Jump to content

Recommended Posts

Incredible software. TY!!  Quick scan found 300 PUPs in over 30k files.

Do I only delete the 3 software selected checked ones or the entire 300 list from the MalwarBytes results log?

Are any of them important to keep?

 

Below are the 3 selected 'Adware's followed by two similar software-unselected PUP files.  All dealing with FlashPlayer.

After that is the entire list of 300.  

 

My problem is tons of ads popping up and an especially upper right hand screen corner rolling down in various degrees to reveal an underlying ad.  Further, my cursor and screen freeze.  

 

 

C:\Users\N\Downloads\FlashPlayer (1).exe (Adware.DomaIQ) -> No action taken.

C:\Users\N\Downloads\FlashPlayer (2).exe (Adware.DomaIQ) -> No action taken.
C:\Users\N\Downloads\FlashPlayer.exe (Adware.DomaIQ) -> No action taken.
 
C:\Users\N\Downloads\FlashPlayer_V.aFxGFgqnc.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\N\Downloads\FlashPlayer_V.NjfpUD75c.exe (PUP.FakeFlash.Domaiq) 
 
Entire 300 list:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.23.07
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
N :: I3 [administrator]
 
Protection: Enabled
 
3/23/2014 12:06:43 PM
MBAM-log-2014-03-23 (12-54-35).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283665
Time elapsed: 20 minute(s), 35 second(s)
 
Memory Processes Detected: 2
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> 1868 -> No action taken.
C:\ProgramData\WebShield\WebShieldService.exe (PUP.Optional.InternetUpdater.A) -> 2208 -> No action taken.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 24
HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\WebShield (PUP.Optional.InternetUpdater.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> No action taken.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> No action taken.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> No action taken.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> No action taken.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> No action taken.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> No action taken.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.Optional.PlayTopus) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.Optional.PlayTopus) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.
HKLM\SOFTWARE\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.
HKLM\SOFTWARE\SOFTWAREUPDATER (PUP.Optional.SoftwareUpdater.A) -> No action taken.
HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller.A) -> No action taken.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9b47a47-5082-41ba-bdef-89a0002dd891} (PUP.Optional.MediaView.A) -> No action taken.
HKCR\CLSID\{d9b47a47-5082-41ba-bdef-89a0002dd891} (PUP.Optional.MediaView.A) -> No action taken.
HKCR\TypeLib\{1701083b-2c7c-4cf9-b2fe-546f90863ae2} (PUP.Optional.MediaView.A) -> No action taken.
HKCR\Interface\{54070D67-0FFE-4E83-B1DE-4A593AE5B004} (PUP.Optional.MediaView.A) -> No action taken.
 
Registry Values Detected: 3
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@MediaViewV1alpha1243.net (PUP.Optional.MediaView.A) -> Data: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff -> No action taken.
HKLM\SOFTWARE\SoftwareUpdater|partner_keyword (PUP.Optional.SoftwareUpdater.A) -> Data: ALLFILEWINCOM -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater|ImagePath (PUP.Optional.SoftwareUpdater.A) -> Data: C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -> No action taken.
 
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPB03DBD25-858F-4FF4-A150-B77F77B271CB&SSPV=) Good: (http://www.google.com) -> No action taken.
 
Folders Detected: 32
C:\Program Files (x86)\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Users\N\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ch (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\default (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ie (PUP.Optional.MediaView.A) -> No action taken.
 
