8AB20A20                                                                                                                                ZwSuspendProcess
SSDT            8AAC48F8                                                                                                                                ZwSuspendThread
SSDT            8A9C2D10                                                                                                                                ZwTerminateProcess
SSDT            8AAC4990                                                                                                                                ZwTerminateThread
SSDT            8AB3C870                                                                                                                                ZwUnmapViewOfSection
SSDT            8AB3B8F8                                                                                                                                ZwWriteVirtualMemory

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                                  tdrpm273.sys
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                                SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                                fssfltr_tdi.sys
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                                                 ELkbd.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                               SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                               fssfltr_tdi.sys
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                                                                  tdrpm273.sys
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                                                                  fltmgr.sys
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                                                                  tdrpm273.sys
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                                                                  fltmgr.sys

Device          \Driver\MountMgr \Device\MountPointManager                                                                                              SysPlant.sys

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                               SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                               fssfltr_tdi.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                             SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                             fssfltr_tdi.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                tdrpm273.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                fltmgr.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\NAVENG@ImagePath                                                                                 \??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140309.024\NAVENG.SYS
Reg             HKLM\SYSTEM\CurrentControlSet\Services\NAVENG                                                                                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\NAVEX15@ImagePath                                                                                \??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140309.024\NAVEX15.SYS
Reg             HKLM\SYSTEM\CurrentControlSet\Services\NAVEX15                                                                                          
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall                                                                                   
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}                                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@RollbackOptions                            0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@InstallMode                                0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@CurrentScript                              C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Scripts\installscript.sis
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@FailScript                                 C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Scripts\failure.sis
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@StartupScript                              C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Scripts\startup.sis
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@TempFileStoreNonTransactedRoot             C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\NonTransactedTemp\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@CurrentPosition                            2164828
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@LogFile                                    C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Install\Logs\SIS_INST.LOG
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@LogLevel                                   2
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@MSIFlag                                    1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@TempFileStoreNonTransactFileNum            56
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@ExecutorInProgress                         1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@PushedScriptFile                           C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Scripts\installscript.sis
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@PushedScriptPosition                       2160304
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall\{974A0163-23BB-4C9D-A3C2-611667F7A450}@ExecutorInCommitMode                       1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\SepTempInstall                                                                                   
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4F56621B39E44BA47BCF7350B3256492\Usage@SoleFeature  1147804255
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71                                                               
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@Core                                                          
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@SAVMain                                                       Core
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@Download                                                      SAVMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@OutlookSnapin                                                 SAVMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@Pop3Smtp                                                      SAVMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@PTPMain                                                       Core
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@TruScan                                                       PTPMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@DCMain                                                        PTPMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@NTPMain                                                       Core
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@ITPMain                                                       NTPMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@Firewall                                                      NTPMain
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@LANG1033                                                      Core
Reg             HKLM\SOFTWARE\Classes\Installer\Features\C46E39683F618834CA0CE9D885B6CE71@NotesSnapin                                                   ?SAVMain
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71                                                               
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@ProductName                                                   Symantec Endpoint Protection
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@PackageCode                                                   10F211E9EE25FFD49AC00A872A3795D6
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@Language                                                      1033
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@Version                                                       201395129
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@Assignment                                                    1
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@AdvertiseFlags                                                388
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@InstanceType                                                  0
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@AuthorizedLUAApp                                              0
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@DeploymentFlags                                               3
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71@Clients                                                       :?
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList                                                    
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList@PackageName                                        Sep.msi
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList@LastUsedSource                                     n;1;C:\WINDOWS\Temp\SEPTEMP_1\
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList\Media                                              
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList\Media@1                                            ;
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList\Net                                                
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList\Net@1                                              C:\WINDOWS\Temp\SEPTEMP_1\
Reg             HKLM\SOFTWARE\Classes\Installer\Products\C46E39683F618834CA0CE9D885B6CE71\SourceList\Net@2                                              C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Cached Installs\
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4EB2B338-6247-46FE-2F20-9FDF0609CD48}                         

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----
 

Link to post
Share on other sites

Fix with FRST (normal mode)

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Results of FRST.exe fix:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-03-2014 02
Ran by HP_Administrator at 2014-03-11 19:56:03 Run:1
Running from C:\Documents and Settings\HP_Administrator\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - Backup.Old.DefaultScope {1FA4C55F-1490-4BC0-9478-F860B66A49B1}
SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect...dir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100512195935132&tb_oid=21-08-2009&tb_mrud=12-05-2010
SearchScopes: HKLM - {1FA4C55F-1490-4BC0-9478-F860B66A49B1} URL = http://start.funmood...ults.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtCyBtAtCtCtCtCtAzytA0A0EzyyBtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1875403659
SearchScopes: HKCU - DefaultScope {D3DD7841-C781-4315-A5A8-77A1B922A745} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3294791&CUI=UN79123488328400249&UM=2
SearchScopes: HKCU - Backup.Old.DefaultScope {1FA4C55F-1490-4BC0-9478-F860B66A49B1}
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect...dir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100512195935132&tb_oid=21-08-2009&tb_mrud=12-05-2010
SearchScopes: HKCU - {1FA4C55F-1490-4BC0-9478-F860B66A49B1} URL = http://search.condui...urce=45&UM=2&q={searchTerms}
SearchScopes: HKCU - {D3DD7841-C781-4315-A5A8-77A1B922A745} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3294791&CUI=UN79123488328400249&UM=2

*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0B4A10D1-FBD6-451d-BFDA-F03252B05984} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FA4C55F-1490-4BC0-9478-F860B66A49B1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1FA4C55F-1490-4BC0-9478-F860B66A49B1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0B4A10D1-FBD6-451d-BFDA-F03252B05984} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FA4C55F-1490-4BC0-9478-F860B66A49B1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1FA4C55F-1490-4BC0-9478-F860B66A49B1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B466D3DD-8CF5-4627-8B05-E0B0AB943344} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B466D3DD-8CF5-4627-8B05-E0B0AB943344} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D3DD7841-C781-4315-A5A8-77A1B922A745} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D3DD7841-C781-4315-A5A8-77A1B922A745} => Key not found.

==== End of Fixlog ====

 

 

Prescott ....

Link to post
Share on other sites

Results of TDSSKiller (kept getting error "post too long, so I had to split it up)::

 

