Scour redirect virus in Google via Internet Explorer

Scour redirect virus in Google via Internet Explorer
Redirects me to http://63.209.69.107/see.php?
I have tried lots of things to resolve this but it has been persistent
Using Norton 360/spybot all the time and have not had a serious problem in years until now.
Attached:
1. HijackThis log.
2. dds.txt
3. attach.txt
4. ark.txt (crashed blue screen of death twice, finally run in safe mode with networking).
5. sysinfo
==================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:17:32 PM, on 1/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Calibre2\calibre.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Calibre2\calibre-parallel.exe
C:\Users\Shelli\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://mygp.gp.com/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B34BA86-2C39-415B-9F6F-541F0D2687CE}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A}: NameServer = 216.146.35.240,216.146.36.240,192.168.1.1
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Application Sendori - Sendori, Inc. - C:\Program Files (x86)\Sendori\SendoriSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CyberLink Product - 2011/11/17 22:34:14 (CLKMSVC10_9EC60124) - CyberLink - c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Service Sendori - sendori - C:\Program Files (x86)\Sendori\Sendori.Service.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: sndappv2 - Sendori - C:\Program Files (x86)\Sendori\sndappv2.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 18241 bytes
==============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Shelli at 20:18:38 on 2013-01-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.4548 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files (x86)\Calibre2\calibre.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Calibre2\calibre-parallel.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [FAStartup] <no file>
StartupFolder: C:\Users\Shelli\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
Trusted Zone: pinterest.com
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://mygp.gp.com/dana-cached/sc/JuniperSetupClient.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B34BA86-2C39-415B-9F6F-541F0D2687CE} : NameServer = 0.0.0.0
TCP: Interfaces\{A025C8A1-6C0C-4BF7-B7C3-2062A071045B} : DHCPNameServer = 13.36.0.1 13.36.0.2
TCP: Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A} : NameServer = 216.146.35.240,216.146.36.240,192.168.1.1
TCP: Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A}\2416E6A6F656D27657563747 : DHCPNameServer = 192.168.33.1 75.75.75.75 75.75.76.76
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli FAPassSync
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [CTMasterOnOffMonitor] Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-25 30056]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-11-17 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-11-18 21616]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys [2012-11-3 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys [2012-11-3 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-1-9 1384608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-24 283200]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130109.001\IDSviA64.sys [2013-1-10 513184]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-10-25 284008]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys [2012-11-3 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys [2012-11-3 386168]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-11-17 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-12-10 118632]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2012-2-14 2451440]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe [2012-11-3 130008]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-1-9 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-1-9 1369624]
R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2012-12-10 14696]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-11-17 1692480]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2012-12-10 3569512]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-17 2656280]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-12-19 613760]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-11-17 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-19 53248]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-11-3 176000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-24 138912]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-17 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-4-19 25528]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-11-17 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-11-17 181760]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-11-17 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/11/17 22:34:14;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-8-11 248304]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-1-9 168384]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-11-17 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-17 79360]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-11-3 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2012-12-19 13728]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-11-17 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-4-19 35256]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2011-11-17 121960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-11-17 79360]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-3 30208]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2012-12-19 81312]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2012-12-19 15776]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-3 1255736]
.
=============== Created Last 30 ================
.
2013-01-10 23:25:40 -------- d-----w- C:\Users\Shelli\AppData\Roaming\calibre
2013-01-10 23:25:31 -------- d-----w- C:\Program Files (x86)\Calibre2
2013-01-10 23:22:31 -------- d-----w- C:\Users\Shelli\AppData\Local\Apple Computer
2013-01-10 23:22:25 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Barnes & Noble
2013-01-10 23:22:24 -------- d-----w- C:\Program Files (x86)\Barnes & Noble
2013-01-10 04:12:41 -------- d-----w- C:\Program Files (x86)\PC Tools
2013-01-10 04:07:47 253256 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2013-01-10 04:07:47 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2013-01-10 04:05:49 -------- d-----w- C:\ProgramData\PC Tools
2013-01-10 04:05:48 -------- d-----w- C:\Users\Shelli\AppData\Roaming\TestApp
2013-01-10 03:39:32 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-10 03:39:20 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-10 03:39:19 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-10 02:50:05 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-10 02:49:59 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-01-10 02:49:56 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-01-10 02:07:13 -------- d-----w- C:\Users\Shelli\GooredFix Backups
2013-01-09 19:25:35 143360 --sha-r- C:\Windows\SysWow64\dbghelpo.dll
2013-01-06 15:43:58 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Juniper Networks
2012-12-22 17:17:41 -------- d-----w- C:\Program Files (x86)\Auslogics
2012-12-22 17:03:53 -------- d-----w- C:\Program Files (x86)\Cozi Express
2012-12-21 21:42:05 -------- d-----w- C:\Users\Shelli\AppData\Local\Amazon
2012-12-21 08:00:53 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 08:00:53 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 08:00:52 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 08:00:52 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 23:16:03 -------- d-----w- C:\ProgramData\Blumentals
2012-12-14 23:15:37 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Blumentals
2012-12-14 23:15:37 -------- d-----w- C:\Program Files (x86)\WeBuilder 2011
2012-12-12 10:37:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-12 10:37:11 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-12 10:36:50 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 10:36:50 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
==================== Find3M ====================
.
2013-01-09 16:48:16 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 16:48:16 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:47:32 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-12-18 02:06:28 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2012-12-10 23:01:54 321384 ----a-w- C:\Windows\SysWow64\Sendori.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-26 00:31:01 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-11-25 02:51:37 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 04:53:17 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-09 04:53:16 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-03 08:48:54 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-11-03 05:21:06 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-29 13:14:20 1981312 ----a-w- C:\Windows\System32\Wacom_Tablet.dll
2012-10-29 13:14:20 1974144 ----a-w- C:\Windows\System32\Wacom_Touch_Tablet.dll
2012-10-29 13:14:20 1843072 ----a-w- C:\Windows\System32\Wintab32.dll
2012-10-29 13:14:18 1840000 ----a-w- C:\Windows\System32\WacomMT.dll
2012-10-29 13:14:16 1628032 ----a-w- C:\Windows\SysWow64\Wacom_Tablet.dll
2012-10-29 13:14:16 1621376 ----a-w- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
2012-10-29 13:14:16 1509248 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2012-10-29 13:14:16 1505152 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2012-10-16 21:34:57 3544134 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-16 21:34:56 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-16 21:34:42 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-16 21:34:33 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-16 21:34:32 866664 ----a-w- C:\Windows\System32\nv3dappshext.dll
2012-10-16 21:34:32 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-16 21:34:32 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2012-10-16 21:34:32 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-16 21:34:32 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 20:18:59.76 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/3/2012 10:37:38 PM
System Uptime: 1/10/2013 6:55:50 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0K4H3G
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | CPU | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 347 GiB total, 289.024 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 332 GiB total, 29.876 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
AccelerometerP11
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.01)
Advanced Audio FX Engine
Allmyapps
Amazon Kindle
Audacity 2.0.2
Auslogics Duplicate File Finder
Big Solitaires 3D 1.4
calibre
CCleaner
Consumer In-Home Service Agreement
Cozi
CutePDF Writer 3.0
CyberLink PowerDVD 9.6
D3DX10
DAEMON Tools Lite
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Support Center
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
Face Recognition
Facebook Messenger 2.1.4651.0
FastStone Photo Resizer 3.1
Free YouTube Download version 3.1.40.1031
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
Greenshot 1.0.6.2228
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Turbo Boost Technology Monitor 2.0
Intel(R) WiDi
Intel(R) Wireless Display
Internet Explorer
iSEEK AnswerWorks English Runtime
Java 7 Update 9
Java(TM) 6 Update 27 (64-bit)
Java(TM) 6 Update 37
Jing
Junk Mail filter update
K-Lite Codec Pack 9.4.6 (Standard)
LAME v3.99.3 (for Windows)
LastPass(uninstall only)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero Blu-ray Player
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
NOOK for PC
Norton 360
NVIDIA Control Panel 307.21
NVIDIA Graphics Driver 307.21
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA Update 1.10.8
NVIDIA Update Components
Photo Common
Photo Gallery
PhotoShowExpress
PlayReady PC Runtime x86
Quicken 2012
Quickset64
RBVirtualFolder64Inst
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sendori
Skype™ 6.0
SmartTRAK
Sonic CinePlayer Decoder Pack
Sound Blaster X-Fi MB
SpeedFan (remove only)
Spybot - Search & Destroy
Synaptics Pointing Device Driver
SyncUP
System Requirements Lab for Intel
TrustedID
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.5
Wacom Tablet
WebQuiz XP
WebTablet FB Plugin 64 bit
WeBuilder 2011 v11.4
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 2.6
WinHTTrack Website Copier 3.46-1 (x64)
WinSCP 5.1.3
.
==== Event Viewer Messages From Past Week ========
.
1/9/2013 8:54:38 PM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.
1/9/2013 11:14:09 PM, Error: PCTCore [280] -
1/10/2013 7:00:22 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/10/2013 7:00:22 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
1/10/2013 6:59:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
1/10/2013 6:57:16 PM, Error: Service Control Manager [7001] - The Spybot-S&D 2 Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/10/2013 6:16:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
1/10/2013 6:16:45 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-10 21:30:17
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 rev. 698.64GB
Running: gut16kj6.exe; Driver: C:\Users\Shelli\AppData\Local\Temp\pxldrpow.sys