Files Detected: 244
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\ProgramData\WebShield\WebShieldService.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsb14FC.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsj7626.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsl6F3F.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nst1C1.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsv7B47.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsz1CCD.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\setapp.exe (PUP.Optional.MediaView.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\spstub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\verifier.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\N\AppData\Local\Temp\nso41F5\SpSetup.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\AppData\Local\Temp\nsu1FF3.tmp\aminsis.dll (PUP.Optional.Amonetize) -> No action taken.
C:\Users\N\Downloads\FileZipperSetup-bootable windows 7 USB.exe (PUP.Optional.InstallBrain) -> No action taken.
C:\Users\N\Downloads\FlashPlayer (1).exe (Adware.DomaIQ) -> No action taken.
C:\Users\N\Downloads\FlashPlayer (2).exe (Adware.DomaIQ) -> No action taken.
C:\Users\N\Downloads\FlashPlayer.exe (Adware.DomaIQ) -> No action taken.
C:\Users\N\Downloads\FlashPlayer_V.aFxGFgqnc.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\N\Downloads\FlashPlayer_V.NjfpUD75c.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\N\Downloads\installer_avg_anti-virus_free_edition_English.exe (PUP.Optional.VIT) -> No action taken.
C:\Users\N\Downloads\nuancepdf.exe (PUP.Optional.InstallIQ.A) -> No action taken.
C:\Users\N\Downloads\Setup (1)-for priv msg.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\Downloads\Setup.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\N\Downloads\WiseConvert_B.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\Downloads\zip.exe (PUP.Optional.InstallIQ.A) -> No action taken.
C:\Users\N\Local Settings\Temporary Internet Files\IE\EYT94S65\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\Local Settings\Temporary Internet Files\IE\LF0L7VP0\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\N\Local Settings\Temporary Internet Files\IE\VXXKDZGV\SPIdentifierImpl[1].exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\KeyGen.dll (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.config (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\config.xml (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\Interop.Shell32.dll (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\translations.xml (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Program Files (x86)\SoftwareUpdater\uninstall.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_219.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_268.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\N\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\AxInterop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\ComponentFactory.Krypton.Toolkit.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\FileBrowser.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\Interop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\libreria.ico (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\Newtonsoft.Json.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\UltraID3Lib.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\Uninstall.exe (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\uninstall.ico (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe.config (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.InstallState (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFUpdate.exe (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\wmp.dll (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Arabic.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Arabic.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Bulgarian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Bulgarian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Catalan.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Catalan.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Czech.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Czech.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Danish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Danish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Dutch.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Dutch.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\English.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\English.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Estonian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Estonian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Finnish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Finnish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\French.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\French.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\German.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\German.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Greek.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Greek.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Haitian Creole.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Haitian Creole.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hebrew.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hebrew.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hindi.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hindi.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hungarian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hungarian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Indonesian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Indonesian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Italian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Italian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Japanese.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Japanese.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Korean.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Korean.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Latvian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Latvian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Lithuanian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Lithuanian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Norwegian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Norwegian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Polish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Polish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Portuguese.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Portuguese.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Romanian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Romanian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Russian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Russian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovak.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovak.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovenian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovenian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Spanish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Spanish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Swedish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Swedish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Thai.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Thai.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Turkish.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Turkish.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Ukrainian.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Ukrainian.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Vietnamese.gif (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Vietnamese.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\uninstall.exe (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ch\MediaViewV1alpha1243.crx (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome.manifest (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\install.rdf (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\ffMediaViewV1alpha1243.js (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\ffMediaViewV1alpha1243ffaction.js (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\overlay.xul (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaView.A) -> No action taken.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\default\MediaViewV1alpha1243_32.png (PUP.Optional.MediaView.A) -> No action taken.
 
(end)
 

 

 

Link to post
Share on other sites

Hello Span and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Still don't remove anything. Follow the instructions:

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

Interesting, after running OTL the Media View was removed automatically.  Almost all the other ads/popups/corner moving remain the same

 Computer is freezing so I am sending off what I have as of now.  Will send Extras.Txt next

 

OTL.Txt popped up with:

OTL logfile created on: 3/23/2014 3:39:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\N\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 57.54% Memory free
7.88 Gb Paging File | 6.15 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.35 Gb Total Space | 356.27 Gb Free Space | 80.54% Space Free | Partition Type: NTFS
Drive D: | 22.30 Gb Total Space | 2.67 Gb Free Space | 11.98% Space Free | Partition Type: NTFS
 