19:58:27.0871 0x11a8  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
19:58:41.0417 0x11a8  ============================================================
19:58:41.0417 0x11a8  Current date / time: 2014/03/11 19:58:41.0417
19:58:41.0417 0x11a8  SystemInfo:
19:58:41.0417 0x11a8  
19:58:41.0417 0x11a8  OS Version: 5.1.2600 ServicePack: 3.0
19:58:41.0417 0x11a8  Product type: Workstation
19:58:41.0417 0x11a8  ComputerName: DELL-1440N-2
19:58:41.0417 0x11a8  UserName: HP_Administrator
19:58:41.0417 0x11a8  Windows directory: C:\WINDOWS
19:58:41.0417 0x11a8  System windows directory: C:\WINDOWS
19:58:41.0417 0x11a8  Processor architecture: Intel x86
19:58:41.0417 0x11a8  Number of processors: 4
19:58:41.0417 0x11a8  Page size: 0x1000
19:58:41.0417 0x11a8  Boot type: Normal boot
19:58:41.0417 0x11a8  ============================================================
19:58:46.0479 0x11a8  KLMD registered as C:\WINDOWS\system32\drivers\29853979.sys
19:58:47.0667 0x11a8  System UUID: {01A1439F-3AE4-B4B3-FC77-56608ADB9C88}
19:58:50.0323 0x11a8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:58:50.0323 0x11a8  ============================================================
19:58:50.0323 0x11a8  \Device\Harddisk0\DR0:
19:58:50.0323 0x11a8  MBR partitions:
19:58:50.0323 0x11a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3815680B
19:58:50.0323 0x11a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x3815684A, BlocksNum 0x222E3F7
19:58:50.0323 0x11a8  ============================================================
19:58:50.0370 0x11a8  C: <-> \Device\Harddisk0\DR0\Partition1
19:58:50.0401 0x11a8  D: <-> \Device\Harddisk0\DR0\Partition2
19:58:50.0401 0x11a8  ============================================================
19:58:50.0401 0x11a8  Initialize success
19:58:50.0401 0x11a8  ============================================================
19:59:03.0572 0x14f0  ============================================================
19:59:03.0572 0x14f0  Scan started
19:59:03.0572 0x14f0  Mode: Manual;
19:59:03.0572 0x14f0  ============================================================
19:59:03.0572 0x14f0  KSN ping started
19:59:05.0931 0x14f0  KSN ping finished: true
19:59:07.0244 0x14f0  ================ Scan system memory ========================
19:59:20.0603 0x14f0  System memory - ok
19:59:20.0603 0x14f0  ================ Scan services =============================
19:59:21.0259 0x14f0  [ 914A9709FC3BF419AD2F85547F2A4832, 37757BC684D39073B92ECF5C92E1F2A4482D8A8AE16F168EBB0353A34059CA2E ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
19:59:21.0274 0x14f0  61883 - ok
19:59:21.0681 0x14f0  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:59:21.0696 0x14f0  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:59:21.0696 0x14f0  Abiosdsk - ok
19:59:21.0712 0x14f0  abp480n5 - ok
19:59:21.0806 0x14f0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:59:21.0806 0x14f0  ACPI - ok
19:59:21.0853 0x14f0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:59:21.0868 0x14f0  ACPIEC - ok
19:59:22.0181 0x14f0  [ EB0D7932F222C544FB3F4FC1B21ECF53, 5C6F08EE03E400C71E59644B54008158E1F9D4D426F656581B895F2F5078EF4D ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
19:59:22.0196 0x14f0  AcrSch2Svc - ok
19:59:22.0259 0x14f0  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:59:22.0306 0x14f0  Adobe LM Service - ok
19:59:22.0493 0x14f0  [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
19:59:22.0556 0x14f0  Adobe Version Cue CS2 - ok
19:59:22.0681 0x14f0  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:59:22.0712 0x14f0  AdobeFlashPlayerUpdateSvc - ok
19:59:22.0712 0x14f0  adpu160m - ok
19:59:22.0806 0x14f0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:59:22.0806 0x14f0  aec - ok
19:59:22.0931 0x14f0  [ 2F7F3E8DA380325866E566F5D5EC23D5, 7459FA443187DA12879CF6772A4D5CA29BACB0B2A6D70E78A7EAD6AE55EE626E ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:59:22.0931 0x14f0  AegisP - ok
19:59:23.0040 0x14f0  [ 53696AD8FFC5FAC51949A525FF65A689, 6233D5407670052A922897B7845DDEE285794613C9F58183D38726FB15B27944 ] afcdp           C:\WINDOWS\system32\DRIVERS\afcdp.sys
19:59:23.0040 0x14f0  afcdp - ok
19:59:24.0555 0x14f0  [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
19:59:24.0618 0x14f0  afcdpsrv - ok
19:59:24.0805 0x14f0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:59:24.0805 0x14f0  AFD - ok
19:59:24.0868 0x14f0  [ 2B18BA73927F65CFB1137CC8DC74C557, E5E0BB71F0D00671F3D0B563AC65AA18A6B8131B94F38C19F9DBA41809EEB909 ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
19:59:24.0899 0x14f0  AgereModemAudio - ok
19:59:25.0477 0x14f0  [ 7560F465F1CE69C53BF17559EE195548, 18D134C393FBD4E28464F090BE7B32CC6B39BC8B835F06DBE689DDE38847AD6F ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:59:25.0837 0x14f0  AgereSoftModem - ok
19:59:25.0852 0x14f0  Aha154x - ok
19:59:25.0852 0x14f0  aic78u2 - ok
19:59:25.0852 0x14f0  aic78xx - ok
19:59:25.0899 0x14f0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:59:25.0899 0x14f0  Alerter - ok
19:59:25.0946 0x14f0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
19:59:25.0946 0x14f0  ALG - ok
19:59:25.0946 0x14f0  AliIde - ok
19:59:25.0962 0x14f0  amsint - ok
19:59:26.0009 0x14f0  [ 107AB19CC1D40B9D04537F6EEAAC34C9, 3EE00EFCBF80CD4470EAF90C39285B35749EC9CC5822B882379D3D40400E1815 ] APC Data Service C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
19:59:26.0009 0x14f0  APC Data Service - ok
19:59:26.0212 0x14f0  [ C7F8C8080B055B3DE9A8141DFD8E308A, E4BB4EA75B8DEF4D410CC0B9EABE487F9207057E76BB8FB30326135659E5241A ] APC UPS Service C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
19:59:26.0227 0x14f0  APC UPS Service - ok
19:59:26.0368 0x14f0  [ FFE0C28CD48024973E9C24413376A76C, 26DA4FB7A2737621169094FA468F7D4466612FD71FB5DA1CFA76205BEA01E342 ] APCPBEServer    C:\PROGRA~1\APC\POWERC~2\server\PBESER~1.EXE
19:59:26.0368 0x14f0  APCPBEServer - ok
19:59:26.0477 0x14f0  [ 7E94E567C1AA5ABE6174032B3DAB6C23, 8F7A76309147945AE42A0875A23F3EA76E60C493E3A3317982566878A319BF25 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:59:26.0477 0x14f0  Apple Mobile Device - ok
19:59:26.0602 0x14f0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:59:26.0649 0x14f0  AppMgmt - ok
19:59:26.0696 0x14f0  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:59:26.0712 0x14f0  Arp1394 - ok
19:59:26.0712 0x14f0  asc - ok
19:59:26.0727 0x14f0  asc3350p - ok
19:59:26.0727 0x14f0  asc3550 - ok
19:59:26.0774 0x14f0  [ 54AB078660E536DA72B21A27F56B035B, 41FA4D644EBC12AC8768D3D0EC12FF4E31FE0A7FE5E049432132710A1ED4E500 ] ASPI32          C:\WINDOWS\system32\drivers\aspi32.sys
19:59:26.0774 0x14f0  ASPI32 - ok
19:59:26.0946 0x14f0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:59:27.0055 0x14f0  aspnet_state - ok