---- User code sections - GMER 2.0 ----

.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 00000000709a11a8 2 bytes [9A, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 248 00000000709a127d 2 bytes [9A, 70]
.text ... * 6
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 00000000709a13a8 2 bytes [9A, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 00000000709a1422 2 bytes [9A, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 00000000709a1498 2 bytes [9A, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextCreate + 4 00000000707c1825 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroy + 4 00000000707c1830 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroyAll + 4 00000000707c183b 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dDrawPrimitives2 + 4 00000000707c1846 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dValidateTextureStageState + 4 00000000707c1851 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAddAttachedSurface + 4 00000000707c185c 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAlphaBlt + 4 00000000707c1867 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAttachSurface + 4 00000000707c1872 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBeginMoCompFrame + 4 00000000707c187d 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBlt + 4 00000000707c1888 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateD3DBuffer + 4 00000000707c1893 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateSurface + 4 00000000707c189e 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdColorControl + 4 00000000707c18a9 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateD3DBuffer + 4 00000000707c18b4 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateDirectDrawObject + 4 00000000707c18bf 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateMoComp + 4 00000000707c18ca 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurface + 4 00000000707c18d5 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceEx + 4 00000000707c18e0 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceObject + 4 00000000707c18eb 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteDirectDrawObject + 4 00000000707c18f6 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteSurfaceObject + 4 00000000707c1901 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyD3DBuffer + 4 00000000707c190c 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyMoComp + 4 00000000707c1917 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroySurface + 4 00000000707c1922 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdEndMoCompFrame + 4 00000000707c192d 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlip + 4 00000000707c1938 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlipToGDISurface + 4 00000000707c1943 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetAvailDriverMemory + 4 00000000707c194e 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetBltStatus + 4 00000000707c1959 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDC + 4 00000000707c1964 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverInfo + 4 00000000707c196f 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverState + 4 00000000707c197a 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDxHandle + 4 00000000707c1985 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetFlipStatus + 4 00000000707c1990 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetInternalMoCompInfo + 4 00000000707c199b 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompBuffInfo + 4 00000000707c19a6 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompFormats + 4 00000000707c19b1 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompGuids + 4 00000000707c19bc 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetScanLine + 4 00000000707c19c7 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLock + 4 00000000707c19d2 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLockD3D + 4 00000000707c19dd 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryDirectDrawObject + 4 00000000707c19e8 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryMoCompStatus + 4 00000000707c19f3 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReenableDirectDrawObject + 4 00000000707c19fe 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReleaseDC + 4 00000000707c1a09 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdRenderMoComp + 4 00000000707c1a14 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdResetVisrgn + 4 00000000707c1a1f 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetColorKey + 4 00000000707c1a2a 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetExclusiveMode + 4 00000000707c1a35 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetGammaRamp + 4 00000000707c1a40 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetOverlayPosition + 4 00000000707c1a4b 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnattachSurface + 4 00000000707c1a56 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlock + 4 00000000707c1a61 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlockD3D + 4 00000000707c1a6c 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUpdateOverlay + 4 00000000707c1a77 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 4 00000000707c1a82 2 bytes [7C, 70]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe[636] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 52 00000000707c1ab2 2 bytes [7C, 70]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1272] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2948] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Windows\system32\taskeng.exe[1680] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fefa02dc88 5 bytes JMP 000007fffa0000d8
.text C:\Windows\system32\Dwm.exe[3276] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fefa02de10 5 bytes JMP 000007fffa000110
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe[3284] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files\Tablet\Wacom\WacomHost.exe[3292] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe[3312] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[3356] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\WINDOWS\System32\WerFault.exe[3852] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3868] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sendori\sndappv2.exe[3948] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[4364] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[4492] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[4592] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4624] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[4632] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4640] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\WINDOWS\System32\igfxpers.exe[4684] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[4708] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4772] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4832] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Dell\QuickSet\quickset.exe[5052] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4588] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[5240] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Windows\system32\AMBSpiE.exe[5324] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Cyberlink\Shared files\brs.exe[5504] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe[5620] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[5660] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000764b87b1 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[5680] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Sendori\SendoriTray.exe[5744] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Sendori\SendoriTray.exe[5744] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Sendori\SendoriTray.exe[5744] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Sendori\SendoriTray.exe[5744] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Sendori\SendoriTray.exe[5744] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000765b1401 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000765b1419 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000765b1431 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000765b144a 2 bytes [5B, 76]
.text ... * 9
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000765b14dd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000765b14f5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000765b150d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000765b1525 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000765b153d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000765b1555 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000765b156d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000765b1585 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000765b159d 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000765b15b5 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000765b15cd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000765b16b2 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000765b16bd 2 bytes [5B, 76]
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe[5824] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefeda7490 11 bytes JMP 000007fffde50228
.text C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe[5920] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefedbbf00 7 bytes JMP 000007fffde50260
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007763efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000776699b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000776794d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077679640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007769a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefde63460 7 bytes JMP 000007fffde500d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefde69940 6 bytes JMP 000007fffde50148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefde69fb0 5 bytes JMP 000007fffde50180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefde6a150 5 bytes JMP 000007fffde50110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007feff6189e0 8 bytes JMP 000007fffde501f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5928] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007feff61be40 8 bytes JMP 000007fffde501b8
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe[996] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000764c1429 7 bytes JMP 000000017296128f
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000764db223 5 bytes JMP 000000017296159b
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000765588f4 7 bytes JMP 0000000172961339
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076558979 5 bytes JMP 00000001729616b8
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076558ccf 5 bytes JMP 000000017296101e
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076fe1d1b 5 bytes JMP 00000001729611d1
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076fe1dc9 5 bytes JMP 0000000172961019
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076fe2aa4 5 bytes JMP 000000017296154b
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076fe2d0a 5 bytes JMP 0000000172961276
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000076f6e9a2 5 bytes JMP 00000001729615b4
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000076f6ebdc 5 bytes JMP 000000017296119a
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075585ea5 5 bytes JMP 00000001729615e6
.text C:\Users\Shelli\Desktop\gut16kj6.exe[5436] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000755b9d0b 5 bytes JMP 000000017296122b

---- Devices - GMER 2.0 ----

Device \FileSystem\fastfat \Fat m32\Drivers\Ntfs.sys
Device \Driver\qicflt \Device\ToasterFilter ws\system32\DRIVERS\kbdclass.sys
Device \FileSystem\SRTSP \Device\NAVAP ws\system32\DRIVERS\kbdclass.sys
Device \Driver\NAVENG \Device\NAVENG ws\system32\DRIVERS\kbdclass.sys
Device \Driver\NAVEX15 \Device\NAVEX15 ws\system32\DRIVERS\kbdclass.sys
Device \Driver\usbccgp \Device\0000009c ws\system32\DRIVERS\kbdclass.sys
Device \FileSystem\SRTSP \Device\SAVRT
Device \FileSystem\SRTSP \Device\SRTSP

---- Threads - GMER 2.0 ----

Thread C:\Windows\SysWOW64\rundll32.exe [1944:1304] 000000000043f040
Thread C:\Windows\SysWOW64\rundll32.exe [1944:1328] 00000000001d3a80
Thread C:\Windows\SysWOW64\rundll32.exe [1944:1732] 00000000001d3a10
Thread C:\Windows\SysWOW64\rundll32.exe [1944:5764] 0000000000515cfe
Thread C:\Windows\SysWOW64\rundll32.exe [1944:5612] 0000000000512ea6
Thread C:\Windows\SysWOW64\rundll32.exe [1944:6008] 00000000005133de
Thread [1636:5236] 0000000077952e25
Thread [1636:5304] 0000000076dc820d
Thread [1636:5308] 0000000077953e45
Thread [1636:5312] 0000000077953e45
Thread [1636:5316] 000000007559d864
Thread [1636:5344] 0000000071e7a6e3
Thread [1636:5616] 0000000071e75548
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ [1636] 0000000000400000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [5680] 0000000075510000

---- Registry - GMER 2.0 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Teredo\PreviousState\[email protected] 51123
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Teredo\PreviousState\a[email protected] 2001:0:4137:9e76:24c6:384c:b838:4ff9
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\[email protected] 1882
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3B34BA86-2C39-415B-9F6F-541F0D2687CE}@EnableDHCP 0

---- Files - GMER 2.0 ----

File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS010CA.log 1048576 bytes

---- EOF - GMER 2.0 ----


=============
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 8086 Mb
Graphics Card: NVIDIA GeForce GT 550M, 1023 Mb
Hard Drives: C: Total - 355551 MB, Free - 295303 MB; E: Total - 339745 MB, Free - 30591 MB;
Motherboard: Dell Inc., 0K4H3G
Antivirus: Norton 360, Updated and Enabled

 

It is now affecting my Chrome browser, too.

 

Bump... someone just broke in my house and broke the window in my French door... trying to google for emergency glass repair has been almost impossible with this redirect issue!

 

Bump... affecting Bing searches now, too

 

Hi and welcome to TSG.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (bottom left corner of this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed. Note that if you do not respond within 3 days I shall no longer check this thread for replies.

Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.


IMPORTANT - for Windows Vista and Windows 7 start all tools by using right click > Run as Administrator.




Combofix
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please read all the information carefully! If using Windows XP you should ensure you install the Recovery Console.

You MUST disable your AntiVirus and AntiSpyware applications - please read this thread as a guide. They may otherwise interfere with our tools and interrupt the cleansing process.

Please include the log C:\ComboFix.txt in your next reply for further review.

 

Thanks! Took so long to create the log I thought it hung up but finally finished:

ComboFix 13-01-17.03 - Shelli 01/17/2013 16:46:44.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.4951 [GMT -5:00]
Running from: C:\Users\Shelli\Desktop\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\PCDr\6032\AddOnDownloaded\18d25bc5-acbb-424f-a6c6-d04a97765094.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\2141cd58-3a24-481f-8ca2-8b466c9b797f.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\2d2ff7e2-f0f8-4f32-a28e-e44234dd3300.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\3e137363-345c-454a-a474-2da300d9297a.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\489a0734-0bcc-462a-8a9c-29a40f0007b9.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\59abf7b9-a4a7-4d76-9ad6-13c7bb2f4d0b.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\5f996ddf-fafd-4f93-b623-a362758305b9.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\65a823a3-a5fc-440a-b276-153555251042.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\918ee45c-eb0a-4e61-97ad-c1849c2623ee.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\b0654984-096d-4244-a127-3364577b6279.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\b967e9c4-897a-42c8-96d2-4ceb543f8cdb.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\e3146f6d-11b3-4a00-a026-1ba8b4bb00ff.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\ea058b56-dc30-479c-af0f-bcf27aed08df.dll
C:\ProgramData\PCDr\6032\AddOnDownloaded\f4d48f15-9f33-4b3f-a84f-bc8b2800e772.dll
C:\ProgramData\Roaming
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\_ctypes.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\_elementtree.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\_hashlib.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\_socket.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\_ssl.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\pyexpat.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\pysqlite2._sqlite.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\python26.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\pythoncom26.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\PyWinTypes26.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\select.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\unicodedata.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32api.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32com.shell.shell.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32crypt.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32event.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32file.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32inet.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32pdh.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32process.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32profile.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32security.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\win32ts.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\windows._cacheinvalidation.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._controls_.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._core_.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._gdi_.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._html2.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._misc_.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._windows_.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wx._wizard.pyd
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxbase293u_net_vc.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxbase293u_vc.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxmsw293u_adv_vc.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxmsw293u_core_vc.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxmsw293u_html_vc.dll
C:\Users\Shelli\AppData\Local\Temp\_MEI40882\wxmsw293u_webview_vc.dll
C:\Users\Shelli\AppData\Local\Temp\tmpa2eijt\googledrivesync.exe
C:\Windows\SysWow64\DEBUG.log
C:\Windows\wininit.ini

((((((((((((((((((((((((( Files Created from 2012-12-17 to 2013-01-17 )))))))))))))))))))))))))))))))