Computer Name: I3 | User Name: N | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/03/23 15:39:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\N\Downloads\OTL.exe
PRC - [2014/03/03 09:32:36 | 004,620,064 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014/03/03 09:32:36 | 003,008,800 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014/03/03 09:32:36 | 002,454,816 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/16 20:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
PRC - [2013/12/16 20:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
PRC - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/09/21 14:35:18 | 000,265,736 | ---- | M] () -- C:\Windows\SysWOW64\cfgmig32.exe
PRC - [2013/04/08 09:24:26 | 000,291,680 | ---- | M] () -- C:\Users\N\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
PRC - [2013/04/08 09:24:06 | 000,529,248 | ---- | M] () -- C:\Users\N\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/02/25 18:26:41 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
PRC - [2012/08/29 14:04:55 | 000,656,896 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
PRC - [2012/08/29 14:01:16 | 000,095,744 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
PRC - [2012/07/27 21:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/07/18 12:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 12:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 12:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 16:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/03/28 21:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/06/29 10:56:42 | 027,311,232 | ---- | M] (Gemalto N.V.) -- C:\Users\N\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
PRC - [2009/05/05 17:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/13 02:13:53 | 000,541,696 | ---- | M] () -- C:\Users\N\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
MOD - [2013/04/08 09:24:26 | 000,291,680 | ---- | M] () -- C:\Users\N\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
MOD - [2013/04/08 09:24:06 | 000,529,248 | ---- | M] () -- C:\Users\N\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
MOD - [2012/06/08 14:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2011/06/29 04:56:06 | 011,483,264 | ---- | M] () -- C:\Users\N\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/02/18 22:03:47 | 000,313,040 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe -- (CAAMSvc)
SRV:64bit: - [2014/02/06 06:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 11:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 05:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/13 01:33:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/13 01:33:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/13 01:28:28 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/11/07 23:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/30 20:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/30 20:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/09/30 00:03:28 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/30 00:03:28 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/30 00:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/21 14:37:52 | 000,314,888 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe -- (CAISafe)
SRV:64bit: - [2013/09/21 14:31:28 | 000,288,776 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV:64bit: - [2013/09/21 14:31:24 | 000,367,112 | ---- | M] (Total Defense, Inc.) [On_Demand | Running] -- C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 05:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/04/20 17:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/04/04 13:42:30 | 000,920,656 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/03/03 09:32:36 | 002,454,816 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/01/30 03:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/18 17:19:52 | 000,046,976 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\WebShield\WebShieldService.exe -- (WebShield)
SRV - [2013/12/16 20:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/12/16 20:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/12/05 15:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/13 01:28:31 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/11/13 01:28:28 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/11/13 01:28:27 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/30 00:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/21 14:35:18 | 000,265,736 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\cfgmig32.exe -- (WinSvchostManagerSrv)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/04/07 07:39:20 | 000,232,192 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/18 03:52:54 | 000,032,256 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2012/08/10 20:53:44 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/18 12:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 12:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 12:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 16:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/01/30 03:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/07 21:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/13 01:33:59 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/13 01:31:38 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/10 22:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 07:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/30 20:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/30 20:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/30 20:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/30 20:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/25 21:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/09/30 00:03:25 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/30 00:03:25 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/30 00:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 23:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 23:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 08:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 08:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/25 15:05:37 | 002,607,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/06/10 22:43:25 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/05/16 19:12:22 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/05/08 06:03:52 | 000,076,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2013/05/08 06:03:50 | 000,085,864 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/10 22:32:30 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/10 22:32:30 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/03 17:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/07/31 15:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/03 10:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 13:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/20 02:40:52 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 22:24:00 | 000,266,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/10/27 17:07:50 | 000,182,352 | ---- | M] (Total Defense) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV:64bit: - [2011/10/26 13:51:38 | 000,113,744 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\SysNative\drivers\KmxAgent.sys -- (KmxAgent)
DRV:64bit: - [2011/09/06 23:04:22 | 000,201,936 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\KmxCF.sys -- (KmxCF)
DRV:64bit: - [2011/09/06 23:04:22 | 000,143,824 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\KmxFw.sys -- (KmxFw)
DRV:64bit: - [2011/09/06 23:04:22 | 000,099,024 | ---- | M] (CA) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\KmxFilter.sys -- (KmxFilter)
DRV:64bit: - [2011/09/06 23:04:20 | 000,365,136 | ---- | M] (CA) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\KmxCfg.sys -- (KmxCfg)
DRV:64bit: - [2011/09/06 23:04:20 | 000,087,120 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\SysNative\drivers\KmxFile.sys -- (KmxFile)
DRV:64bit: - [2011/09/06 23:04:20 | 000,081,488 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\KmxSbx.sys -- (KmxSbx)
DRV:64bit: - [2011/05/13 07:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 07:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 07:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 07:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPB03DBD25-858F-4FF4-A150-B77F77B271CB&SSPV=
IE - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=119392&babsrc=SP_ss&mntrId=F475844BF5B59379
IE - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\N\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox [2014/02/18 13:09:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@MediaViewV1alpha1243.net: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff [2014/03/17 12:30:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@MediaWatchV1home438.net: C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home438\ff [2014/03/21 20:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\autolyrics@man-soft.net: C:\Program Files (x86)\AutoLyrics\FF\
 