19:59:27.0102 0x14f0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:59:27.0118 0x14f0  AsyncMac - ok
19:59:27.0149 0x14f0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:59:27.0149 0x14f0  atapi - ok
19:59:27.0149 0x14f0  Atdisk - ok
19:59:27.0196 0x14f0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:59:27.0227 0x14f0  Atmarpc - ok
19:59:27.0290 0x14f0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:59:27.0290 0x14f0  AudioSrv - ok
19:59:27.0446 0x14f0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:59:27.0446 0x14f0  audstub - ok
19:59:27.0508 0x14f0  [ F8E6956A614F15A0860474C5E2A7DE6B, A745F2AA8F9F90AC7FC63D4DD1CD93070050405026AE4ECBDB9C8754A23C569C ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
19:59:27.0524 0x14f0  Avc - ok
19:59:27.0649 0x14f0  [ 3AA177F7CDC6AC1732D9C43E1C029EA7, A11C6315CF4D3F263CEB9DE4CDB4A85BF48F9FB60A69FFF367A6C7858009DFD2 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
19:59:27.0649 0x14f0  b57w2k - ok
19:59:27.0743 0x14f0  [ 438179ABE9B7A922A21B8D6369FF52FF, 94B510A2CDB84A03E7CEFB5CED99EA702973D68489339D664EF80771DF67D21E ] BCM42RLY        C:\WINDOWS\System32\BCM42RLY.SYS
19:59:27.0758 0x14f0  BCM42RLY - ok
19:59:27.0805 0x14f0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:59:27.0805 0x14f0  Beep - ok
19:59:28.0446 0x14f0  [ B7150272AADDCC6F0EFDB8BEF1CD7376, 9FA3E9AD868F48917BDDBEA7E57FED7DCA699DDC751936CD03864D6D01FB2F7A ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140304.011\BHDrvx86.sys
19:59:28.0462 0x14f0  BHDrvx86 - ok
19:59:28.0649 0x14f0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:59:28.0649 0x14f0  BITS - ok
19:59:28.0883 0x14f0  [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
19:59:28.0899 0x14f0  Blackberry Device Manager - ok
19:59:28.0962 0x14f0  [ 1FF4991A46755C5BA228CA8A935D3A27, D3395F6F176BA5C008188D2C8A9ACE9B4DAB9C24462D2A0C167D9141ACBBCE9D ] Blfp            C:\WINDOWS\system32\DRIVERS\baspxp32.sys
19:59:29.0008 0x14f0  Blfp - ok
19:59:29.0102 0x14f0  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:59:29.0180 0x14f0  Bonjour Service - ok
19:59:29.0243 0x14f0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
19:59:29.0243 0x14f0  Browser - ok
19:59:29.0258 0x14f0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:59:29.0274 0x14f0  cbidf2k - ok
19:59:29.0321 0x14f0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:59:29.0336 0x14f0  CCDECODE - ok
19:59:29.0430 0x14f0  [ 0D38EFACCEE90AD18740D28D1AE765CC, 6DFD6968F005F18D9E81AAE0729C91B2862010706A9FBB9A54809A87A632958A ] ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450} C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys
19:59:29.0446 0x14f0  ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450} - ok
19:59:29.0446 0x14f0  cd20xrnt - ok
19:59:29.0493 0x14f0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:59:29.0493 0x14f0  Cdaudio - ok
19:59:29.0571 0x14f0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:59:29.0571 0x14f0  Cdfs - ok
19:59:29.0602 0x14f0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:59:29.0946 0x14f0  Cdrom - ok
19:59:29.0961 0x14f0  Changer - ok
19:59:29.0977 0x14f0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:59:29.0993 0x14f0  CiSvc - ok
19:59:30.0008 0x14f0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:59:30.0024 0x14f0  ClipSrv - ok
19:59:30.0149 0x14f0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:59:30.0727 0x14f0  clr_optimization_v2.0.50727_32 - ok
19:59:30.0868 0x14f0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:59:31.0102 0x14f0  clr_optimization_v4.0.30319_32 - ok
19:59:31.0118 0x14f0  CmdIde - ok
19:59:31.0258 0x14f0  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:59:31.0321 0x14f0  Compbatt - ok
19:59:31.0336 0x14f0  COMSysApp - ok
19:59:31.0336 0x14f0  Cpqarray - ok
19:59:31.0446 0x14f0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:59:31.0446 0x14f0  CryptSvc - ok
19:59:31.0524 0x14f0  [ CB7D7C0E74ADCB7DA96D08EC8DB86062, 8B7A528F42F90A36890233394E1F36B33306172F59D42D8396F0B6C4E16C791B ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
19:59:31.0555 0x14f0  CVirtA - ok
19:59:31.0602 0x14f0  dac2w2k - ok
19:59:31.0618 0x14f0  dac960nt - ok
19:59:31.0868 0x14f0  [ 2E4F0F57A466EA40530B489D1DA6A907, 7D4832DBA589685B7CE7C3B3BE107EAAC474A915E4D7809E241B8F0F8EF47DBF ] DB2MGMTSVC_TACOM25 C:\Program Files\Quest Software\Toad for Data Analysts 2.5\SQLLIB\BIN\db2mgmtsvc.exe
19:59:31.0914 0x14f0  DB2MGMTSVC_TACOM25 - ok
19:59:32.0071 0x14f0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:59:32.0071 0x14f0  DcomLaunch - ok
19:59:32.0180 0x14f0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:59:32.0180 0x14f0  Dhcp - ok
19:59:32.0243 0x14f0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:59:32.0399 0x14f0  Disk - ok
19:59:32.0399 0x14f0  dmadmin - ok
19:59:32.0649 0x14f0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:59:33.0118 0x14f0  dmboot - ok
19:59:33.0321 0x14f0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:59:33.0524 0x14f0  dmio - ok
19:59:33.0555 0x14f0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:59:33.0555 0x14f0  dmload - ok
19:59:33.0602 0x14f0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:59:33.0602 0x14f0  dmserver - ok
19:59:33.0618 0x14f0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:59:33.0618 0x14f0  DMusic - ok
19:59:33.0696 0x14f0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:59:33.0696 0x14f0  Dnscache - ok
19:59:33.0774 0x14f0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:59:33.0805 0x14f0  Dot3svc - ok
19:59:33.0821 0x14f0  dpti2o - ok
19:59:33.0821 0x14f0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:59:33.0821 0x14f0  drmkaud - ok
19:59:33.0914 0x14f0  [ 2291E476E6F80E8287E6C7372B793C17, 21870459CBDC3118F63FD2A87BC6C9161A9E1DF6692CA993557B3E914BD8B03A ] DTSRVC          C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
19:59:33.0914 0x14f0  DTSRVC - ok
19:59:34.0008 0x14f0  [ 95974E66D3DE4951D29E28E8BC0B644C, 5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:59:34.0055 0x14f0  E100B - ok
19:59:34.0086 0x14f0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:59:34.0117 0x14f0  EapHost - ok
19:59:34.0258 0x14f0  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:59:34.0274 0x14f0  eeCtrl - ok
19:59:34.0367 0x14f0  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
19:59:34.0383 0x14f0  ehSched - ok
19:59:34.0414 0x14f0  [ 1976FEDF6D7F87135C9B7F5CB4C8C868, 2C38699068913BA69DEBFC6485F64F9EF7B678EFF0C4E7CC820A047ADAEBBA99 ] ELacpi          C:\WINDOWS\system32\DRIVERS\ELacpi.sys
19:59:34.0539 0x14f0  ELacpi - ok
19:59:34.0586 0x14f0  [ AE65C02444907966378454138B9F99F0, 9AE6EAD97BD2FBAE39275FEDB944DAA2FA2BFFE1E3A2152D04EF604E088B73BE ] ELhid           C:\WINDOWS\system32\DRIVERS\ELhid.sys
19:59:34.0602 0x14f0  ELhid - ok