2013-01-17 22:07:51 . 2013-01-17 22:07:51 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2013-01-17 22:07:51 . 2013-01-17 22:07:51 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-01-16 00:46:07 . 2013-01-16 00:46:07 1570 ----a-w- C:\Users\Shelli\halfoffdepot.com
2013-01-10 23:25:40 . 2013-01-11 03:45:58 -------- d-----w- C:\Users\Shelli\AppData\Roaming\calibre
2013-01-10 23:25:31 . 2013-01-11 12:41:41 -------- d-----w- C:\Program Files (x86)\Calibre2
2013-01-10 23:22:31 . 2013-01-10 23:22:31 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Apple Computer
2013-01-10 23:22:31 . 2013-01-10 23:22:31 -------- d-----w- C:\Users\Shelli\AppData\Local\Apple Computer
2013-01-10 23:22:25 . 2013-01-10 23:22:25 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Barnes & Noble
2013-01-10 23:22:24 . 2013-01-10 23:22:24 -------- d-----w- C:\Program Files (x86)\Barnes & Noble
2013-01-10 04:12:41 . 2013-01-10 04:12:41 -------- d-----w- C:\Program Files (x86)\PC Tools
2013-01-10 04:07:47 . 2013-01-10 04:30:34 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2013-01-10 04:07:47 . 2012-11-01 20:35:14 253256 ----a-w- C:\Windows\system32\drivers\PCTSD64.sys
2013-01-10 04:05:49 . 2013-01-10 04:29:35 -------- d-----w- C:\ProgramData\PC Tools
2013-01-10 04:05:48 . 2013-01-10 04:05:48 -------- d-----w- C:\Users\Shelli\AppData\Roaming\TestApp
2013-01-10 03:39:32 . 2013-01-10 03:39:32 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-10 03:39:20 . 2013-01-10 04:04:34 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-10 03:39:19 . 2013-01-10 03:39:19 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-10 02:50:05 . 2013-01-16 18:12:47 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-10 02:49:59 . 2009-01-25 17:14:02 17272 ----a-w- C:\Windows\system32\sdnclean64.exe
2013-01-10 02:49:56 . 2013-01-10 02:50:04 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-01-10 02:07:13 . 2013-01-10 02:07:13 -------- d-----w- C:\Users\Shelli\GooredFix Backups
2013-01-10 01:54:39 . 2013-01-10 01:54:39 -------- d-----w- C:\ProgramData\Google Updater
2013-01-09 19:25:35 . 2013-01-09 19:25:35 143360 --sha-r- C:\Windows\SysWow64\dbghelpo.dll
2013-01-06 15:43:58 . 2013-01-14 13:10:36 -------- d-----w- C:\Users\Shelli\AppData\Roaming\Juniper Networks
2013-01-01 23:10:19 . 2013-01-01 23:10:19 -------- d-----w- C:\Windows\Sun
2012-12-22 17:20:08 . 2013-01-09 18:50:06 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe
2012-12-22 17:17:41 . 2012-12-22 17:17:41 -------- d-----w- C:\Program Files (x86)\Auslogics
2012-12-22 17:03:53 . 2012-12-22 17:03:53 -------- d-----w- C:\Program Files (x86)\Cozi Express
2012-12-21 21:42:05 . 2012-12-21 21:42:18 -------- d-----w- C:\Users\Shelli\AppData\Local\Amazon
2012-12-21 08:00:53 . 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\system32\atmlib.dll
2012-12-21 08:00:53 . 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 08:00:52 . 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\system32\atmfd.dll
2012-12-21 08:00:52 . 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-01-16 18:30:14 . 2012-11-03 06:10:30 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-01-10 23:16:07 . 2012-11-03 05:05:26 67599240 ----a-w- C:\Windows\system32\MRT.exe
2013-01-09 16:48:16 . 2012-11-03 16:44:54 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:48:16 . 2011-11-18 03:33:32 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 16:47:32 . 2012-12-12 00:48:14 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-12-10 23:01:54 . 2012-11-25 02:52:34 321384 ----a-w- C:\Windows\SysWow64\Sendori.dll
2012-11-30 04:45:10 . 2013-01-09 17:01:32 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2012-11-26 03:14:05 . 2012-11-26 03:14:05 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2012-11-26 03:14:05 . 2012-11-26 03:14:05 74752 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx
2012-11-26 03:14:05 . 2012-11-26 03:14:05 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 367104 ----a-w- C:\Windows\SysWow64\html.iec
2012-11-26 03:14:05 . 2012-11-26 03:14:05 35840 ----a-w- C:\Windows\SysWow64\imgutil.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 23552 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 161792 ----a-w- C:\Windows\SysWow64\msls31.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 152064 ----a-w- C:\Windows\SysWow64\wextract.exe
2012-11-26 03:14:05 . 2012-11-26 03:14:05 150528 ----a-w- C:\Windows\SysWow64\iexpress.exe
2012-11-26 03:14:05 . 2012-11-26 03:14:05 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2012-11-26 03:14:05 . 2012-11-26 03:14:05 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll
2012-11-26 03:14:05 . 2012-11-26 03:14:05 101888 ----a-w- C:\Windows\SysWow64\admparse.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 91648 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 89088 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 89088 ----a-w- C:\Windows\system32\ie4uinit.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 85504 ----a-w- C:\Windows\system32\iesetup.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 82432 ----a-w- C:\Windows\system32\icardie.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 76800 ----a-w- C:\Windows\system32\tdc.ocx
2012-11-26 03:14:04 . 2012-11-26 03:14:04 65024 ----a-w- C:\Windows\system32\pngfilt.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 55296 ----a-w- C:\Windows\system32\msfeedsbs.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 534528 ----a-w- C:\Windows\system32\ieapfltr.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 49664 ----a-w- C:\Windows\system32\imgutil.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 48640 ----a-w- C:\Windows\system32\mshtmler.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 452608 ----a-w- C:\Windows\system32\dxtmsft.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 448512 ----a-w- C:\Windows\system32\html.iec
2012-11-26 03:14:04 . 2012-11-26 03:14:04 403248 ----a-w- C:\Windows\system32\iedkcs32.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 39936 ----a-w- C:\Windows\system32\iernonce.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 3695416 ----a-w- C:\Windows\system32\ieapfltr.dat
2012-11-26 03:14:04 . 2012-11-26 03:14:04 30720 ----a-w- C:\Windows\system32\licmgr10.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 282112 ----a-w- C:\Windows\system32\dxtrans.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 267776 ----a-w- C:\Windows\system32\ieaksie.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 249344 ----a-w- C:\Windows\system32\webcheck.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 222208 ----a-w- C:\Windows\system32\msls31.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 197120 ----a-w- C:\Windows\system32\msrating.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 165888 ----a-w- C:\Windows\system32\iexpress.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 163840 ----a-w- C:\Windows\system32\ieakui.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 160256 ----a-w- C:\Windows\system32\wextract.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 160256 ----a-w- C:\Windows\system32\ieakeng.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 149504 ----a-w- C:\Windows\system32\occache.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 145920 ----a-w- C:\Windows\system32\iepeers.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 135168 ----a-w- C:\Windows\system32\IEAdvpack.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 12288 ----a-w- C:\Windows\system32\mshta.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 114176 ----a-w- C:\Windows\system32\admparse.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 111616 ----a-w- C:\Windows\system32\iesysprep.dll
2012-11-26 03:14:04 . 2012-11-26 03:14:04 10752 ----a-w- C:\Windows\system32\msfeedssync.exe
2012-11-26 03:14:04 . 2012-11-26 03:14:04 103936 ----a-w- C:\Windows\system32\inseng.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 9728 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 648192 ----a-w- C:\Windows\system32\d3d10level9.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 5632 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 5632 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 522752 ----a-w- C:\Windows\system32\XpsGdiConverter.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 465920 ----a-w- C:\Windows\system32\WMPhoto.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 4096 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3928064 ----a-w- C:\Windows\system32\d2d1.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 363008 ----a-w- C:\Windows\system32\dxgi.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3584 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 333312 ----a-w- C:\Windows\system32\d3d10_1core.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3072 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 3072 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 296960 ----a-w- C:\Windows\system32\d3d10core.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 2776576 ----a-w- C:\Windows\system32\msmpeg2vdec.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 2560 ---ha-w- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 245248 ----a-w- C:\Windows\system32\WindowsCodecsExt.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 2434560 ----a-w- C:\Windows\system32\d3d10warp.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 221184 ----a-w- C:\Windows\system32\UIAnimation.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 194560 ----a-w- C:\Windows\system32\d3d10_1.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 1887232 ----a-w- C:\Windows\system32\d3d11.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 1885696 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 1682432 ----a-w- C:\Windows\system32\XpsPrint.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 1643008 ----a-w- C:\Windows\system32\DWrite.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-11-26 00:31:01 . 2012-11-26 00:31:01 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-03 06:50:42 220632 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-03 06:50:42 220632 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-03 06:50:42 220632 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-11-03 04:34:33 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-05 01:05:04 241789]
"UpdReg"="C:\Windows\UpdReg.EXE" [2000-05-11 07:00:00 90112]
"RemoteControl9"="c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 22:55:28 87336]
"PDVD9LanguageShortcut"="c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 00:59:44 50472]
"BDRegion"="c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 02:05:00 75048]
"AccuWeatherWidget"="C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 00:18:16 885760]
"FATrayAlert"="C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2012-02-14 20:26:04 96240]
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2012-05-09 20:31:12 577536]
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" [2012-11-03 06:02:11 296096]
"Sendori Tray"="C:\Program Files (x86)\Sendori\SendoriTray.exe" [2012-12-10 23:01:54 82792]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 23:36:46 30040]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 19:08:28 946352]
C:\Users\Shelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Install LastPass IE RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe [2012-11-3 14794312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2012-02-14 20:26:00 153584 ----a-w- C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=C:\WINDOWS\SysWOW64\nvinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/11/17 22:34:14;c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-12 00:04:58 248304]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 22:27:14 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 11:34:18 219632]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 20:14:08 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys [2011-08-08 13:32:08 299008]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-11-18 04:03:34 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-18 04:02:55 79360]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys [2008-09-25 02:36:14 238848]
R3 hidkmdf;KMDF Driver;C:\Windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 14:20:38 13728]
R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [2010-02-27 15:32:14 158976]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys [2012-04-19 22:36:26 35256]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys [2011-01-31 15:24:46 121960]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14:10:20 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 11:33:18 1116656]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-11-18 04:02:05 79360]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 14:07:35 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 14:08:26 30208]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 21:00:56 149504]
R3 WacHidRouter;Wacom Hid Router;C:\Windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 14:20:38 81312]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 14:54:54 15776]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-03 05:15:45 1255736]
S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-26 00:02:40 30056]
S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 09:00:00 55856]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 19:05:12 21616]
S0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 06:47:10 450680]
S0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 02:31:23 912504]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130111.001\BHDrvx64.sys [2012-10-23 23:34:23 1384608]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-25 02:51:37 283200]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130116.002\IDSvia64.sys [2012-11-02 19:26:52 513184]
S1 nvkflt;nvkflt;C:\Windows\system32\DRIVERS\nvkflt.sys [2012-10-26 00:02:40 284008]
S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2011-01-27 05:07:06 171128]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 01:37:49 386168]
S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 02:14:26 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 13:39:18 1166848]
S2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-12-10 23:01:54 118632]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 07:16:36 921664]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 07:16:48 995392]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 18:51:38 134928]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-09 14:22:48 173568]
S2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2012-02-14 20:26:00 2451440]
S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 00:45:11 130008]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 20:32:36 687400]
S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 19:07:16 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 19:07:20 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 19:07:24 168384]
S2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2012-12-10 23:01:54 14696]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 16:06:12 1692480]
S2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2012-12-10 23:01:54 3569512]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 21:00:04 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 00:24:38 2656280]
S2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-10-29 13:14:18 613760]
S3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 17:34:14 27760]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 13:32:08 299008]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 07:16:46 1335360]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys [2011-05-19 07:17:02 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys [2011-05-19 07:17:04 53248]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys [2011-11-15 05:13:00 327168]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 18:40:20 176000]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-03 08:52:47 138912]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 23:45:00 60416]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 00:28:18 317440]
S3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys [2012-04-19 22:36:26 25528]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 02:48:34 340240]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 22:52:34 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 22:52:34 181760]
S3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-13 02:38:06 29288]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 10:34:52 539240]