[2013/06/14 11:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\N\AppData\Roaming\mozilla\Extensions
[2013/06/14 11:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\N\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2013/12/16 10:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/16 10:08:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/01 16:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2014/03/01 16:05:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - Extension: Google Drive = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Media View = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdphjjmbbnnaihokdpmkmjgkfghooel\1.1_0\
CHR - Extension: Google Search = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Edit This Cookie = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.3_0\
CHR - Extension: Total Defense Anti-Phishing Toolbar = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih\2.2.0.33_0\
CHR - Extension: Media Watch = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcffiflimlnebbklmlddninldcikfck\1.1_0\
CHR - Extension: Google Wallet = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Enhanced History = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocfblifjfffcokdoocoopcnaooljncbh\1.2.1_0\
CHR - Extension: Gmail = C:\Users\N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/03/23 03:35:01 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Media Watch) - {1e5f12fe-2064-48b4-87aa-89a1274ababc} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home438\ie\MediaWatchV1home438.dll ()
O2 - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Media View) - {d9b47a47-5082-41ba-bdef-89a0002dd891} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ie\MediaViewV1alpha1243.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O4:64bit: - HKLM..\Run: [boxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.)
O4:64bit: - HKLM..\Run: [cctray] C:\Program Files\Total Defense\Internet Security Suite\casc.exe (Total Defense, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [eFax 4.4] C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [GenieoSystemTray] C:\Users\N\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe ()
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [GenieoUpdaterService] C:\Users\N\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe ()
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [NETGEARGenie] C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ()
O4 - HKU\S-1-5-21-3078571501-3999050880-2082339749-1001..\Run: [sanDiskSecureAccess_Manager.exe] C:\Users\N\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\WINDOWS\SysNative\VetRedir64.dll (Computer Associates International, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4133BFE4-2996-4DC2-BC3A-B8296D433ADE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44449148-2BEF-4758-9A26-F0FBBB14BAED}: DhcpNameServer = 208.67.222.222 208.67.220.220 167.206.245.130
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (UmxSbxExA64.dll) - C:\WINDOWS\SysNative\UmxSbxExA64.dll (CA)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\SysWow64\UmxSbxExw.dll (CA)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\PFW: DllName - (UmxWnp.Dll) - C:\WINDOWS\SysWow64\UmxWNP.dll (CA)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/23 12:49:28 | 000,000,000 | ---D | C] -- C:\Users\N\Documents\Computer
[2014/03/23 12:02:12 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\Malwarebytes
[2014/03/23 12:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/23 12:01:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/03/23 12:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/23 12:00:52 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Local\Programs
[2014/03/23 03:34:53 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\rmi
[2014/03/21 20:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaWatchV1
[2014/03/18 04:18:22 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Password Key Professional
[2014/03/18 04:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Password Key Professional
[2014/03/18 02:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZipper
[2014/03/17 12:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaViewV1
[2014/03/11 23:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/03/11 23:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/03/11 23:40:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/03/01 23:35:00 | 000,000,000 | ---D | C] -- C:\Users\N\Documents\Shidduchim
[2014/03/01 02:11:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/02/28 23:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/02/28 23:03:39 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Local\SearchProtect
[2014/02/28 21:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2014/02/28 21:54:24 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\HP
[2014/02/28 21:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014/02/28 21:50:46 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\HpUpdate
[2014/02/28 21:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/02/28 21:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/02/28 21:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2014/02/28 21:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/02/28 21:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2014/02/28 21:46:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2014/02/28 21:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/02/28 21:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/02/24 04:39:51 | 000,000,000 | ---D | C] -- C:\Users\N\Documents\Rebates
[2013/10/29 12:01:55 | 005,635,416 | ---- | C] (j2 Global) -- C:\Users\N\msgrplus.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/23 15:34:41 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/23 15:34:41 | 000,796,126 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/23 15:34:41 | 000,161,346 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/23 15:32:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/23 15:31:26 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2014/03/23 15:26:15 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/23 15:26:14 | 514,797,894 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/03/23 15:26:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/23 15:26:11 | 3333,857,280 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/23 14:52:04 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/23 12:01:51 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/23 03:11:26 | 000,000,062 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/03/23 01:12:20 | 000,000,319 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k0
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k7
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k6
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k5
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k4
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k3
[2014/03/23 01:12:20 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k2
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k7
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k6
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k5
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k4
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k3
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k2
[2014/03/23 01:12:20 | 000,000,049 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxzone.u2k1
[2014/03/23 01:12:19 | 005,138,877 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k0
[2014/03/23 01:12:19 | 000,091,908 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\KmxAgent.asc
[2014/03/23 01:12:19 | 000,000,085 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\kmxcfg.u2k1
[2014/03/19 04:16:28 | 000,004,573 | ---- | M] () -- C:\Users\N\Documents\zPaypal-2-2014.pdf
[2014/03/18 04:18:22 | 000,001,328 | ---- | M] () -- C:\Users\N\Desktop\Windows Password Key Professional.lnk
[2014/03/18 03:21:07 | 000,001,047 | ---- | M] () -- C:\Users\N\Desktop\FileZipper.lnk
[2014/03/12 01:19:09 | 000,438,440 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/02/28 23:03:40 | 000,000,000 | ---- | M] () -- C:\END
[2014/02/28 21:54:15 | 000,187,922 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2014/02/28 21:50:13 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/02/28 21:50:03 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/02/28 21:49:35 | 000,001,335 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/02/28 21:48:31 | 000,002,119 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/02/24 13:55:14 | 000,089,454 | ---- | M] () -- C:\Users\N\Documents\Scosche26-586-020_49255Jun20Jun2613yh62-Newegg,K.pdf
 