19:59:34.0602 0x14f0  [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1, 8C9D81CC283955C5C04BF28E133022996D0B0F6C43AF87FD3675C099E0EC9BA6 ] ELkbd           C:\WINDOWS\system32\DRIVERS\ELkbd.sys
19:59:34.0711 0x14f0  ELkbd - ok
19:59:34.0711 0x14f0  [ 0D87CB825ED6CB2EBCC147A10A42F1D6, 6636B40D654A36CCE1E8F0C6B02F0091F67C0229D4688500FB1CB6472F1C9195 ] ELmon           C:\WINDOWS\system32\DRIVERS\ELmon.sys
19:59:34.0711 0x14f0  ELmon - ok
19:59:34.0727 0x14f0  [ A4ADD3847B67BACAB6FC851A2B60FDB3, 0535B821D53AFC2103E47834A26781D4CF42CDB76E02CCA9D06FB5FAED6F5969 ] ELmou           C:\WINDOWS\system32\DRIVERS\ELmou.sys
19:59:34.0727 0x14f0  ELmou - ok
19:59:34.0821 0x14f0  [ D1DE16926C682DCD3D99AE5500CA5522, B08DED88C1E4EBE17E8AC6E96F8AD0E459E87B2EBD7202C882113835A8A2C597 ] ELService       C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe
19:59:34.0821 0x14f0  ELService - ok
19:59:34.0821 0x14f0  EraserUtilDrv11312 - ok
19:59:34.0883 0x14f0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:59:34.0899 0x14f0  ERSvc - ok
19:59:35.0039 0x14f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
19:59:35.0039 0x14f0  Eventlog - ok
19:59:35.0149 0x14f0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
19:59:35.0149 0x14f0  EventSystem - ok
19:59:35.0227 0x14f0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:59:35.0242 0x14f0  Fastfat - ok
19:59:35.0336 0x14f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:59:35.0367 0x14f0  FastUserSwitchingCompatibility - ok
19:59:35.0492 0x14f0  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:59:35.0555 0x14f0  Fax - ok
19:59:35.0602 0x14f0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
19:59:35.0711 0x14f0  Fdc - ok
19:59:35.0742 0x14f0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:59:35.0742 0x14f0  Fips - ok
19:59:35.0805 0x14f0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:59:35.0805 0x14f0  Flpydisk - ok
19:59:35.0899 0x14f0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:59:35.0946 0x14f0  FltMgr - ok
19:59:36.0008 0x14f0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:59:36.0039 0x14f0  FontCache3.0.0.0 - ok
19:59:36.0086 0x14f0  [ E0087225B137E57239FF40F8AE82059B, A03EF9778F267EEBBAD8F72AC0E492872AF73BCA435CCF5C336A8475046B1672 ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
19:59:36.0086 0x14f0  fssfltr - ok
19:59:36.0352 0x14f0  [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:59:36.0539 0x14f0  fsssvc - ok
19:59:36.0586 0x14f0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:59:36.0586 0x14f0  Fs_Rec - ok
19:59:36.0633 0x14f0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:59:36.0664 0x14f0  Ftdisk - ok
19:59:36.0664 0x14f0  ftsata2 - ok
19:59:36.0727 0x14f0  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:59:36.0727 0x14f0  GEARAspiWDM - ok
19:59:36.0774 0x14f0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:59:36.0774 0x14f0  Gpc - ok
19:59:36.0977 0x14f0  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:59:36.0977 0x14f0  gupdate - ok
19:59:37.0117 0x14f0  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:59:37.0117 0x14f0  gupdatem - ok
19:59:37.0227 0x14f0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:59:37.0227 0x14f0  HDAudBus - ok
19:59:37.0680 0x14f0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:59:37.0680 0x14f0  helpsvc - ok
19:59:37.0742 0x14f0  [ 748031FF4FE45CCC47546294905FEAB8, 451E5988529997C60CC4A43B71D35BDA8596D799E86A44218B32CBEC8F8BBF27 ] HidBatt         C:\WINDOWS\system32\DRIVERS\HidBatt.sys
19:59:37.0758 0x14f0  HidBatt - ok
19:59:37.0867 0x14f0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:59:37.0867 0x14f0  HidServ - ok
19:59:37.0914 0x14f0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:59:37.0977 0x14f0  HidUsb - ok
19:59:38.0070 0x14f0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:59:38.0117 0x14f0  hkmsvc - ok
19:59:38.0117 0x14f0  hpn - ok
19:59:38.0180 0x14f0  [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:59:38.0274 0x14f0  HPZid412 - ok
19:59:38.0352 0x14f0  [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:59:38.0352 0x14f0  HPZipr12 - ok
19:59:38.0399 0x14f0  [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:59:38.0461 0x14f0  HPZius12 - ok
19:59:38.0711 0x14f0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:59:38.0727 0x14f0  HTTP - ok
19:59:38.0805 0x14f0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:59:38.0805 0x14f0  HTTPFilter - ok
19:59:38.0805 0x14f0  i2omgmt - ok
19:59:38.0820 0x14f0  i2omp - ok
19:59:38.0899 0x14f0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:59:38.0899 0x14f0  i8042prt - ok
19:59:38.0977 0x14f0  [ BA523965D72D750FAD439EA51D633BAE, D451C088152B4BF3EAC24F27B20E956FA7644C091F634EEE6F7CED413F39CC87 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:59:38.0992 0x14f0  IAANTMON - ok
19:59:39.0102 0x14f0  [ 88B1943ECFF661F765228099138CF6AB, 66E1BDDE914802CDE3DDCD2B6180803CC919735E76E6921283464CD3A89202E2 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:59:39.0164 0x14f0  iaStor - ok
19:59:39.0242 0x14f0  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:59:39.0273 0x14f0  IDriverT - ok
19:59:39.0602 0x14f0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:59:39.0914 0x14f0  idsvc - ok
19:59:40.0117 0x14f0  [ 53380A4F623C73F10DF809D273AB092B, D851B4CE6EFBA4B25E52CD5455D1750016BAC263D8F5C277AB0874BD03923DE3 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140309.011\IDSxpx86.sys
19:59:40.0133 0x14f0  IDSxpx86 - ok
19:59:40.0289 0x14f0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] IISADMIN        C:\WINDOWS\system32\inetsrv\inetinfo.exe
19:59:40.0289 0x14f0  IISADMIN - ok
19:59:40.0336 0x14f0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:59:40.0352 0x14f0  Imapi - ok
19:59:40.0430 0x14f0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:59:40.0445 0x14f0  ImapiService - ok
19:59:40.0445 0x14f0  ini910u - ok
19:59:41.0883 0x14f0  [ B1A809E7FE19BECD5ACA61F0E7088C8C, C532ACECDF0BBDC259BE7E2009780DCB2D5DBA67B8196787BC55FD8133EBE970 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:59:41.0961 0x14f0  IntcAzAudAddService - ok
19:59:41.0992 0x14f0  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
19:59:41.0992 0x14f0  IntelIde - ok
19:59:42.0070 0x14f0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:59:42.0070 0x14f0  intelppm - ok
19:59:42.0101 0x14f0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:59:42.0117 0x14f0  Ip6Fw - ok
19:59:42.0164 0x14f0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:59:42.0164 0x14f0  IpFilterDriver - ok
19:59:42.0180 0x14f0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:59:42.0195 0x14f0  IpInIp - ok
19:59:42.0289 0x14f0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:59:42.0289 0x14f0  IpNat - ok
19:59:42.0320 0x14f0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:59:42.0320 0x14f0  IPSec - ok