--- Other Services/Drivers In Memory ---
*Deregistered* - CLKMDRV10_9EC60124
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb65307f-2878-11e2-b42d-4c8093113225}]
\shell\AutoRun\command - G:\TL-Bootstrap.exe
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-12 10:36:36 1606760 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
Contents of the 'Scheduled Tasks' folder
2013-01-17 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-03 16:44:54 . 2013-01-09 16:48:16]
2013-01-17 C:\Windows\Tasks\AllmyappsUpdateTask.job
- C:\Users\Shelli\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [2012-11-03 06:01:20 . 2012-12-31 21:43:56]
2013-01-17 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03 04:31:43 . 2012-11-03 04:31:39]
2013-01-17 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03 04:31:43 . 2012-11-03 04:31:39]
2013-01-17 C:\Windows\Tasks\QZLGYMJGV.job
- C:\Windows\system32\rundll32.exe [2009-07-13 23:41:43 . 2009-07-14 01:14:31]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-03 06:50:40 244696 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-03 06:50:40 244696 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-03 06:50:40 244696 ----a-w- C:\Users\Shelli\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-18 00:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-18 00:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-18 00:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-18 00:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTMasterOnOffMonitor"="CTMWatch.dll StartCTMasterOnOffWatch" [X]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 23:48:58 6611048]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 22:53:06 2188904]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2011-08-05 08:48:46 167704]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2011-08-05 08:47:48 392472]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2011-08-05 08:48:02 416024]
"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 16:25:22 686704]
"BTMTrayAgent"="C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 07:16:30 10365952]
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 02:51:58 1935120]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 01:39:57 168960]
"RunDLLEntry"="C:\Windows\system32\AmbRunE.dll" [2009-02-26 18:08:02 17920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\WINDOWS\System32\nvinitx.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
------- Supplementary Scan -------
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = https://www.google.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: LastPass - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: pinterest.com
Trusted Zone: tvtorrents.com\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3B34BA86-2C39-415B-9F6F-541F0D2687CE}: NameServer = 0.0.0.0
TCP: Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A}: NameServer = 216.146.35.240,216.146.36.240,192.168.1.1
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2457851413-291917941-4087837423-1002_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):7d,06,78,21,db,e7,b3,02,46,97,ac,b4,cb,0b,a0,f4,53,df,82,0c,95,
b8,30,c6,2f,10,9d,aa,95,12,6d,f9,34,92,4c,19,96,af,d2,5d,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-2457851413-291917941-4087837423-1002_Classes\Wow6432Node\CLSID\{d9ae78c3-b4e0-46c0-9ebb-1ce90edc2768}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000161
"Therad"=dword:00000016
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

 

Hi again

How is your system running now?


Download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to the following:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Save it to your desktop.

Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.

 

Still getting redirected about 1/3 of the time
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.18.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shelli :: ASLAN [administrator]
Protection: Enabled
1/18/2013 5:39:23 PM
mbam-log-2013-01-18 (17-39-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248736
Time elapsed: 5 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

Hi again

Please download TDSSKiller.zip and extract TDSSKiller.exe to your desktop.

Execute TDSSKiller.exe by doubleclicking on it. Press Start Scan.

• If Malicious objects are found, ensure Skip is selected
  
  
  
• Click Continue then click Reboot now
  
  
  
  
• Once complete, a log will be produced at the root drive which is typically C:\
  
  For example, C:\TDSSKiller.2.4.0.0_24.07.2010_13.10.52_log.txt.

Please attach that log.

 