========== Files Created - No Company Name ==========
 
[2014/03/23 12:01:51 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/23 03:11:26 | 000,000,062 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/19 04:16:26 | 000,004,573 | ---- | C] () -- C:\Users\N\Documents\zPaypal-2-2014.pdf
[2014/03/18 04:18:22 | 000,001,328 | ---- | C] () -- C:\Users\N\Desktop\Windows Password Key Professional.lnk
[2014/03/18 02:34:20 | 000,001,047 | ---- | C] () -- C:\Users\N\Desktop\FileZipper.lnk
[2014/03/17 16:31:49 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/03/17 16:31:49 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/11 23:22:09 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/28 21:50:13 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/02/28 21:50:03 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/02/28 21:49:35 | 000,001,335 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/02/28 21:49:03 | 000,001,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2014/02/28 21:48:31 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/02/28 21:38:05 | 000,187,922 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2014/02/28 21:38:05 | 000,001,608 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2014/02/24 13:55:13 | 000,089,454 | ---- | C] () -- C:\Users\N\Documents\Scosche26-586-020_49255Jun20Jun2613yh62-Newegg,K.pdf
[2014/02/18 13:11:35 | 001,424,904 | ---- | C] () -- C:\WINDOWS\SysWow64\cfgmig32.dll
[2014/02/18 13:11:35 | 000,265,736 | ---- | C] () -- C:\WINDOWS\SysWow64\cfgmig32.exe
[2014/02/18 13:10:18 | 002,763,152 | ---- | C] () -- C:\WINDOWS\SysWow64\svcprs32.exe
[2014/02/18 13:10:17 | 004,110,736 | ---- | C] () -- C:\WINDOWS\SysWow64\win32cpr.dll
[2014/02/18 13:10:16 | 001,755,536 | ---- | C] () -- C:\WINDOWS\SysWow64\winsflt.dll
[2014/02/18 13:10:16 | 000,100,752 | ---- | C] () -- C:\WINDOWS\SysWow64\winsfinst.exe
[2014/02/18 13:10:15 | 003,213,712 | ---- | C] () -- C:\WINDOWS\SysWow64\mdmcls32.exe
[2014/01/30 03:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/18 17:19:50 | 001,148,800 | ---- | C] () -- C:\WINDOWS\SysWow64\WbShld.384B48E6DC83.dll
[2013/11/13 01:43:52 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/29 19:57:01 | 000,061,564 | ---- | C] () -- C:\Users\N\Rosenberg rent 10-2013.efx
[2013/10/29 19:48:29 | 000,061,564 | ---- | C] () -- C:\Users\N\Rosenberg rent.efx
[2013/08/25 10:02:17 | 000,000,288 | ---- | C] () -- C:\Users\N\AppData\Roaming\.backup.dm
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/25 17:39:15 | 000,430,080 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\LMUD1P32comc.dll
[2012/12/14 06:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/12/14 06:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 16:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 16:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 16:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/04/20 16:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013/11/20 19:39:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 04:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/09 00:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/02/27 01:59:04 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Box Desktop
[2013/02/27 01:59:10 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Box Sync
[2013/06/05 19:56:43 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\OpenOffice.org
[2013/02/27 01:59:03 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Synaptics
[2013/04/19 00:48:36 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Babylon
[2013/02/10 13:24:34 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Box Desktop
[2013/02/10 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Box Sync
[2013/10/29 12:03:13 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\eFax Messenger
[2013/02/25 18:23:36 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Genieo
[2013/10/29 12:03:57 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\j2 Global
[2013/06/10 22:56:25 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Netgear Live Parental Controls
[2013/02/25 18:30:42 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Nuance
[2013/02/10 04:24:54 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\OpenOffice.org
[2013/03/10 04:22:46 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\OtoNet
[2014/01/07 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\playattn5
[2013/04/22 08:33:32 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\player
[2013/06/14 11:21:55 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Prism
[2014/03/23 03:35:11 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\rmi
[2013/05/27 00:26:41 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\SanDisk
[2014/01/09 07:54:32 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\SanDisk SecureAccess
[2012/12/04 11:25:19 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Synaptics
[2012/12/17 12:16:03 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\WebApp
[2013/06/14 11:21:55 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\WebApps
[2014/01/22 17:39:54 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\WindSolutions
[2013/02/25 18:26:36 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\Zeon
[2012/12/04 04:52:36 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\Synaptics
[2012/12/09 16:42:44 | 000,000,000 | ---D | M] -- C:\Users\Test\AppData\Roaming\WebApp
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\N\SkyDrive:ms-properties
 
< End of report >
Link to post
Share on other sites

Sorry.  It can take 20-30 min sometimes for it to unfreeze.  (Some of the blank lines represent files I deleted that are work related)

 

Here is the OTL.Extras file:OTL Extras logfile created on: 3/23/2014 3:39:55 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\N\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 57.54% Memory free
7.88 Gb Paging File | 6.15 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.35 Gb Total Space | 356.27 Gb Free Space | 80.54% Space Free | Partition Type: NTFS
Drive D: | 22.30 Gb Total Space | 2.67 Gb Free Space | 11.98% Space Free | Partition Type: NTFS
 