19:59:42.0351 0x14f0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:59:42.0367 0x14f0  IRENUM - ok
19:59:42.0398 0x14f0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:59:42.0445 0x14f0  isapnp - ok
19:59:42.0617 0x14f0  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:59:42.0617 0x14f0  JavaQuickStarterService - ok
19:59:42.0664 0x14f0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:59:42.0695 0x14f0  Kbdclass - ok
19:59:42.0711 0x14f0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:59:42.0726 0x14f0  kbdhid - ok
19:59:42.0820 0x14f0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:59:42.0820 0x14f0  kmixer - ok
19:59:42.0898 0x14f0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:59:42.0914 0x14f0  KSecDD - ok
19:59:42.0992 0x14f0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:59:42.0992 0x14f0  lanmanserver - ok
19:59:43.0086 0x14f0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:59:43.0086 0x14f0  lanmanworkstation - ok
19:59:43.0086 0x14f0  lbrtfdc - ok
19:59:43.0164 0x14f0  [ 9696786759C4B43FA5C894747E893EA2, 4E68CD3A109EF892F09E2A2E7805A53969B512E7F427A09880E2C2082513929F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:59:43.0164 0x14f0  LightScribeService - ok
19:59:43.0258 0x14f0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:59:43.0258 0x14f0  LmHosts - ok
19:59:43.0320 0x14f0  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:59:43.0320 0x14f0  MBAMProtector - ok
19:59:43.0539 0x14f0  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:59:43.0555 0x14f0  MBAMScheduler - ok
19:59:43.0820 0x14f0  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:59:43.0820 0x14f0  MBAMService - ok
19:59:43.0883 0x14f0  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:59:43.0914 0x14f0  MBAMSwissArmy - ok
19:59:43.0976 0x14f0  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
19:59:43.0976 0x14f0  McrdSvc - ok
19:59:44.0148 0x14f0  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:59:44.0148 0x14f0  MDM - ok
19:59:44.0195 0x14f0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:59:44.0211 0x14f0  Messenger - ok
19:59:44.0273 0x14f0  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
19:59:44.0304 0x14f0  MHN - ok
19:59:44.0351 0x14f0  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:59:44.0367 0x14f0  MHNDRV - ok
19:59:44.0445 0x14f0  Microsoft SharePoint Workspace Audit Service - ok
19:59:44.0476 0x14f0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:59:44.0476 0x14f0  mnmdd - ok
19:59:44.0539 0x14f0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:59:44.0554 0x14f0  mnmsrvc - ok
19:59:44.0601 0x14f0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:59:44.0664 0x14f0  Modem - ok
19:59:44.0679 0x14f0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:59:44.0679 0x14f0  Mouclass - ok
19:59:44.0758 0x14f0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:59:44.0758 0x14f0  mouhid - ok
19:59:44.0804 0x14f0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:59:44.0820 0x14f0  MountMgr - ok
19:59:44.0914 0x14f0  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:59:44.0945 0x14f0  MozillaMaintenance - ok
19:59:45.0039 0x14f0  [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
19:59:45.0054 0x14f0  MPE - ok
19:59:45.0054 0x14f0  mraid35x - ok
19:59:45.0133 0x14f0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:59:45.0133 0x14f0  MRxDAV - ok
19:59:45.0304 0x14f0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:59:45.0304 0x14f0  MRxSmb - ok
19:59:45.0492 0x14f0  [ 514CF97979C166A47B82128DC344D80E, BED755CAA838FA1999D24C88D1FDF45147E129C7EFA247A4EF442A517A3F383B ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
19:59:45.0492 0x14f0  MSCamSvc - ok
19:59:45.0554 0x14f0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:59:45.0586 0x14f0  MSDTC - ok
19:59:45.0695 0x14f0  [ 1477849772712BAC69C144DCF2C9CE81, A74C2FF6F7EE5564E783C689534A5EC3D626F0277E9707A21E36980908836922 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
19:59:45.0726 0x14f0  MSDV - ok
19:59:45.0758 0x14f0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:59:45.0773 0x14f0  Msfs - ok
19:59:45.0804 0x14f0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] MSFtpsvc        C:\WINDOWS\system32\inetsrv\inetinfo.exe
19:59:45.0804 0x14f0  MSFtpsvc - ok
19:59:45.0804 0x14f0  MSIServer - ok
19:59:45.0820 0x14f0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:59:45.0820 0x14f0  MSKSSRV - ok
19:59:45.0820 0x14f0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:59:45.0836 0x14f0  MSPCLOCK - ok
19:59:45.0836 0x14f0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:59:45.0836 0x14f0  MSPQM - ok
19:59:45.0898 0x14f0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:59:45.0898 0x14f0  mssmbios - ok
19:59:45.0992 0x14f0  MSSQL$SQLEXPRESS - ok
19:59:46.0070 0x14f0  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:59:46.0086 0x14f0  MSSQLServerADHelper100 - ok
19:59:46.0133 0x14f0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:59:46.0133 0x14f0  MSTEE - ok
19:59:47.0132 0x14f0  [ 4C63CAE8D026F5CFA96F8B21780D49AD, D9A8F9C0A862F8E382BEECD68C6CC25080D8D070640B3804AF56DFB08A4C0732 ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
19:59:47.0773 0x14f0  msvsmon80 - ok
19:59:47.0851 0x14f0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:59:47.0851 0x14f0  Mup - ok
19:59:47.0914 0x14f0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:59:47.0945 0x14f0  NABTSFEC - ok
19:59:48.0148 0x14f0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:59:48.0226 0x14f0  napagent - ok
19:59:48.0351 0x14f0  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140311.001\NAVENG.SYS
19:59:48.0367 0x14f0  NAVENG - ok
19:59:48.0882 0x14f0  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140311.001\NAVEX15.SYS
19:59:48.0914 0x14f0  NAVEX15 - ok
19:59:49.0023 0x14f0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:59:49.0179 0x14f0  NDIS - ok
19:59:49.0210 0x14f0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:59:49.0210 0x14f0  NdisIP - ok
19:59:49.0273 0x14f0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:59:49.0273 0x14f0  NdisTapi - ok
19:59:49.0289 0x14f0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:59:49.0289 0x14f0  Ndisuio - ok
19:59:49.0335 0x14f0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:59:49.0382 0x14f0  NdisWan - ok
19:59:49.0414 0x14f0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:59:49.0414 0x14f0  NDProxy - ok
19:59:49.0476 0x14f0  [ 284432E671F1AF6B09B81DA24D3ABCAE, 8E093E7966AD6BB112A19DB5443CB5A0A083758B99AEFA334E1E61086ED27AE7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:59:49.0476 0x14f0  Net Driver HPZ12 - ok
19:59:49.0523 0x14f0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:59:49.0523 0x14f0  NetBIOS - ok