14:13:40.0506 13904 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:13:41.0901 13904 ============================================================
14:13:41.0901 13904 Current date / time: 2013/01/19 14:13:41.0901
14:13:41.0901 13904 SystemInfo:
14:13:41.0901 13904
14:13:41.0901 13904 OS Version: 6.1.7601 ServicePack: 1.0
14:13:41.0901 13904 Product type: Workstation
14:13:41.0901 13904 ComputerName: ASLAN
14:13:41.0901 13904 UserName: Shelli
14:13:41.0901 13904 Windows directory: C:\Windows
14:13:41.0901 13904 System windows directory: C:\Windows
14:13:41.0901 13904 Running under WOW64
14:13:41.0901 13904 Processor architecture: Intel x64
14:13:41.0901 13904 Number of processors: 8
14:13:41.0901 13904 Page size: 0x1000
14:13:41.0901 13904 Boot type: Normal boot
14:13:41.0901 13904 ============================================================
14:13:42.0431 13904 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:13:42.0447 13904 ============================================================
14:13:42.0447 13904 \Device\Harddisk0\DR0:
14:13:42.0447 13904 MBR partitions:
14:13:42.0447 13904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
14:13:42.0447 13904 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x2B66FEF0
14:13:42.0494 13904 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2DDB4800, BlocksNum 0x29791000
14:13:42.0494 13904 ============================================================
14:13:42.0541 13904 C: <-> \Device\Harddisk0\DR0\Partition2
14:13:42.0581 13904 E: <-> \Device\Harddisk0\DR0\Partition3
14:13:42.0581 13904 ============================================================
14:13:42.0582 13904 Initialize success
14:13:42.0582 13904 ============================================================
14:13:48.0778 13056 ============================================================
14:13:48.0778 13056 Scan started
14:13:48.0778 13056 Mode: Manual;
14:13:48.0778 13056 ============================================================
14:13:50.0842 13056 ================ Scan system memory ========================
14:13:50.0842 13056 System memory - ok
14:13:50.0842 13056 ================ Scan services =============================
14:13:51.0029 13056 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:13:51.0045 13056 1394ohci - ok
14:13:51.0076 13056 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
14:13:51.0076 13056 Acceler - ok
14:13:51.0107 13056 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:13:51.0123 13056 ACPI - ok
14:13:51.0154 13056 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:13:51.0154 13056 AcpiPmi - ok
14:13:51.0216 13056 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:13:51.0216 13056 AdobeARMservice - ok
14:13:51.0341 13056 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:13:51.0341 13056 AdobeFlashPlayerUpdateSvc - ok
14:13:51.0388 13056 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:13:51.0404 13056 adp94xx - ok
14:13:51.0450 13056 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:13:51.0466 13056 adpahci - ok
14:13:51.0482 13056 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:13:51.0482 13056 adpu320 - ok
14:13:51.0544 13056 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:13:51.0544 13056 AeLookupSvc - ok
14:13:51.0606 13056 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:13:51.0606 13056 AERTFilters - ok
14:13:51.0652 13056 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:13:51.0663 13056 AFD - ok
14:13:51.0689 13056 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:13:51.0692 13056 agp440 - ok
14:13:51.0714 13056 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:13:51.0717 13056 ALG - ok
14:13:51.0736 13056 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:13:51.0739 13056 aliide - ok
14:13:51.0755 13056 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:13:51.0758 13056 amdide - ok
14:13:51.0787 13056 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:13:51.0789 13056 AmdK8 - ok
14:13:51.0804 13056 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:13:51.0806 13056 AmdPPM - ok
14:13:51.0826 13056 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:13:51.0830 13056 amdsata - ok
14:13:51.0859 13056 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:13:51.0863 13056 amdsbs - ok
14:13:51.0877 13056 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:13:51.0878 13056 amdxata - ok
14:13:51.0905 13056 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
14:13:51.0905 13056 AMPPAL - ok
14:13:51.0920 13056 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
14:13:51.0920 13056 AMPPALP - ok
14:13:51.0983 13056 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:13:52.0030 13056 AMPPALR3 - ok
14:13:52.0045 13056 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:13:52.0045 13056 AppID - ok
14:13:52.0076 13056 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:13:52.0076 13056 AppIDSvc - ok
14:13:52.0108 13056 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:13:52.0108 13056 Appinfo - ok
14:13:52.0139 13056 [ DCEBADAB68650A3EC48FDC102A6D67E8 ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe
14:13:52.0154 13056 Application Sendori - ok
14:13:52.0186 13056 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:13:52.0186 13056 arc - ok
14:13:52.0217 13056 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:13:52.0217 13056 arcsas - ok
14:13:52.0310 13056 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:13:52.0310 13056 aspnet_state - ok
14:13:52.0342 13056 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:13:52.0342 13056 AsyncMac - ok
14:13:52.0373 13056 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:13:52.0373 13056 atapi - ok
14:13:52.0420 13056 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:13:52.0451 13056 AudioEndpointBuilder - ok
14:13:52.0451 13056 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:13:52.0451 13056 AudioSrv - ok
14:13:52.0482 13056 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:13:52.0482 13056 AxInstSV - ok
14:13:52.0529 13056 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:13:52.0529 13056 b06bdrv - ok
14:13:52.0591 13056 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:13:52.0607 13056 b57nd60a - ok
14:13:52.0638 13056 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:13:52.0638 13056 BDESVC - ok
14:13:52.0654 13056 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:13:52.0669 13056 Beep - ok
14:13:52.0732 13056 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:13:52.0747 13056 BFE - ok
14:13:52.0966 13056 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130111.001\BHDrvx64.sys
14:13:52.0997 13056 BHDrvx64 - ok
14:13:53.0012 13056 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:13:53.0028 13056 BITS - ok
14:13:53.0059 13056 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:13:53.0059 13056 blbdrive - ok
14:13:53.0122 13056 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:13:53.0153 13056 Bluetooth Device Monitor - ok
14:13:53.0215 13056 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:13:53.0278 13056 Bluetooth Media Service - ok
14:13:53.0340 13056 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:13:53.0340 13056 Bluetooth OBEX Service - ok
14:13:53.0371 13056 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:13:53.0371 13056 bowser - ok
14:13:53.0402 13056 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:13:53.0402 13056 BrFiltLo - ok
14:13:53.0418 13056 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:13:53.0418 13056 BrFiltUp - ok
14:13:53.0465 13056 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:13:53.0465 13056 BridgeMP - ok
14:13:53.0496 13056 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:13:53.0496 13056 Browser - ok
14:13:53.0496 13056 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:13:53.0512 13056 Brserid - ok
14:13:53.0512 13056 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:13:53.0512 13056 BrSerWdm - ok
14:13:53.0543 13056 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:13:53.0543 13056 BrUsbMdm - ok
14:13:53.0558 13056 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:13:53.0558 13056 BrUsbSer - ok
14:13:53.0590 13056 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:13:53.0590 13056 BthEnum - ok
14:13:53.0590 13056 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:13:53.0605 13056 BTHMODEM - ok
14:13:53.0621 13056 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:13:53.0621 13056 BthPan - ok
14:13:53.0636 13056 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:13:53.0662 13056 BTHPORT - ok
14:13:53.0707 13056 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:13:53.0710 13056 bthserv - ok
14:13:53.0728 13056 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:13:53.0729 13056 BTHSSecurityMgr - ok
14:13:53.0737 13056 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:13:53.0739 13056 BTHUSB - ok
14:13:53.0760 13056 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
14:13:53.0762 13056 btmaudio - ok
14:13:53.0771 13056 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
14:13:53.0772 13056 btmaux - ok
14:13:53.0802 13056 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
14:13:53.0810 13056 btmhsf - ok
14:13:53.0936 13056 catchme - ok
14:13:54.0014 13056 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
14:13:54.0014 13056 ccSet_N360 - ok
14:13:54.0061 13056 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:13:54.0061 13056 cdfs - ok
14:13:54.0092 13056 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:13:54.0092 13056 cdrom - ok
14:13:54.0123 13056 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:13:54.0123 13056 CertPropSvc - ok
14:13:54.0139 13056 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:13:54.0155 13056 circlass - ok
14:13:54.0186 13056 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:13:54.0186 13056 CLFS - ok
14:13:54.0264 13056 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
14:13:54.0279 13056 CLKMSVC10_9EC60124 - ok
14:13:54.0357 13056 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:54.0357 13056 clr_optimization_v2.0.50727_32 - ok
14:13:54.0389 13056 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:13:54.0389 13056 clr_optimization_v2.0.50727_64 - ok
14:13:54.0420 13056 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:13:54.0420 13056 clr_optimization_v4.0.30319_32 - ok
14:13:54.0435 13056 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:13:54.0435 13056 clr_optimization_v4.0.30319_64 - ok
14:13:54.0467 13056 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:13:54.0467 13056 CmBatt - ok
14:13:54.0482 13056 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:13:54.0482 13056 cmdide - ok
14:13:54.0529 13056 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:13:54.0545 13056 CNG - ok
14:13:54.0560 13056 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:13:54.0560 13056 Compbatt - ok
14:13:54.0591 13056 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:13:54.0591 13056 CompositeBus - ok
14:13:54.0607 13056 COMSysApp - ok
14:13:54.0623 13056 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:13:54.0623 13056 crcdisk - ok
14:13:54.0678 13056 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:13:54.0681 13056 Creative ALchemy AL6 Licensing Service - ok
14:13:54.0719 13056 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:13:54.0722 13056 Creative Audio Engine Licensing Service - ok
14:13:54.0773 13056 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:13:54.0778 13056 CryptSvc - ok
14:13:54.0825 13056 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:13:54.0832 13056 CTAudSvcService - ok
14:13:54.0873 13056 [ DF214BFF646880D0EB31BDC86136B29B ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:13:54.0878 13056 CtClsFlt - ok
14:13:54.0922 13056 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:13:54.0937 13056 DcomLaunch - ok
14:13:55.0000 13056 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:13:55.0000 13056 defragsvc - ok
14:13:55.0047 13056 [ 3A42B00C88E3E68080DAB6B27BB35B6E ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
14:13:55.0047 13056 DellDigitalDelivery - ok
14:13:55.0062 13056 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:13:55.0062 13056 DfsC - ok
14:13:55.0093 13056 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:13:55.0093 13056 Dhcp - ok
14:13:55.0140 13056 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:13:55.0140 13056 discache - ok
14:13:55.0156 13056 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:13:55.0156 13056 Disk - ok
14:13:55.0187 13056 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:13:55.0203 13056 Dnscache - ok
14:13:55.0249 13056 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:13:55.0265 13056 dot3svc - ok
14:13:55.0281 13056 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:13:55.0281 13056 DPS - ok
14:13:55.0312 13056 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:13:55.0312 13056 drmkaud - ok
14:13:55.0359 13056 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:13:55.0374 13056 dtsoftbus01 - ok
14:13:55.0405 13056 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:13:55.0437 13056 DXGKrnl - ok
14:13:55.0468 13056 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:13:55.0468 13056 EapHost - ok
14:13:55.0546 13056 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:13:55.0624 13056 ebdrv - ok
14:13:55.0675 13056 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:13:55.0685 13056 eeCtrl - ok
14:13:55.0723 13056 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:13:55.0724 13056 EFS - ok
14:13:55.0775 13056 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:13:55.0800 13056 ehRecvr - ok
14:13:55.0837 13056 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:13:55.0841 13056 ehSched - ok
14:13:55.0871 13056 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:13:55.0876 13056 elxstor - ok
14:13:55.0926 13056 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:13:55.0926 13056 EraserUtilRebootDrv - ok
14:13:55.0941 13056 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:13:55.0957 13056 ErrDev - ok
14:13:55.0988 13056 esgiguard - ok
14:13:56.0004 13056 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:13:56.0004 13056 EventSystem - ok
14:13:56.0082 13056 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:13:56.0128 13056 EvtEng - ok
14:13:56.0191 13056 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:13:56.0191 13056 exfat - ok
14:13:56.0222 13056 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
14:13:56.0238 13056 FACAP - ok
14:13:56.0316 13056 [ D3A9A39880298495788CDBB4BCD1C324 ] FAService C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
14:13:56.0378 13056 FAService - ok
14:13:56.0409 13056 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:13:56.0409 13056 fastfat - ok
14:13:56.0456 13056 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:13:56.0472 13056 Fax - ok
14:13:56.0518 13056 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:13:56.0534 13056 fdc - ok
14:13:56.0550 13056 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:13:56.0565 13056 fdPHost - ok
14:13:56.0565 13056 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:13:56.0581 13056 FDResPub - ok
14:13:56.0596 13056 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:13:56.0596 13056 FileInfo - ok
14:13:56.0612 13056 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:13:56.0612 13056 Filetrace - ok
14:13:56.0628 13056 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:13:56.0628 13056 flpydisk - ok
14:13:56.0659 13056 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:13:56.0659 13056 FltMgr - ok
14:13:56.0742 13056 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\Windows\system32\FntCache.dll
14:13:56.0782 13056 FontCache - ok
14:13:56.0840 13056 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:13:56.0842 13056 FontCache3.0.0.0 - ok
14:13:56.0854 13056 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:13:56.0857 13056 FsDepends - ok
14:13:56.0890 13056 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:13:56.0891 13056 fssfltr - ok
14:13:56.0984 13056 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:13:57.0047 13056 fsssvc - ok
14:13:57.0078 13056 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:13:57.0078 13056 Fs_Rec - ok
14:13:57.0109 13056 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:13:57.0109 13056 fvevol - ok
14:13:57.0125 13056 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:13:57.0140 13056 gagp30kx - ok
14:13:57.0171 13056 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:13:57.0203 13056 gpsvc - ok
14:13:57.0249 13056 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:13:57.0249 13056 gupdate - ok
14:13:57.0265 13056 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:13:57.0265 13056 gupdatem - ok
14:13:57.0327 13056 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:13:57.0327 13056 gusvc - ok
14:13:57.0359 13056 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:13:57.0359 13056 hcw85cir - ok
14:13:57.0390 13056 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:13:57.0405 13056 HDAudBus - ok
14:13:57.0421 13056 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:13:57.0421 13056 HidBatt - ok
14:13:57.0452 13056 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:13:57.0452 13056 HidBth - ok
14:13:57.0483 13056 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:13:57.0483 13056 HidIr - ok
14:13:57.0515 13056 [ 957BD482212B77624E63A54EDDB414F8 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
14:13:57.0515 13056 hidkmdf - ok
14:13:57.0530 13056 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:13:57.0546 13056 hidserv - ok
14:13:57.0561 13056 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:13:57.0577 13056 HidUsb - ok
14:13:57.0593 13056 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:13:57.0593 13056 hkmsvc - ok
14:13:57.0624 13056 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:13:57.0624 13056 HomeGroupListener - ok
14:13:57.0686 13056 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:13:57.0689 13056 HomeGroupProvider - ok
14:13:57.0700 13056 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:13:57.0702 13056 HpSAMD - ok
14:13:57.0736 13056 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:13:57.0760 13056 HTTP - ok