Computer Name: I3 | User Name: N | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0818EA28-7C44-465B-A74C-A591E92F2D0C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0D033936-F169-49E8-9435-8505270E7ACA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{36D82B3C-31BF-488A-9463-D21377871A65}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7256D085-CDBC-4ED6-A55E-1B82D3C26810}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00733E0E-FE85-446C-A6B0-63FF5AC810D3}" = dir=out | name=iheartradio | 
"{01F77C27-1630-49E3-A857-F22C62240975}" = dir=out | name=hp connected photo powered by snapfish | 
"{05CF5FA0-2732-4C81-A4B6-C4615B74F896}" = dir=out | name=sonicwall mobile connect | 
"{08BDA015-701A-4AF2-A569-22AA74F751E3}" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{0A69C3A7-B250-4774-9034-EA53CF99A183}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{1137E46E-E3DA-44E8-86A5-67426F3A9103}" = dir=in | name=microsoft mahjong | 
"{16DD3AD1-8B62-46FD-BC4B-2650DED31771}" = dir=out | name=ebay | 
"{16F8AD56-8283-4D82-9927-CAB403A28FF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 | 
"{1CC05906-88EC-4DEA-9763-F414D8A9F11F}" = dir=out | name=hp registration | 
"{2095702D-0823-4779-9FD2-C53799F49681}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{2126010F-E682-4070-B3C8-A725FB663543}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{259B879E-4A4F-4A34-B3F1-01077F6DA898}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{283A27DA-CC5C-4179-8F1F-C1E71315FFFC}" = dir=out | name=getting started with windows 8 | 
"{287E0F71-C204-4647-9A61-D083A2F38B66}" = dir=out | name=hp registration | 
"{29E596D7-A81F-40D2-8F49-5CBF65B6159C}" = dir=in | name=check point vpn | 
"{2A9B389F-5AC9-4904-A4F6-CABECDC5FE73}" = dir=in | name=getting started with windows 8 | 
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 | 
"{3B119212-ACE2-4562-B127-5DB7E4CF74B8}" = dir=in | name=hp connected photo | 
"{3DA7513F-A9A8-47C7-97A9-1F7501DA4B50}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{448EAF7B-8D17-4FFA-BBE3-7E53016BEB1F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{45815F3A-BDDA-4D6E-9413-CE466C290E79}" = dir=out | name=hp all-in-one printer remote | 
"{4BF3C607-FCB0-4357-BF59-D0D92CECBB29}" = dir=out | name=skype | 
"{4E627DBE-1B41-4E2D-A9CE-B2C30D534259}" = dir=out | name=norton studio | 
"{504BA79D-4721-4871-B21A-D54B9ACA264C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{51F7BFEF-5300-48CC-A759-EDA6283FABEB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{581026F1-1077-4A7F-9D42-780D3D366A0E}" = dir=in | name=ebay | 
"{5A29FDA0-DA93-422F-868D-390D99C9B049}" = dir=out | name=windows_ie_ac_001 | 
"{5A94378F-709A-46E9-9C4B-766C9474710A}" = dir=in | name=skype | 
"{5B8CE855-4F9D-43D4-A400-E8C6566B1993}" = dir=out | name=ebay | 
"{5C667F61-CF46-4D8C-923A-54086194B269}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{63C8DB43-825F-41FA-8C80-E47FC6C527D5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{65948B8D-DDEF-4D89-A936-F3659620EDCB}" = dir=out | name=skype | 
"{68769DF7-CA80-4E40-9208-DC7658A51051}" = dir=out | name=juniper networks junos pulse | 
"{6D659BEF-9E46-46A9-8C54-24ED16D1B5B3}" = dir=in | name=kindle | 
"{6F7CFF1D-7402-485F-9CC4-209D3DE7C98A}" = dir=in | name=sonicwall mobile connect | 
"{708A2025-41A3-43C8-8372-E44CB9434083}" = dir=in | name=f5 vpn | 
"{74662BA1-6689-4D51-A52A-4019BB99B9EB}" = dir=in | name=hp all-in-one printer remote | 
"{7ABA4C50-B4D5-4479-A61D-D3DE6F2349DD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7B4C517F-AB5A-4620-AE5B-56483C54E37C}" = dir=in | name=skype | 
"{7EAE3813-2251-4DB2-AE56-40A9E2398AE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{84374784-E6A2-4FAB-AECE-4E6DDF79E8CF}" = dir=out | name=hp+ | 
"{84648CB8-F844-4F74-892E-646718CF4DF9}" = dir=in | name=juniper networks junos pulse | 
"{8753119C-2568-4C91-98B0-20D598E370D1}" = dir=out | name=microsoft mahjong | 
"{8A8C3A2D-0EA3-433F-92FC-31663A2FD895}" = dir=out | name=hp connected photo | 
"{8D018D6E-6A45-4576-9A93-0BEE93B420E5}" = dir=out | name=getting started with windows 8 | 
"{9006C8DB-F705-4790-B15E-51E75076526F}" = dir=out | name=norton studio | 
"{9321AB0C-E469-4BE0-97F3-42730CD08BA2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{9969419C-4E07-4AB5-B919-8397986C80F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{99FB2ADA-A4BD-4015-B473-EE691104F6AD}" = dir=out | name=kindle | 
"{9A599BF0-98BC-45EF-A9D5-03CE2B54FC0B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{9B1436C0-C48A-4219-B5AC-685F2EFFC9CB}" = dir=out | name=kindle | 
"{A3AEF67D-580B-4B42-B666-32B19407F425}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{ABED6E8D-D016-4956-B30B-895F13094364}" = dir=out | name=microsoft solitaire collection | 
"{AD390B3E-D38B-48B3-9966-C4DE76F7E154}" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{B0E296AA-4C8F-4FF3-A809-BA3CCFEE0C79}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{B17E9536-8CAF-414A-BD6D-3408EB069744}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{B516664B-3157-4A9C-8A8A-DA66806F5D31}" = dir=out | name=netflix | 
"{B66CEE92-E154-4D2D-8EBD-0853E8E07F7E}" = dir=out | name=iheartradio | 
"{B9111CF7-726E-459A-BB03-9390E7C5397F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{BDE0AF3E-88F0-4303-B669-A4B5673B0144}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{C485922B-4899-49B5-88DC-52313D171037}" = dir=in | name=microsoft solitaire collection | 
"{CA8292FA-83C1-48F3-B21C-A8DCCEBE4024}" = dir=out | name=f5 vpn | 
"{CF260CA5-C949-4856-9E3C-6BEB54128D23}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D8CB9BE0-44D3-4024-B58D-93B9CA60FB76}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{D99883EF-9F4F-4DE3-AE1D-4A2380317818}" = dir=out | name=microsoft solitaire collection | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{E09A012B-BD82-4BB6-A5F5-C84F158AE71C}" = dir=out | name=check point vpn | 
"{E4264B26-C6A5-4755-87F8-99AA7EDE9142}" = dir=out | name=hp+ | 
"{E43499A1-511A-4ACC-BF80-74C226146559}" = dir=in | name=hp+ | 
"{E6AEB988-4AEE-421B-8DAA-B0C80A1DFAB5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{F5962947-B5CA-4F0A-9351-47B978ECC80C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{F5B758CB-3208-48D7-8C2C-8B38320E862F}" = dir=out | name=microsoft mahjong | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
 