 

Prescott ....

Link to post
Share on other sites

The rest of the log:

 

19:59:49.0570 0x14f0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:59:49.0570 0x14f0  NetBT - ok
19:59:49.0648 0x14f0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:59:49.0695 0x14f0  NetDDE - ok
19:59:49.0742 0x14f0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:59:49.0742 0x14f0  NetDDEdsdm - ok
19:59:49.0789 0x14f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:59:49.0789 0x14f0  Netlogon - ok
19:59:49.0914 0x14f0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
19:59:49.0914 0x14f0  Netman - ok
19:59:50.0039 0x14f0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:59:50.0085 0x14f0  NetTcpPortSharing - ok
19:59:50.0179 0x14f0  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:59:50.0226 0x14f0  NIC1394 - ok
19:59:50.0523 0x14f0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:59:50.0523 0x14f0  Nla - ok
19:59:50.0585 0x14f0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:59:50.0585 0x14f0  Npfs - ok
19:59:51.0117 0x14f0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:59:51.0413 0x14f0  Ntfs - ok
19:59:51.0476 0x14f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:59:51.0476 0x14f0  NtLmSsp - ok
19:59:52.0163 0x14f0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:59:52.0335 0x14f0  NtmsSvc - ok
19:59:52.0367 0x14f0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:59:52.0367 0x14f0  Null - ok
19:59:56.0257 0x14f0  [ 785500CE8693C06EAAF29FAA64DB17C5, D682A8B718B31A726B5ADA7B99E946F6BCA7A1C58023D42E1C778AD937BE0231 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:59:56.0491 0x14f0  nv - ok
19:59:56.0726 0x14f0  [ 36E24031C29E6BB6F905CCB41FC987C0, 6E1C594F634FB079BA17CA3F18915562C96F65F7DB0D99C8E5E8FD50E45CE35A ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:59:56.0726 0x14f0  NVSvc - ok
19:59:57.0163 0x14f0  [ EF14502139880F7C3DDCF0D7CA12F370, E33EC1D994B2470A006AB683FD4C17CFE669DD2CC032A898D38328D59E99AB08 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:59:57.0194 0x14f0  nvUpdatusService - ok
19:59:57.0226 0x14f0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:59:57.0241 0x14f0  NwlnkFlt - ok
19:59:57.0288 0x14f0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:59:57.0460 0x14f0  NwlnkFwd - ok
19:59:57.0523 0x14f0  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:59:57.0538 0x14f0  ohci1394 - ok
19:59:57.0648 0x14f0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:59:57.0726 0x14f0  ose - ok
19:59:59.0351 0x14f0  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:00:01.0866 0x14f0  osppsvc - ok
20:00:01.0975 0x14f0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:00:02.0007 0x14f0  Parport - ok
20:00:02.0116 0x14f0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:00:02.0179 0x14f0  PartMgr - ok
20:00:02.0350 0x14f0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:00:02.0397 0x14f0  ParVdm - ok
20:00:02.0413 0x14f0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:00:02.0444 0x14f0  PCI - ok
20:00:02.0444 0x14f0  PCIDump - ok
20:00:02.0475 0x14f0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:00:02.0491 0x14f0  PCIIde - ok
20:00:02.0522 0x14f0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:00:02.0569 0x14f0  Pcmcia - ok
20:00:02.0569 0x14f0  Pcouffin - ok
20:00:02.0569 0x14f0  PDCOMP - ok
20:00:02.0569 0x14f0  PDFRAME - ok
20:00:02.0585 0x14f0  [ D1FC85A4880539657BB4D3775DA0C541, DA236831458D87058498061C171C70B0B7C97391ECA33082C632E1C8540DA7E8 ] pdiddcci        C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
20:00:02.0600 0x14f0  pdiddcci - ok
20:00:02.0600 0x14f0  [ 18ED1D71FEF6F71D38C24263500BBD01, DD01D9350C1C4BF9F403F6001126F8DB36961846CC76A76BBF1AFF6331A4DCCF ] PdiPorts        C:\WINDOWS\system32\Drivers\PdiPorts.sys
20:00:02.0616 0x14f0  PdiPorts - ok
20:00:02.0632 0x14f0  PDRELI - ok
20:00:02.0632 0x14f0  PDRFRAME - ok
20:00:02.0632 0x14f0  perc2 - ok
20:00:02.0647 0x14f0  perc2hib - ok
20:00:02.0741 0x14f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:00:02.0741 0x14f0  PlugPlay - ok
20:00:02.0804 0x14f0  [ 4153912765F7F2DE2A5C9A241ABB03FC, B7F38016F0653E8BBD1AED37E97EE857745EC1C87FD7A0529858C30A9225FD14 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
20:00:02.0804 0x14f0  Pml Driver HPZ12 - ok
20:00:02.0866 0x14f0  [ F754B09A839719575328F707693A919D, EDD88B11EFCB0543637EC71767BDFFAF125BB2D86616EA1536AB831AF5D84F16 ] Point32         C:\WINDOWS\system32\DRIVERS\point32.sys
20:00:02.0866 0x14f0  Point32 - ok
20:00:02.0882 0x14f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:00:02.0882 0x14f0  PolicyAgent - ok
20:00:02.0944 0x14f0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:00:02.0960 0x14f0  PptpMiniport - ok
20:00:02.0991 0x14f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:00:02.0991 0x14f0  ProtectedStorage - ok
20:00:03.0038 0x14f0  [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
20:00:03.0038 0x14f0  Ps2 - ok
20:00:03.0069 0x14f0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:00:03.0085 0x14f0  PSched - ok
20:00:03.0100 0x14f0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:00:03.0100 0x14f0  Ptilink - ok
20:00:03.0163 0x14f0  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:00:03.0163 0x14f0  PxHelp20 - ok
20:00:03.0288 0x14f0  [ F6EA2DCE39F1ACCB2C6C38D61FC79075, EBB975F8441F66E4E40722735C9F093CE0D2A825504D60C973586EEAB61BA866 ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
20:00:03.0288 0x14f0  QBCFMonitorService - ok
20:00:03.0382 0x14f0  [ BAB30D2799754F6EA22F0B9076311793, 1544260A94EC0BB5342D42B760B32CFEACE8638956E7CB15ABD90F14E6F69137 ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
20:00:03.0460 0x14f0  QBFCService - ok
20:00:03.0475 0x14f0  ql1080 - ok
20:00:03.0475 0x14f0  Ql10wnt - ok
20:00:03.0475 0x14f0  ql12160 - ok
20:00:03.0475 0x14f0  ql1240 - ok
20:00:03.0475 0x14f0  ql1280 - ok
20:00:03.0538 0x14f0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:00:03.0538 0x14f0  RasAcd - ok
20:00:03.0725 0x14f0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:00:03.0772 0x14f0  RasAuto - ok
20:00:03.0897 0x14f0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:00:03.0913 0x14f0  Rasl2tp - ok
20:00:04.0053 0x14f0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:00:04.0069 0x14f0  RasMan - ok
20:00:04.0319 0x14f0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:00:04.0444 0x14f0  RasPppoe - ok
20:00:04.0460 0x14f0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:00:04.0772 0x14f0  Raspti - ok
20:00:04.0944 0x14f0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:00:04.0944 0x14f0  Rdbss - ok
20:00:05.0038 0x14f0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:00:05.0038 0x14f0  RDPCDD - ok
20:00:05.0116 0x14f0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:00:05.0382 0x14f0  rdpdr - ok
20:00:05.0616 0x14f0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:00:05.0632 0x14f0  RDPWD - ok
20:00:05.0741 0x14f0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:00:05.0897 0x14f0  RDSessMgr - ok
20:00:05.0960 0x14f0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:00:06.0100 0x14f0  redbook - ok
20:00:06.0147 0x14f0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:00:06.0163 0x14f0  RemoteAccess - ok
20:00:06.0194 0x14f0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:00:06.0194 0x14f0  RemoteRegistry - ok
20:00:06.0241 0x14f0  [ BBCE96557881586683611C561FB06269, BB0DA582B2135EC589037D61597DB79F264F579D464DCE5B7D65A3D36CADEB86 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
20:00:06.0272 0x14f0  RimUsb - ok
20:00:06.0319 0x14f0  [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:00:06.0319 0x14f0  RimVSerPort - ok
20:00:06.0397 0x14f0  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
20:00:06.0413 0x14f0  ROOTMODEM - ok
20:00:06.0460 0x14f0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:00:06.0491 0x14f0  RpcLocator - ok
20:00:06.0647 0x14f0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
20:00:06.0663 0x14f0  RpcSs - ok
20:00:06.0772 0x14f0  [ 6A7360E36CBD636972AEEF0DD292A946, 08A0DE7819D781B082E2D1A8961B675501F56F62680B0C7117EC547B4A5CB10A ] RsFx0105        C:\WINDOWS\system32\DRIVERS\RsFx0105.sys
20:00:06.0850 0x14f0  RsFx0105 - ok
20:00:06.0913 0x14f0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:00:07.0116 0x14f0  RSVP - ok
20:00:07.0225 0x14f0  [ CB20F16AFDBA63707FB971E0922EDEC1, 6617BE6417D3BE82D2FF6CFC28CA7C24FB8EE889A545E4CB3E784A05AF722F47 ] RT73            C:\WINDOWS\system32\DRIVERS\rt73.sys
20:00:07.0303 0x14f0  RT73 - ok
20:00:07.0319 0x14f0  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:00:07.0335 0x14f0  rtl8139 - ok
20:00:07.0366 0x14f0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:00:07.0366 0x14f0  SamSs - ok