14:13:57.0783 13056 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:13:57.0785 13056 hwpolicy - ok
14:13:57.0803 13056 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:13:57.0807 13056 i8042prt - ok
14:13:57.0835 13056 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:13:57.0843 13056 iaStor - ok
14:13:57.0872 13056 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:13:57.0882 13056 iaStorV - ok
14:13:57.0911 13056 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:13:57.0912 13056 iBtFltCoex - ok
14:13:57.0972 13056 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:13:57.0988 13056 idsvc - ok
14:13:58.0175 13056 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130118.001\IDSvia64.sys
14:13:58.0191 13056 IDSVia64 - ok
14:13:58.0394 13056 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:13:58.0628 13056 igfx - ok
14:13:58.0659 13056 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:13:58.0659 13056 iirsp - ok
14:13:58.0705 13056 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:13:58.0713 13056 IKEEXT - ok
14:13:58.0739 13056 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
14:13:58.0745 13056 Impcd - ok
14:13:58.0788 13056 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:13:58.0791 13056 intaud_WaveExtensible - ok
14:13:58.0883 13056 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:13:58.0952 13056 IntcAzAudAddService - ok
14:13:58.0987 13056 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:13:59.0003 13056 IntcDAud - ok
14:13:59.0050 13056 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:13:59.0050 13056 intelide - ok
14:13:59.0081 13056 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:13:59.0081 13056 intelppm - ok
14:13:59.0096 13056 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:13:59.0112 13056 IPBusEnum - ok
14:13:59.0128 13056 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:13:59.0128 13056 IpFilterDriver - ok
14:13:59.0174 13056 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:13:59.0190 13056 iphlpsvc - ok
14:13:59.0237 13056 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:13:59.0237 13056 IPMIDRV - ok
14:13:59.0252 13056 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:13:59.0252 13056 IPNAT - ok
14:13:59.0284 13056 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:13:59.0284 13056 IRENUM - ok
14:13:59.0299 13056 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:13:59.0299 13056 isapnp - ok
14:13:59.0330 13056 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:13:59.0330 13056 iScsiPrt - ok
14:13:59.0346 13056 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
14:13:59.0346 13056 iwdbus - ok
14:13:59.0377 13056 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:13:59.0377 13056 kbdclass - ok
14:13:59.0408 13056 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:13:59.0408 13056 kbdhid - ok
14:13:59.0440 13056 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:13:59.0440 13056 KeyIso - ok
14:13:59.0455 13056 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:13:59.0471 13056 KSecDD - ok
14:13:59.0486 13056 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:13:59.0486 13056 KSecPkg - ok
14:13:59.0502 13056 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:13:59.0502 13056 ksthunk - ok
14:13:59.0533 13056 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:13:59.0549 13056 KtmRm - ok
14:13:59.0596 13056 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:13:59.0611 13056 LanmanServer - ok
14:13:59.0627 13056 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:13:59.0627 13056 LanmanWorkstation - ok
14:13:59.0658 13056 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:13:59.0658 13056 lltdio - ok
14:13:59.0689 13056 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:13:59.0689 13056 lltdsvc - ok
14:13:59.0713 13056 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:13:59.0716 13056 lmhosts - ok
14:13:59.0768 13056 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:13:59.0776 13056 LMS - ok
14:13:59.0801 13056 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:13:59.0806 13056 LSI_FC - ok
14:13:59.0826 13056 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:13:59.0830 13056 LSI_SAS - ok
14:13:59.0851 13056 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:13:59.0855 13056 LSI_SAS2 - ok
14:13:59.0877 13056 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:13:59.0879 13056 LSI_SCSI - ok
14:13:59.0900 13056 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:13:59.0901 13056 luafv - ok
14:13:59.0936 13056 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:13:59.0938 13056 MBAMProtector - ok
14:13:59.0966 13056 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:13:59.0966 13056 MBAMScheduler - ok
14:13:59.0997 13056 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:14:00.0028 13056 MBAMService - ok
14:14:00.0059 13056 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:14:00.0059 13056 Mcx2Svc - ok
14:14:00.0075 13056 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:14:00.0075 13056 megasas - ok
14:14:00.0091 13056 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:14:00.0091 13056 MegaSR - ok
14:14:00.0137 13056 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:14:00.0137 13056 MEIx64 - ok
14:14:00.0215 13056 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:14:00.0215 13056 Microsoft Office Groove Audit Service - ok
14:14:00.0231 13056 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:14:00.0231 13056 MMCSS - ok
14:14:00.0247 13056 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:14:00.0247 13056 Modem - ok
14:14:00.0262 13056 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:14:00.0262 13056 monitor - ok
14:14:00.0278 13056 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:14:00.0293 13056 mouclass - ok
14:14:00.0309 13056 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:14:00.0309 13056 mouhid - ok
14:14:00.0340 13056 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:14:00.0340 13056 mountmgr - ok
14:14:00.0356 13056 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:14:00.0356 13056 mpio - ok
14:14:00.0387 13056 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:14:00.0387 13056 mpsdrv - ok
14:14:00.0403 13056 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:14:00.0434 13056 MpsSvc - ok
14:14:00.0449 13056 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:14:00.0449 13056 MRxDAV - ok
14:14:00.0465 13056 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:00.0465 13056 mrxsmb - ok
14:14:00.0481 13056 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:00.0496 13056 mrxsmb10 - ok
14:14:00.0512 13056 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:00.0512 13056 mrxsmb20 - ok
14:14:00.0527 13056 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:14:00.0527 13056 msahci - ok
14:14:00.0543 13056 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:14:00.0543 13056 msdsm - ok
14:14:00.0559 13056 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:14:00.0559 13056 MSDTC - ok
14:14:00.0590 13056 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:14:00.0590 13056 Msfs - ok
14:14:00.0605 13056 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:14:00.0605 13056 mshidkmdf - ok
14:14:00.0621 13056 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:14:00.0621 13056 msisadrv - ok
14:14:00.0652 13056 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:14:00.0652 13056 MSiSCSI - ok
14:14:00.0652 13056 msiserver - ok
14:14:00.0683 13056 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:14:00.0683 13056 MSKSSRV - ok
14:14:00.0699 13056 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:00.0699 13056 MSPCLOCK - ok
14:14:00.0765 13056 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:14:00.0767 13056 MSPQM - ok
14:14:00.0787 13056 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:14:00.0791 13056 MsRPC - ok
14:14:00.0815 13056 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:00.0818 13056 mssmbios - ok
14:14:00.0837 13056 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:14:00.0839 13056 MSTEE - ok
14:14:00.0863 13056 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:14:00.0865 13056 MTConfig - ok
14:14:00.0883 13056 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:14:00.0886 13056 Mup - ok
14:14:00.0926 13056 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:14:00.0933 13056 MyWiFiDHCPDNS - ok
14:14:01.0060 13056 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
14:14:01.0060 13056 N360 - ok
14:14:01.0106 13056 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:14:01.0122 13056 napagent - ok
14:14:01.0153 13056 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:14:01.0153 13056 NativeWifiP - ok
14:14:01.0231 13056 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:14:01.0247 13056 NAUpdate - ok
14:14:01.0309 13056 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130118.022\ENG64.SYS
14:14:01.0309 13056 NAVENG - ok
14:14:01.0387 13056 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130118.022\EX64.SYS
14:14:01.0465 13056 NAVEX15 - ok
14:14:01.0528 13056 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:14:01.0543 13056 NDIS - ok
14:14:01.0574 13056 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:14:01.0574 13056 NdisCap - ok
14:14:01.0590 13056 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:01.0590 13056 NdisTapi - ok
14:14:01.0606 13056 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:01.0606 13056 Ndisuio - ok
14:14:01.0621 13056 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:01.0621 13056 NdisWan - ok
14:14:01.0637 13056 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:14:01.0652 13056 NDProxy - ok
14:14:01.0652 13056 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:14:01.0668 13056 NetBIOS - ok
14:14:01.0684 13056 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:14:01.0684 13056 NetBT - ok
14:14:01.0699 13056 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:14:01.0699 13056 Netlogon - ok
14:14:01.0728 13056 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:14:01.0735 13056 Netman - ok
14:14:01.0805 13056 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:01.0809 13056 NetMsmqActivator - ok
14:14:01.0816 13056 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:01.0818 13056 NetPipeActivator - ok
14:14:01.0852 13056 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:14:01.0857 13056 netprofm - ok
14:14:01.0865 13056 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:01.0868 13056 NetTcpActivator - ok
14:14:01.0876 13056 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:01.0879 13056 NetTcpPortSharing - ok
14:14:02.0029 13056 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:14:02.0153 13056 NETwNs64 - ok
14:14:02.0185 13056 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:14:02.0185 13056 nfrd960 - ok
14:14:02.0216 13056 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:14:02.0231 13056 NlaSvc - ok
14:14:02.0341 13056 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
14:14:02.0403 13056 NOBU - ok
14:14:02.0419 13056 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:14:02.0419 13056 Npfs - ok
14:14:02.0419 13056 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:14:02.0419 13056 nsi - ok
14:14:02.0419 13056 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:14:02.0419 13056 nsiproxy - ok
14:14:02.0481 13056 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:14:02.0512 13056 Ntfs - ok
14:14:02.0512 13056 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:14:02.0512 13056 Null - ok
14:14:02.0559 13056 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:14:02.0559 13056 nusb3hub - ok
14:14:02.0590 13056 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:14:02.0590 13056 nusb3xhc - ok
14:14:02.0621 13056 [ C057CDF9D8175987F1074005E9B23EDB ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
14:14:02.0637 13056 nvkflt - ok
14:14:02.0835 13056 [ 75E1C886976F75D2280BF918C0A5FED1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:14:03.0024 13056 nvlddmkm - ok
14:14:03.0040 13056 [ A4DBB77D9EA1B70D004C2348DCBB4486 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
14:14:03.0040 13056 nvpciflt - ok
14:14:03.0055 13056 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:14:03.0071 13056 nvraid - ok
14:14:03.0086 13056 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:14:03.0086 13056 nvstor - ok
14:14:03.0118 13056 [ 92D06926C5DA2A2E62E8FB5104F44D92 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
14:14:03.0118 13056 NvStUSB - ok
14:14:03.0164 13056 [ 44B39A37D7C384C9E529A37EADBFEAD8 ] NVSvc C:\Windows\system32\nvvsvc.exe
14:14:03.0196 13056 NVSvc - ok
14:14:03.0242 13056 [ D97CEF25C45BDD7E28D498D49626DA35 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:14:03.0289 13056 nvUpdatusService - ok
14:14:03.0305 13056 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:14:03.0305 13056 nv_agp - ok
14:14:03.0398 13056 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:14:03.0414 13056 odserv - ok
14:14:03.0414 13056 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:14:03.0430 13056 ohci1394 - ok
14:14:03.0461 13056 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:14:03.0461 13056 ose - ok
14:14:03.0492 13056 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:14:03.0508 13056 p2pimsvc - ok
14:14:03.0508 13056 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:14:03.0523 13056 p2psvc - ok
14:14:03.0539 13056 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:14:03.0539 13056 Parport - ok
14:14:03.0570 13056 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:14:03.0570 13056 partmgr - ok
14:14:03.0586 13056 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:14:03.0601 13056 PcaSvc - ok
14:14:03.0617 13056 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:14:03.0617 13056 pci - ok
14:14:03.0632 13056 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:14:03.0632 13056 pciide - ok
14:14:03.0664 13056 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:14:03.0664 13056 pcmcia - ok
14:14:03.0695 13056 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:14:03.0695 13056 pcw - ok
14:14:03.0726 13056 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:14:03.0757 13056 PEAUTH - ok
14:14:03.0882 13056 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:14:03.0882 13056 PerfHost - ok
14:14:03.0944 13056 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:14:03.0976 13056 pla - ok
14:14:04.0007 13056 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:14:04.0022 13056 PlugPlay - ok
14:14:04.0022 13056 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:14:04.0022 13056 PNRPAutoReg - ok
14:14:04.0038 13056 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:14:04.0038 13056 PNRPsvc - ok
14:14:04.0069 13056 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:14:04.0069 13056 PolicyAgent - ok
14:14:04.0085 13056 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:14:04.0085 13056 Power - ok
14:14:04.0116 13056 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:14:04.0116 13056 PptpMiniport - ok
14:14:04.0116 13056 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:14:04.0116 13056 Processor - ok
14:14:04.0147 13056 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:14:04.0147 13056 ProfSvc - ok
14:14:04.0178 13056 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:14:04.0178 13056 ProtectedStorage - ok
14:14:04.0194 13056 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:14:04.0194 13056 Psched - ok
14:14:04.0225 13056 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:14:04.0225 13056 PxHlpa64 - ok
14:14:04.0256 13056 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
14:14:04.0256 13056 qicflt - ok
14:14:04.0350 13056 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:14:04.0366 13056 ql2300 - ok
14:14:04.0397 13056 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:14:04.0397 13056 ql40xx - ok
14:14:04.0412 13056 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:14:04.0412 13056 QWAVE - ok
14:14:04.0428 13056 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:14:04.0428 13056 QWAVEdrv - ok
14:14:04.0444 13056 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:14:04.0444 13056 RasAcd - ok
14:14:04.0475 13056 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:14:04.0475 13056 RasAgileVpn - ok
14:14:04.0490 13056 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:14:04.0490 13056 RasAuto - ok
14:14:04.0506 13056 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:04.0506 13056 Rasl2tp - ok
14:14:04.0537 13056 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:14:04.0553 13056 RasMan - ok
14:14:04.0568 13056 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:04.0568 13056 RasPppoe - ok
14:14:04.0584 13056 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:14:04.0584 13056 RasSstp - ok
14:14:04.0615 13056 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:14:04.0615 13056 rdbss - ok
14:14:04.0631 13056 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:14:04.0646 13056 rdpbus - ok
14:14:04.0662 13056 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:04.0662 13056 RDPCDD - ok
14:14:04.0662 13056 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:14:04.0662 13056 RDPENCDD - ok
14:14:04.0678 13056 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:14:04.0678 13056 RDPREFMP - ok
14:14:04.0709 13056 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:14:04.0709 13056 RdpVideoMiniport - ok
14:14:04.0740 13056 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:14:04.0747 13056 RDPWD - ok
14:14:04.0782 13056 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:14:04.0787 13056 rdyboost - ok
14:14:04.0854 13056 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:14:04.0873 13056 RegSrvc - ok
14:14:04.0919 13056 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:14:04.0924 13056 RemoteAccess - ok
14:14:04.0951 13056 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:14:04.0957 13056 RemoteRegistry - ok
14:14:04.0982 13056 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:14:04.0987 13056 RFCOMM - ok
14:14:05.0003 13056 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:14:05.0003 13056 RimUsb - ok
14:14:05.0128 13056 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
14:14:05.0159 13056 RoxMediaDB12OEM - ok
14:14:05.0190 13056 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