"TCP Query User{0CF317CF-9D65-4A8F-B223-60CC122DEEE0}C:\windows\system32\settingsynchost.exe" = protocol=6 | dir=in | app=c:\windows\system32\settingsynchost.exe | 
"TCP Query User{70F5F0FD-7048-40D0-9248-488202145B12}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}" = HP Deskjet All-In-One Software
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = Anti-Virus
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9756801-C8EF-44FC-BD97-F2AE6728A432}" = Box Sync (64 bit)
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{F3A591D1-C991-4722-B40D-C4A80C2A6D05}" = HIPS
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CAAPH2" = APH placeholder
"eTrust Suite Personal" = Total Defense Internet Security Suite
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1367D815-EC9F-4e2f-9FB9-E40A075AD19B}" = DNAMigrator
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
 
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
 
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4ED7050C-9332-4FB2-AB07-E94F25A53D39}" = HP Quick Launch
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A05B328-35EB-4CED-B16F-62FA5A2642E6}" = 
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5F6C549F-78DA-4E0E-AE70-0BD981936D99}" = Nuance PDF Reader
 
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{835B275B-F29B-464B-BD4B-097FD55FAB0A}" = HP Software Framework
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
 
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT5390R 802.11bgn Wi-Fi Adapter
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom
 
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AE986BF5-B6E3-4F8D-B412-A3DD90DF5146}" = HP Documentation
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B8019B54-F9BE-490A-9619-6D06F18F129F}" = HP Support Assistant
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
 
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5C00116-FFD7-465e-8316-6055F320E7E5}" = DJ_AIO_NS_LP_DocCD
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7CDAC3E-0962-41D6-829D-6AB524120B43}" = DJ_AIO_ProductContext
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
 
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}" = VAFPlayer
"{EED759C0-F201-4422-86FA-264075B882ED}" = DJ_AIO_Software_min
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C4B91A-250C-4A68-94EB-9643151F892B}" = DJ_AIO_Software
"{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}" = Citrix Online Launcher
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
 
"DomaIQ Uninstaller" = DomaIQ
"FileZipper" = FileZipper
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MediaViewV1alpha1243" = Media View
"MediaWatchV1home438" = Media Watch
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NETGEAR Genie" = NETGEAR Genie
"NETGEAR Live Parental Controls Management Utility" = NETGEAR Live Parental Controls Management Utility 2.1.5
"Office14.SingleImage" = Microsoft Office Home and Student 2010
 