20:00:07.0428 0x14f0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:00:07.0506 0x14f0  SCardSvr - ok
20:00:07.0600 0x14f0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:00:07.0631 0x14f0  Schedule - ok
20:00:07.0819 0x14f0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:00:07.0944 0x14f0  Secdrv - ok
20:00:08.0006 0x14f0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:00:08.0006 0x14f0  seclogon - ok
20:00:08.0038 0x14f0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
20:00:08.0053 0x14f0  SENS - ok
20:00:08.0569 0x14f0  [ 18E1127C5341E2F037439033EE0D0D4B, 74ABC4EC09F7050A35C353D2367900CBD92ADD4785CF379CBD46DFAADAFE8844 ] SepMasterService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
20:00:08.0569 0x14f0  SepMasterService - ok
20:00:08.0709 0x14f0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:00:08.0709 0x14f0  Serenum - ok
20:00:09.0022 0x14f0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:00:09.0053 0x14f0  Serial - ok
20:00:09.0241 0x14f0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
20:00:09.0256 0x14f0  Sfloppy - ok
20:00:09.0381 0x14f0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:00:09.0381 0x14f0  SharedAccess - ok
20:00:09.0459 0x14f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:00:09.0459 0x14f0  ShellHWDetection - ok
20:00:09.0538 0x14f0  [ F459DD5EE69D4B68CB6767C9731B5FAF, FD1D769AE91D2493B166B4BDB4D15768BC58BB71192ED5BB6E6F6FB4A99476CE ] SI3112          C:\WINDOWS\system32\DRIVERS\SI3112.sys
20:00:09.0569 0x14f0  SI3112 - ok
20:00:09.0584 0x14f0  [ 96B43459E9BD1DAD1873A47DDDE9BDF4, 0F07493FC66B5A58A0E993DF1AE2C9688B3A2EA95A97EC51C66756493F77087B ] SiFilter        C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
20:00:09.0600 0x14f0  SiFilter - ok
20:00:09.0600 0x14f0  Simbad - ok
20:00:09.0616 0x14f0  [ 40F3BABE67C1C51FBB3EE64EA9209E1F, B4539C7F43903A8B76EF858222DB22E7B980D75A43E623BB1520DC6C0BC94E31 ] SiRemFil        C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
20:00:09.0631 0x14f0  SiRemFil - ok
20:00:09.0663 0x14f0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:00:09.0678 0x14f0  SLIP - ok
20:00:10.0038 0x14f0  [ 274D13E3AA30BD8F86165FC0B662894E, B15577BD69C8D4014D61EA04E8E4A4EE84F8FFB0F5E888CB4130C2014E9A146C ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
20:00:10.0116 0x14f0  SmcService - ok
20:00:10.0178 0x14f0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] SMTPSVC         C:\WINDOWS\system32\inetsrv\inetinfo.exe
20:00:10.0178 0x14f0  SMTPSVC - ok
20:00:10.0272 0x14f0  [ 7C6085C72FE7415B2E643990FB484CCB, 560E89AABD456F4EA48AA9E157BF3846530281BED206D4D6DDF7341B31CBC226 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe
20:00:10.0381 0x14f0  SNAC - ok
20:00:10.0475 0x14f0  [ 85BADA660D57BC5AEF52B11CABD6D8F9, D73A211C51AF28C4C2C5973E8C42B7B4F70DF72E2E8B3AF5D63321ADD42CB0CE ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
20:00:10.0522 0x14f0  snapman - ok
20:00:10.0522 0x14f0  Sparrow - ok
20:00:10.0584 0x14f0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:00:10.0584 0x14f0  splitter - ok
20:00:10.0663 0x14f0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:00:10.0663 0x14f0  Spooler - ok
20:00:10.0803 0x14f0  [ A892134C28777978ECDE8283DC57AC0F, 00D3663C38C82AC8EFF1E2731E7BCD1F3F16B126DDF7FC0DC88C4A5136F05D2D ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:00:10.0912 0x14f0  SQLAgent$SQLEXPRESS - ok
20:00:11.0069 0x14f0  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:00:11.0069 0x14f0  SQLBrowser - ok
20:00:11.0116 0x14f0  [ 135CDCCC167EF0C250125BBD3ABE18D5, 825661B8C2D458A15317EC000B98D9A7991FCC334F36AAAF94447A8CA8275AF4 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:00:11.0116 0x14f0  SQLWriter - ok
20:00:11.0162 0x14f0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:00:11.0194 0x14f0  sr - ok
20:00:11.0194 0x14f0  srkig - ok
20:00:11.0303 0x14f0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:00:11.0303 0x14f0  srservice - ok
20:00:11.0569 0x14f0  [ D52D335CEF10FA933141863100226610, 40A545972E5D8B58DD7746D7BFEE7829F7061B70BA214381ECA5A324EC3655F1 ] SRTSP           C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS
20:00:11.0600 0x14f0  SRTSP - ok
20:00:11.0631 0x14f0  [ FE9BD381778A344F0E39AE2D5E607D7F, 04F7EEE5ADF802BE120CFC730D5D5B97AF561278ABDE3C094E43174886C3867B ] SRTSPX          C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS
20:00:11.0631 0x14f0  SRTSPX - ok
20:00:11.0803 0x14f0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:00:11.0803 0x14f0  Srv - ok
20:00:11.0897 0x14f0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:00:11.0897 0x14f0  SSDPSRV - ok
20:00:11.0897 0x14f0  sshvnic - ok
20:00:12.0069 0x14f0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:00:12.0069 0x14f0  stisvc - ok
20:00:12.0131 0x14f0  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:00:12.0147 0x14f0  streamip - ok
20:00:12.0600 0x14f0  [ 8734CF72F1C80C59085A3377B5497D38, 3419EE1F5AA380D9173E7D8A7CB04678ABA3BB0D3588D7742DB5AEEE7BC1B9F7 ] SWAS_Core       C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
20:00:12.0616 0x14f0  SWAS_Core - ok
20:00:12.0725 0x14f0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:00:12.0725 0x14f0  swenum - ok
20:00:12.0787 0x14f0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:00:12.0787 0x14f0  swmidi - ok
20:00:12.0787 0x14f0  SwPrv - ok
20:00:12.0850 0x14f0  [ FBB45518D08A7010E804234188D8CB3F, CB8AD5BB61F1952029ACD43BD90AC2F2E2D5FDA5217EDC1D65E61A53990052B1 ] SyDvCtrl        C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SyDvCtrl32.sys
20:00:12.0897 0x14f0  SyDvCtrl - ok
20:00:12.0897 0x14f0  symc810 - ok
20:00:12.0897 0x14f0  symc8xx - ok
20:00:13.0069 0x14f0  [ 5A193E5E0F0A776430E5D62A051C1E16, A65E927581CD92F9769F540D3292EF12299273F9EEE99DECAE01E2B52B8DB465 ] SymDS           C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS
20:00:13.0178 0x14f0  SymDS - ok
20:00:13.0537 0x14f0  [ 68762EF9ED8A8D4A07112B3E3590EA29, 1D07F12351F5CC0D296841D7084159BB547CB76209F10E7117E851750B66497A ] SymEFA          C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS
20:00:13.0865 0x14f0  SymEFA - ok
20:00:13.0928 0x14f0  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:00:13.0928 0x14f0  SymEvent - ok
20:00:14.0053 0x14f0  [ 34A34E3E3B37E36DA570489ABE7A9AE0, E72E6F8EE1194FDE4750CFFAF1817B2F277845F41FABD56B4C2B8F0F50C6B2D3 ] SymIRON         C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS
20:00:14.0053 0x14f0  SymIRON - ok
20:00:14.0272 0x14f0  [ D71A2027DDDA3ACA597D98654C26EA0F, 877758161A2ADD83AD0413B35B2DC8BFDDE04FB7654149C9DAD233DA7752EA24 ] SYMTDI          C:\WINDOWS\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS
20:00:14.0287 0x14f0  SYMTDI - ok
20:00:14.0287 0x14f0  sym_hi - ok
20:00:14.0303 0x14f0  sym_u3 - ok
20:00:14.0381 0x14f0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:00:14.0381 0x14f0  sysaudio - ok
20:00:14.0475 0x14f0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:00:14.0584 0x14f0  SysmonLog - ok
20:00:14.0725 0x14f0  [ 5A9A5CE08168E6D23BED96B97E002DF9, 498B5CDCEFFC49AB20FF8A82B5D621F2A55776EFAFA1A025BDDDBBBE991063E0 ] SysPlant        C:\WINDOWS\system32\Drivers\SysPlant.sys
20:00:14.0725 0x14f0  SysPlant - ok
20:00:14.0865 0x14f0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:00:14.0865 0x14f0  TapiSrv - ok
20:00:15.0115 0x14f0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:00:15.0131 0x14f0  Tcpip - ok
20:00:15.0240 0x14f0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:00:15.0256 0x14f0  TDPIPE - ok
20:00:15.0569 0x14f0  [ 431801FCC97034E04A6EFF81136578D7, E061662D21FBECAEFDE939727E5892A8ED41C58C4D8738C2447777FB123FA2C3 ] tdrpman273      C:\WINDOWS\system32\DRIVERS\tdrpm273.sys
20:00:16.0193 0x14f0  tdrpman273 - ok
20:00:16.0272 0x14f0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:00:16.0272 0x14f0  TDTCP - ok
20:00:16.0459 0x14f0  [ 3DDE85472A50B4D51DA59219DB4F9F2D, 70D5492C0E63A0AC116182BA81B6AF6F31553F1D08AE80BDE5513B8362D269FB ] Teefer2         C:\WINDOWS\system32\DRIVERS\teefer.sys
20:00:16.0475 0x14f0  Teefer2 - ok
20:00:16.0490 0x14f0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:00:16.0506 0x14f0  TermDD - ok
20:00:16.0631 0x14f0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:00:16.0647 0x14f0  TermService - ok
20:00:16.0725 0x14f0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:00:16.0725 0x14f0  Themes - ok
20:00:16.0943 0x14f0  [ 3E06987FEDBCDFBFF8E85EF8108565F9, 63A06B73FA729F1609822EF08DF288FE91F0CA5295F73706C83B812476A7EF96 ] timounter       C:\WINDOWS\system32\DRIVERS\timntr.sys
20:00:17.0115 0x14f0  timounter - ok
20:00:17.0162 0x14f0  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:00:17.0287 0x14f0  TlntSvr - ok
20:00:17.0287 0x14f0  TosIde - ok