14:14:05.0190 13056 RoxWatch12 - ok
14:14:05.0206 13056 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:14:05.0206 13056 RpcEptMapper - ok
14:14:05.0237 13056 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:14:05.0237 13056 RpcLocator - ok
14:14:05.0253 13056 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:14:05.0268 13056 RpcSs - ok
14:14:05.0284 13056 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:14:05.0284 13056 rspndr - ok
14:14:05.0315 13056 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:14:05.0346 13056 RTL8167 - ok
14:14:05.0362 13056 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:14:05.0362 13056 SamSs - ok
14:14:05.0377 13056 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:14:05.0393 13056 sbp2port - ok
14:14:05.0409 13056 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:14:05.0409 13056 SCardSvr - ok
14:14:05.0455 13056 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:14:05.0455 13056 scfilter - ok
14:14:05.0487 13056 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:14:05.0533 13056 Schedule - ok
14:14:05.0565 13056 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:14:05.0565 13056 SCPolicySvc - ok
14:14:05.0596 13056 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:14:05.0596 13056 SDRSVC - ok
14:14:05.0658 13056 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:14:05.0705 13056 SDScannerService - ok
14:14:05.0752 13056 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:14:05.0805 13056 SDUpdateService - ok
14:14:05.0838 13056 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:14:05.0840 13056 SDWSCService - ok
14:14:05.0868 13056 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:14:05.0871 13056 secdrv - ok
14:14:05.0882 13056 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:14:05.0887 13056 seclogon - ok
14:14:05.0906 13056 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:14:05.0912 13056 SENS - ok
14:14:05.0925 13056 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:14:05.0930 13056 SensrSvc - ok
14:14:05.0956 13056 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:14:05.0958 13056 Serenum - ok
14:14:05.0979 13056 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:14:05.0983 13056 Serial - ok
14:14:05.0999 13056 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:14:06.0003 13056 sermouse - ok
14:14:06.0039 13056 [ B8080082E50653121591885E43A33250 ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe
14:14:06.0039 13056 Service Sendori - ok
14:14:06.0086 13056 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:14:06.0086 13056 SessionEnv - ok
14:14:06.0117 13056 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:14:06.0117 13056 sffdisk - ok
14:14:06.0148 13056 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:14:06.0148 13056 sffp_mmc - ok
14:14:06.0180 13056 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:14:06.0180 13056 sffp_sd - ok
14:14:06.0195 13056 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:14:06.0195 13056 sfloppy - ok
14:14:06.0351 13056 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
14:14:06.0414 13056 SftService - ok
14:14:06.0445 13056 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:14:06.0460 13056 SharedAccess - ok
14:14:06.0492 13056 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:14:06.0507 13056 ShellHWDetection - ok
14:14:06.0570 13056 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:14:06.0585 13056 SiSRaid2 - ok
14:14:06.0601 13056 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:14:06.0601 13056 SiSRaid4 - ok
14:14:06.0679 13056 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:14:06.0679 13056 SkypeUpdate - ok
14:14:06.0694 13056 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:14:06.0710 13056 Smb - ok
14:14:06.0819 13056 [ 51630E657E104487AD3897A7A6047B94 ] sndappv2 C:\Program Files (x86)\Sendori\sndappv2.exe
14:14:06.0944 13056 sndappv2 - ok
14:14:06.0960 13056 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:14:06.0975 13056 SNMPTRAP - ok
14:14:06.0991 13056 [ 9B24DCA429F819DB314F30EE4C6C80FD ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
14:14:07.0006 13056 Sound Blaster X-Fi MB Licensing Service - ok
14:14:07.0038 13056 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
14:14:07.0038 13056 speedfan - ok
14:14:07.0053 13056 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:14:07.0053 13056 spldr - ok
14:14:07.0084 13056 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:14:07.0100 13056 Spooler - ok
14:14:07.0209 13056 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:14:07.0303 13056 sppsvc - ok
14:14:07.0334 13056 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:14:07.0334 13056 sppuinotify - ok
14:14:07.0443 13056 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
14:14:07.0474 13056 SRTSP - ok
14:14:07.0490 13056 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
14:14:07.0490 13056 SRTSPX - ok
14:14:07.0521 13056 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:14:07.0521 13056 srv - ok
14:14:07.0552 13056 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:14:07.0552 13056 srv2 - ok
14:14:07.0584 13056 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:14:07.0584 13056 srvnet - ok
14:14:07.0615 13056 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:14:07.0630 13056 SSDPSRV - ok
14:14:07.0646 13056 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:14:07.0646 13056 SstpSvc - ok
14:14:07.0677 13056 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
14:14:07.0677 13056 stdcfltn - ok
14:14:07.0693 13056 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:14:07.0693 13056 stexstor - ok
14:14:07.0740 13056 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:14:07.0771 13056 stisvc - ok
14:14:07.0828 13056 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:14:07.0832 13056 stllssvr - ok
14:14:07.0846 13056 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:14:07.0849 13056 swenum - ok
14:14:07.0873 13056 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:14:07.0880 13056 swprv - ok
14:14:07.0887 13056 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
14:14:07.0893 13056 SymDS - ok
14:14:07.0919 13056 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
14:14:07.0935 13056 SymEFA - ok
14:14:07.0988 13056 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:14:07.0994 13056 SymEvent - ok
14:14:08.0047 13056 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
14:14:08.0054 13056 SymIRON - ok
14:14:08.0072 13056 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
14:14:08.0087 13056 SymNetS - ok
14:14:08.0165 13056 [ 5E3B232A614339399ACC71FA3AAAAA6B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:14:08.0228 13056 SynTP - ok
14:14:08.0384 13056 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:14:08.0462 13056 SysMain - ok
14:14:08.0493 13056 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:14:08.0493 13056 TabletInputService - ok
14:14:08.0508 13056 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:14:08.0508 13056 TapiSrv - ok
14:14:08.0524 13056 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:14:08.0524 13056 TBS - ok
14:14:08.0602 13056 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:14:08.0664 13056 Tcpip - ok
14:14:08.0742 13056 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:14:08.0758 13056 TCPIP6 - ok
14:14:08.0805 13056 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:14:08.0805 13056 tcpipreg - ok
14:14:08.0832 13056 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:14:08.0835 13056 TDPIPE - ok
14:14:08.0872 13056 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:14:08.0875 13056 TDTCP - ok
14:14:08.0894 13056 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:14:08.0899 13056 tdx - ok
14:14:08.0920 13056 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:14:08.0921 13056 TermDD - ok
14:14:08.0947 13056 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:14:08.0969 13056 TermService - ok
14:14:08.0998 13056 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:14:09.0004 13056 Themes - ok
14:14:09.0022 13056 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:14:09.0026 13056 THREADORDER - ok
14:14:09.0045 13056 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:14:09.0052 13056 TrkWks - ok
14:14:09.0091 13056 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:14:09.0094 13056 TrustedInstaller - ok
14:14:09.0126 13056 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:14:09.0126 13056 tssecsrv - ok
14:14:09.0157 13056 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:14:09.0157 13056 TsUsbFlt - ok
14:14:09.0204 13056 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:14:09.0204 13056 TsUsbGD - ok
14:14:09.0250 13056 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:14:09.0250 13056 tunnel - ok
14:14:09.0344 13056 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
14:14:09.0344 13056 TurboB - ok
14:14:09.0438 13056 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:14:09.0438 13056 TurboBoost - ok
14:14:09.0469 13056 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:14:09.0469 13056 uagp35 - ok
14:14:09.0484 13056 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:14:09.0500 13056 udfs - ok
14:14:09.0531 13056 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:14:09.0531 13056 UI0Detect - ok
14:14:09.0547 13056 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:14:09.0562 13056 uliagpkx - ok
14:14:09.0578 13056 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:14:09.0578 13056 umbus - ok
14:14:09.0594 13056 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:14:09.0594 13056 UmPass - ok
14:14:09.0718 13056 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:14:09.0796 13056 UNS - ok
14:14:09.0828 13056 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:14:09.0828 13056 upnphost - ok
14:14:09.0871 13056 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:14:09.0875 13056 usbaudio - ok
14:14:09.0900 13056 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:14:09.0904 13056 usbccgp - ok
14:14:09.0932 13056 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:14:09.0937 13056 usbcir - ok
14:14:09.0959 13056 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:14:09.0962 13056 usbehci - ok
14:14:09.0987 13056 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:14:09.0991 13056 usbhub - ok
14:14:10.0022 13056 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:14:10.0025 13056 usbohci - ok
14:14:10.0042 13056 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:14:10.0045 13056 usbprint - ok
14:14:10.0067 13056 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:14:10.0070 13056 USBSTOR - ok
14:14:10.0086 13056 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:14:10.0088 13056 usbuhci - ok
14:14:10.0112 13056 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:14:10.0118 13056 usbvideo - ok
14:14:10.0120 13056 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:14:10.0136 13056 UxSms - ok
14:14:10.0151 13056 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:14:10.0151 13056 VaultSvc - ok
14:14:10.0167 13056 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:14:10.0167 13056 vdrvroot - ok
14:14:10.0198 13056 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:14:10.0214 13056 vds - ok
14:14:10.0245 13056 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:14:10.0245 13056 vga - ok
14:14:10.0276 13056 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:14:10.0276 13056 VgaSave - ok
14:14:10.0323 13056 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:14:10.0323 13056 vhdmp - ok
14:14:10.0354 13056 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:14:10.0354 13056 viaide - ok
14:14:10.0401 13056 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:14:10.0401 13056 volmgr - ok
14:14:10.0432 13056 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:14:10.0448 13056 volmgrx - ok
14:14:10.0479 13056 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:14:10.0495 13056 volsnap - ok
14:14:10.0557 13056 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:14:10.0557 13056 vsmraid - ok
14:14:10.0651 13056 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:14:10.0682 13056 VSS - ok
14:14:10.0729 13056 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:14:10.0729 13056 vwifibus - ok
14:14:10.0744 13056 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:14:10.0744 13056 vwififlt - ok
14:14:10.0791 13056 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:14:10.0791 13056 vwifimp - ok
14:14:10.0822 13056 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:14:10.0838 13056 W32Time - ok
14:14:10.0885 13056 [ 2F4B66BAB9F4C9D0FF4FCAA6D8888991 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
14:14:10.0885 13056 WacHidRouter - ok
14:14:10.0900 13056 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:14:10.0900 13056 WacomPen - ok
14:14:10.0947 13056 [ 366669F53F8CAF96AF9264EF9BC95084 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
14:14:10.0947 13056 wacomrouterfilter - ok
14:14:10.0963 13056 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:14:10.0963 13056 WANARP - ok
14:14:10.0978 13056 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:14:10.0978 13056 Wanarpv6 - ok
14:14:11.0072 13056 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:14:11.0119 13056 WatAdminSvc - ok
14:14:11.0181 13056 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:14:11.0212 13056 wbengine - ok
14:14:11.0228 13056 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:14:11.0228 13056 WbioSrvc - ok
14:14:11.0243 13056 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:14:11.0243 13056 wcncsvc - ok
14:14:11.0259 13056 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:14:11.0259 13056 WcsPlugInService - ok
14:14:11.0290 13056 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:14:11.0290 13056 Wd - ok
14:14:11.0431 13056 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:14:11.0462 13056 Wdf01000 - ok
14:14:11.0477 13056 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:14:11.0493 13056 WdiServiceHost - ok
14:14:11.0493 13056 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:14:11.0493 13056 WdiSystemHost - ok
14:14:11.0493 13056 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:14:11.0509 13056 WebClient - ok
14:14:11.0509 13056 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:14:11.0524 13056 Wecsvc - ok
14:14:11.0524 13056 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:14:11.0524 13056 wercplsupport - ok
14:14:11.0540 13056 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:14:11.0540 13056 WerSvc - ok
14:14:11.0555 13056 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:14:11.0555 13056 WfpLwf - ok
14:14:11.0602 13056 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:14:11.0618 13056 WimFltr - ok
14:14:11.0633 13056 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:14:11.0633 13056 WIMMount - ok
14:14:11.0649 13056 WinDefend - ok
14:14:11.0649 13056 WinHttpAutoProxySvc - ok
14:14:11.0696 13056 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:14:11.0711 13056 Winmgmt - ok
14:14:11.0774 13056 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:14:11.0852 13056 WinRM - ok
14:14:11.0919 13056 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:14:11.0945 13056 Wlansvc - ok
14:14:12.0060 13056 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:14:12.0116 13056 wlidsvc - ok
14:14:12.0148 13056 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:14:12.0148 13056 WmiAcpi - ok
14:14:12.0163 13056 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:14:12.0163 13056 wmiApSrv - ok
14:14:12.0179 13056 WMPNetworkSvc - ok
14:14:12.0194 13056 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:14:12.0194 13056 WPCSvc - ok
14:14:12.0210 13056 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:14:12.0226 13056 WPDBusEnum - ok
14:14:12.0241 13056 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:14:12.0241 13056 ws2ifsl - ok
14:14:12.0272 13056 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:14:12.0288 13056 wscsvc - ok
14:14:12.0288 13056 WSearch - ok
14:14:12.0444 13056 [ 6719C1A34D946370B5F735A8F2915474 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
14:14:12.0460 13056 WTabletServicePro - ok
14:14:12.0569 13056 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:14:12.0600 13056 wuauserv - ok
14:14:12.0631 13056 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:14:12.0647 13056 WudfPf - ok
14:14:12.0662 13056 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:14:12.0662 13056 WUDFRd - ok
14:14:12.0694 13056 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:14:12.0709 13056 wudfsvc - ok
14:14:12.0756 13056 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:14:12.0772 13056 WwanSvc - ok
14:14:12.0896 13056 ================ Scan global ===============================
14:14:12.0928 13056 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:14:12.0959 13056 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:14:12.0990 13056 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:14:13.0021 13056 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:14:13.0037 13056 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:14:13.0052 13056 [Global] - ok
14:14:13.0052 13056 ================ Scan MBR ==================================
14:14:13.0084 13056 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:14:13.0458 13056 \Device\Harddisk0\DR0 - ok
14:14:13.0458 13056 ================ Scan VBR ==================================
14:14:13.0458 13056 [ 16741D998596715D9F0C7949401B9946 ] \Device\Harddisk0\DR0\Partition1
14:14:13.0458 13056 \Device\Harddisk0\DR0\Partition1 - ok
14:14:13.0489 13056 [ 5AE10CC46FC7E158CE5B09BBC77D8966 ] \Device\Harddisk0\DR0\Partition2
14:14:13.0489 13056 \Device\Harddisk0\DR0\Partition2 - ok
14:14:13.0520 13056 [ A58F56B1C73FFCDB2606D268D4E8792A ] \Device\Harddisk0\DR0\Partition3
14:14:13.0520 13056 \Device\Harddisk0\DR0\Partition3 - ok
14:14:13.0520 13056 ============================================================
14:14:13.0520 13056 Scan finished
14:14:13.0520 13056 ============================================================
14:14:13.0536 11840 Detected object count: 0
14:14:13.0536 11840 Actual detected object count: 0
14:14:35.0191 9336 Deinitialize success