"SearchProtect" = Search Protect
"SoftwareUpdater" = SoftwareUpdater
 
"TeamViewer 8" = TeamViewer 8
"WebShield" = Web Shield
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"Windows Password Key Professional" = Windows Password Key Professional 
"WinLiveSuite" = Windows Live Essentials
"WTA-057d6a72-b7e1-415f-9db1-71e6a83e29f5" = Bejeweled 3
"WTA-091a783a-5159-446d-934e-b9f672c7443e" = Penguins!
"WTA-0c1fa763-77e6-44cd-b404-ce6a6e633d68" = Luxor Evolved
"WTA-0c5b3f60-1faf-46ce-a3e7-1d4108b6686d" = Polar Golfer
"WTA-132a3cad-e4c2-4486-89c4-1cf0b219d473" = Tales of Lagoona
"WTA-1a04f438-53c4-48ee-9a33-1d8c4380eb51" = Chuzzle Deluxe
"WTA-1addad0a-abf4-4def-8c9f-81e55f8f65f0" = John Deere Drive Green
"WTA-314b84d8-f288-4c11-92d5-7a997cae46ea" = Final Drive Fury
"WTA-4a14ef9b-51bf-4613-8d86-e118f006130e" = Mahjongg Dimensions Deluxe: Tiles in Time
"WTA-4d0aa498-5529-40b3-8792-263b84fd14e9" = FlatOut 2
"WTA-588927c0-797c-4848-97ce-0ac53b588e86" = Hoyle Card Games
"WTA-59c7b1b0-4198-4ecf-a8b1-ea98cf2bbfd7" = Governor of Poker 2 Premium Edition
"WTA-5d4b93c3-8250-440e-a95b-07d17aa802d4" = Jewel Match 3
"WTA-617603f6-9833-4db3-873a-55bbee92c814" = Peggle Nights
"WTA-682320c0-e89f-4873-86e4-2b560303b8d4" = Build-a-lot 4 - Power Source
"WTA-742705b3-1f08-4501-a6c1-66664a0aaaa0" = Mortimer Beckett and the Crimson Thief Premium Edition
"WTA-7687659f-af32-4d94-b992-685302f59a31" = 4 Elements II
"WTA-7f3180fb-394a-434b-974e-6c0e710b6da8" = Roads of Rome 3
"WTA-811f7893-7131-4281-b130-f848d1bdf1e4" = Farm Frenzy
"WTA-81799265-3f8b-4022-822e-83742c37fd27" = Polar Bowler
"WTA-9dc5d37d-eb0e-4f78-b3c1-eeb228ce1879" = Cradle Of Egypt Collector's Edition
"WTA-b28f2b65-ae87-4a02-a9be-2b45716fc3d6" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-b8ba47ee-2a35-4c89-b6f8-34baeca75aab" = FATE: The Cursed King
"WTA-bf0d4a4f-c231-4607-84f1-06d38b1c9bb0" = Vacation Quest™ - Australia
"WTA-d5e0f69e-8178-402d-8914-f41f029dfae3" = Cradle of Rome 2
"WTA-eeb3cfb2-237b-4282-9880-470303e16118" = Zuma's Revenge
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3078571501-3999050880-2082339749-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"CopyTrans Suite" = CopyTrans Suite Remove Only
"genieo" = Genieo
"GoToMeeting" = GoToMeeting 5.9.0.1207
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 3/23/2014 3:21:39 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 285890
 
Error - 3/23/2014 3:21:40 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/23/2014 3:21:40 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 287000
 
Error - 3/23/2014 3:21:40 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 287000
 
Error - 3/23/2014 3:21:41 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/23/2014 3:21:41 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 288156
 
Error - 3/23/2014 3:21:41 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 288156
 
Error - 3/23/2014 3:21:42 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 3/23/2014 3:21:42 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 289296
 
Error - 3/23/2014 3:21:42 PM | Computer Name = i3 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 289296
 
[ System Events ]
Error - 3/18/2014 6:05:49 AM | Computer Name = i3 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:31:33 AM on ?3/?18/?2014 was unexpected.
 
Error - 3/18/2014 10:58:01 AM | Computer Name = i3 | Source = BugCheck | ID = 1001
Description = 
 
Error - 3/18/2014 11:01:58 AM | Computer Name = i3 | Source = DCOM | ID = 10016
Description = 
 
Error - 3/18/2014 12:45:17 PM | Computer Name = i3 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:38:58 PM on ?3/?18/?2014 was unexpected.
 
Error - 3/18/2014 12:44:56 PM | Computer Name = i3 | Source = Microsoft-Windows-Kernel-Boot | ID = 16
Description = 
 
Error - 3/18/2014 12:45:27 PM | Computer Name = I3 | Source = BugCheck | ID = 1001
Description = 
 
Error - 3/18/2014 12:48:39 PM | Computer Name = i3 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/18/2014 12:50:25 PM | Computer Name = i3 | Source = Service Control Manager | ID = 7022
Description = The File History Service service hung on starting.
 
Error - 3/18/2014 7:48:52 PM | Computer Name = i3 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:45:20 PM on ?3/?18/?2014 was unexpected.
 
Error - 3/18/2014 7:49:05 PM | Computer Name = I3 | Source = BugCheck | ID = 1001
Description = 
 
 
< End of report >
Link to post
Share on other sites

Help Please!  I am leaving town tomorrow early am and desperately need my computer.  Can we try to resolve this today?  Really appreciative with all the requests I see that you have.  BTW, a popup just now stated that I have 2 viruses:  rootkitsirefef.spy and trojan.FakeAV-Download with an (888) phone number to call.  I now think I should have written down all the info on the popup, but at the time I thought it was one of the malware ads.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.