20:00:17.0365 0x14f0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:00:17.0365 0x14f0  TrkWks - ok
20:00:17.0412 0x14f0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:00:17.0412 0x14f0  Udfs - ok
20:00:17.0428 0x14f0  ultra - ok
20:00:17.0568 0x14f0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:00:17.0678 0x14f0  Update - ok
20:00:17.0756 0x14f0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:00:17.0818 0x14f0  upnphost - ok
20:00:17.0834 0x14f0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
20:00:17.0865 0x14f0  UPS - ok
20:00:18.0115 0x14f0  [ F614E15EDF2B657405E1A9A933D55AFD, D146FF0417456073AF1F1800296C01A5040C1E031D1B11839608671D75D0CC50 ] USB28xxBGA      C:\WINDOWS\system32\DRIVERS\emBDA.sys
20:00:18.0287 0x14f0  USB28xxBGA - ok
20:00:18.0475 0x14f0  [ 73AB419E1943AE481E6CF1B8C3F7B377, 4614D66B49E2EB985658E4F265D4E0DA7B80EA121A32EC577B5D339AA5516EB3 ] USB28xxOEM      C:\WINDOWS\system32\DRIVERS\emOEM.sys
20:00:18.0662 0x14f0  USB28xxOEM - ok
20:00:18.0709 0x14f0  [ F340199E8CB097E1ACD58A967C665919, 69819E7C85A02BA8B01089FD1E23E80923ED7CB63216EE85B90359E321FD77B9 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
20:00:18.0725 0x14f0  USBAAPL - ok
20:00:18.0803 0x14f0  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:00:18.0803 0x14f0  usbaudio - ok
20:00:18.0850 0x14f0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:00:18.0850 0x14f0  usbccgp - ok
20:00:18.0928 0x14f0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:00:18.0928 0x14f0  usbehci - ok
20:00:18.0990 0x14f0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:00:19.0068 0x14f0  usbhub - ok
20:00:19.0115 0x14f0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:00:19.0131 0x14f0  usbprint - ok
20:00:19.0178 0x14f0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:00:19.0178 0x14f0  usbscan - ok
20:00:19.0209 0x14f0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:00:19.0225 0x14f0  usbstor - ok
20:00:19.0271 0x14f0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:00:19.0271 0x14f0  usbuhci - ok
20:00:19.0334 0x14f0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:00:19.0334 0x14f0  VgaSave - ok
20:00:19.0350 0x14f0  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:00:19.0350 0x14f0  ViaIde - ok
20:00:19.0365 0x14f0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:00:19.0396 0x14f0  VolSnap - ok
20:00:19.0506 0x14f0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
20:00:19.0600 0x14f0  VSS - ok
20:00:20.0193 0x14f0  [ 3D96EF51524E99680E89929E953A5495, C6852C8A05B8B0768B403F20A0ECF2A6F520914360B207F74936276770C279D3 ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
20:00:20.0740 0x14f0  VX3000 - ok
20:00:21.0365 0x14f0  [ 23C729C7C2465C901F52979B0A43E0E4, 079F8969CC96FFED17D9AA284CA5EF533C3C0AA9426081E40D4077E9D5187CCB ] VX6000          C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys
20:00:22.0068 0x14f0  VX6000 - ok
20:00:22.0318 0x14f0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
20:00:22.0318 0x14f0  W32Time - ok
20:00:22.0428 0x14f0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] W3SVC           C:\WINDOWS\system32\inetsrv\inetinfo.exe
20:00:22.0428 0x14f0  W3SVC - ok
20:00:22.0490 0x14f0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:00:22.0490 0x14f0  Wanarp - ok
20:00:22.0740 0x14f0  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
20:00:22.0771 0x14f0  Wdf01000 - ok
20:00:22.0787 0x14f0  WDICA - ok
20:00:22.0990 0x14f0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:00:23.0006 0x14f0  wdmaud - ok
20:00:23.0099 0x14f0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:00:23.0099 0x14f0  WebClient - ok
20:00:23.0193 0x14f0  [ F45DD1E1365D857DD08BC23563370D0E, D95AEBB2095579D716C62152C8B805E119812FD2E40F14F9A5BA2EFDE133303B ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
20:00:23.0193 0x14f0  WinDefend - ok
20:00:23.0365 0x14f0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:00:23.0365 0x14f0  winmgmt - ok
20:00:23.0740 0x14f0  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:00:24.0052 0x14f0  WinRM - ok
20:00:24.0537 0x14f0  [ D9250B31B353EE3322C1CAD411997E38, D3EE89549A76E335B1DA774280FDC31184DCA714B99489AE96B90006CF6A0BA1 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:00:24.0568 0x14f0  wlidsvc - ok
20:00:24.0615 0x14f0  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:00:24.0631 0x14f0  WmdmPmSN - ok
20:00:24.0818 0x14f0  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:00:24.0834 0x14f0  Wmi - ok
20:00:24.0896 0x14f0  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:00:24.0896 0x14f0  WmiAcpi - ok
20:00:24.0974 0x14f0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:00:25.0021 0x14f0  WmiApSrv - ok
20:00:25.0318 0x14f0  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:00:25.0584 0x14f0  WMPNetworkSvc - ok
20:00:25.0943 0x14f0  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:00:26.0193 0x14f0  WPFFontCache_v0400 - ok
20:00:26.0240 0x14f0  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:00:26.0255 0x14f0  WS2IFSL - ok
20:00:26.0302 0x14f0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:00:26.0302 0x14f0  wscsvc - ok
20:00:26.0302 0x14f0  WSearch - ok
20:00:26.0365 0x14f0  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:00:26.0380 0x14f0  WSTCODEC - ok
20:00:26.0396 0x14f0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:00:26.0396 0x14f0  wuauserv - ok
20:00:26.0443 0x14f0  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:00:26.0630 0x14f0  WudfPf - ok
20:00:26.0677 0x14f0  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:00:26.0709 0x14f0  WudfRd - ok
20:00:26.0740 0x14f0  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
20:00:26.0771 0x14f0  WudfSvc - ok
20:00:26.0865 0x14f0  [ CCFDECD6060EA8EB0F8466782A97FF21, B478F2BB78BC5351BCD33C27F4A974CC76B90200F150DF1D9047F260164E2FC8 ] WUSB54GCSVC     C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
20:00:26.0865 0x14f0  WUSB54GCSVC - ok
20:00:27.0052 0x14f0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:00:27.0068 0x14f0  WZCSVC - ok
20:00:27.0130 0x14f0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:00:27.0177 0x14f0  xmlprov - ok
20:00:27.0240 0x14f0  ================ Scan global ===============================
20:00:27.0302 0x14f0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:00:27.0412 0x14f0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:00:27.0505 0x14f0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:00:27.0568 0x14f0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:00:27.0568 0x14f0  [ Global ] - ok
20:00:27.0568 0x14f0  ================ Scan MBR ==================================
20:00:27.0599 0x14f0  [ ED18B096BC416BFB306882A7C2EBA877 ] \Device\Harddisk0\DR0
20:00:27.0896 0x14f0  \Device\Harddisk0\DR0 - ok
20:00:27.0896 0x14f0  ================ Scan VBR ==================================
20:00:27.0912 0x14f0  [ 9E9E6F95D12C0F53B86E076F98FB738D ] \Device\Harddisk0\DR0\Partition1
20:00:27.0990 0x14f0  \Device\Harddisk0\DR0\Partition1 - ok
20:00:27.0990 0x14f0  [ 1A63F2B68C9C5AD483FA31D357C22A9E ] \Device\Harddisk0\DR0\Partition2
20:00:27.0990 0x14f0  \Device\Harddisk0\DR0\Partition2 - ok
20:00:27.0990 0x14f0  Waiting for KSN requests completion. In queue: 139
20:00:28.0990 0x14f0  Waiting for KSN requests completion. In queue: 139
20:00:29.0990 0x14f0  Waiting for KSN requests completion. In queue: 139
20:00:31.0083 0x14f0  AV detected via SS1: Symantec Endpoint Protection, 12.1.4013.4013, enabled, updated
20:00:31.0083 0x14f0  FW detected via SS1: Norton Internet Worm Protection, 2006, disabled
20:00:31.0083 0x14f0  FW detected via SS1: Symantec Endpoint Protection, 11.1, enabled
20:00:33.0521 0x14f0  ============================================================
20:00:33.0521 0x14f0  Scan finished
20:00:33.0521 0x14f0  ============================================================
20:00:33.0521 0x1120  Detected object count: 0
20:00:33.0521 0x1120  Actual detected object count: 0

 

Prescott ....

Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Marius,

 

As the online scanner was downloading I got a whole bunch of the BloodHound.MalPE alerts from Symantec.  Clearly I have an issue.  I noticed that I had processed an update from Microsoft that indicated that Windows XP support is ending on April 8th.  I'm done with this, there's no sense continuing if there's no support for XP.  I bought a new harddrive and I'm going to upgrade to Windows 7 Pro.  I'll scan the old hardrive in the machine after I upgrade and reinstall MalwareBytes and Symantec and will keep it as a archive disk.  Thank you for all your help, I greatly appreciate it.

 

Prescott ...

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.