 

Hi again

That looks fine - no obvious rootkit signs. Do the redirects happen with any one particular browser?


Download OTL.exe to your desktop.

Double click the icon to start the tool.

• Click Run Scan and let the program run uninterrupted.
• When the scan is complete, two text files will be created, OTL.Txt <- this one will be opened in Notepad and Extras.txt, on Desktop.

Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

 

I primarily use IE so have not tried Chrome in a while. Redirects drastically reduced. Only one time I recall happening today ( to Wikipedia)

OTL logfile created on: 1/20/2013 4:31:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shelli\Desktop
64bit-Windows XP Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 3.88 Gb Available Physical Memory | 49.11% Memory free
15.79 Gb Paging File | 10.95 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 347.22 Gb Total Space | 293.56 Gb Free Space | 84.55% Space Free | Partition Type: NTFS
Drive E: | 331.78 Gb Total Space | 41.96 Gb Free Space | 12.65% Space Free | Partition Type: NTFS

Computer Name: ASLAN | User Name: Shelli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/20 16:31:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shelli\Desktop\OTL.exe
PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/12/16 14:37:53 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/10 18:01:54 | 003,569,512 | ---- | M] (Sendori) -- C:\Program Files (x86)\Sendori\sndappv2.exe
PRC - [2012/12/10 18:01:54 | 000,196,456 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriUp.exe
PRC - [2012/12/10 18:01:54 | 000,118,632 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriSvc.exe
PRC - [2012/12/10 18:01:54 | 000,082,792 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriTray.exe
PRC - [2012/12/10 18:01:54 | 000,014,696 | ---- | M] (sendori) -- C:\Program Files (x86)\Sendori\Sendori.Service.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/11/03 01:02:11 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/11/02 23:31:39 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/10/10 21:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
PRC - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
PRC - [2012/10/08 16:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012/05/09 15:31:12 | 000,577,536 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2012/02/14 15:26:04 | 002,013,168 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2012/02/14 15:26:04 | 000,096,240 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2012/02/14 15:26:00 | 002,451,440 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/09/22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/09/22 11:11:26 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/09/22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/09/21 11:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/11 21:05:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
PRC - [2011/05/19 02:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/05/19 02:16:46 | 001,335,360 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/05/19 02:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/05/19 02:16:34 | 000,839,744 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011/04/29 19:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 11:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010/10/01 17:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/02/23 14:43:00 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007/02/01 12:13:06 | 000,094,208 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/20 16:15:01 | 001,169,408 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._core_.pyd
MOD - [2013/01/20 16:15:01 | 001,056,256 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._controls_.pyd
MOD - [2013/01/20 16:15:01 | 001,024,616 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\windows._cacheinvalidation.pyd
MOD - [2013/01/20 16:15:01 | 000,807,424 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._windows_.pyd
MOD - [2013/01/20 16:15:01 | 000,792,576 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._gdi_.pyd
MOD - [2013/01/20 16:15:01 | 000,731,136 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._misc_.pyd
MOD - [2013/01/20 16:15:01 | 000,645,120 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\_ssl.pyd
MOD - [2013/01/20 16:15:01 | 000,585,728 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\unicodedata.pyd
MOD - [2013/01/20 16:15:01 | 000,571,392 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\pysqlite2._sqlite.pyd
MOD - [2013/01/20 16:15:01 | 000,354,304 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\pythoncom26.dll
MOD - [2013/01/20 16:15:01 | 000,311,808 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\_hashlib.pyd
MOD - [2013/01/20 16:15:01 | 000,263,168 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32com.shell.shell.pyd
MOD - [2013/01/20 16:15:01 | 000,153,088 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\pyexpat.pyd
MOD - [2013/01/20 16:15:01 | 000,121,856 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._wizard.pyd
MOD - [2013/01/20 16:15:01 | 000,111,104 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32file.pyd
MOD - [2013/01/20 16:15:01 | 000,110,592 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32security.pyd
MOD - [2013/01/20 16:15:01 | 000,110,592 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\PyWinTypes26.dll
MOD - [2013/01/20 16:15:01 | 000,096,256 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32api.pyd
MOD - [2013/01/20 16:15:01 | 000,086,016 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\_elementtree.pyd
MOD - [2013/01/20 16:15:01 | 000,073,728 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\_ctypes.pyd
MOD - [2013/01/20 16:15:01 | 000,070,656 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\wx._html2.pyd
MOD - [2013/01/20 16:15:01 | 000,040,448 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\_socket.pyd
MOD - [2013/01/20 16:15:01 | 000,039,424 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32inet.pyd
MOD - [2013/01/20 16:15:01 | 000,036,352 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32process.pyd
MOD - [2013/01/20 16:15:01 | 000,023,040 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32ts.pyd
MOD - [2013/01/20 16:15:01 | 000,022,528 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32pdh.pyd
MOD - [2013/01/20 16:15:01 | 000,017,920 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32profile.pyd
MOD - [2013/01/20 16:15:01 | 000,017,920 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32event.pyd
MOD - [2013/01/20 16:15:01 | 000,011,776 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\win32crypt.pyd
MOD - [2013/01/20 16:15:01 | 000,011,776 | ---- | M] () -- C:\Users\Shelli\AppData\Local\Temp\_MEI78962\select.pyd
MOD - [2013/01/16 13:30:14 | 005,715,528 | ---- | M] () -- C:\Users\Shelli\AppData\LocalLow\LastPass\LPPlugin.dll
MOD - [2013/01/16 13:30:14 | 000,605,768 | ---- | M] () -- C:\Program Files (x86)\LastPass\LPToolbar.dll
MOD - [2013/01/10 23:20:40 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\07ea9ea39e1fddc8e4fe8850c849309e\System.WorkflowServices.ni.dll
MOD - [2013/01/10 23:20:27 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013/01/10 23:20:23 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013/01/10 23:19:41 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/10 19:03:28 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013/01/10 19:03:16 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/01/10 19:03:15 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013/01/10 19:03:14 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013/01/10 19:03:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 19:02:58 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013/01/10 19:02:45 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/10 19:02:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 19:02:30 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 19:02:28 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/10 19:02:28 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 19:02:20 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/10 19:02:16 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 19:02:13 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 19:02:13 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 19:02:09 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/09/12 14:57:52 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll
MOD - [2012/09/12 14:57:10 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Windows Live\Shared\en\uxctlloc.dll.mui
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\wincfi39.dll
MOD - [2012/02/14 15:26:16 | 000,089,584 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAIEExtension.dll
MOD - [2012/02/14 15:26:06 | 000,059,888 | ---- | M] () -- C:\WINDOWS\SysWOW64\FAib.dll
MOD - [2012/02/14 15:25:56 | 000,251,888 | ---- | M] () -- C:\WINDOWS\SysWOW64\FACrashRpt.dll
MOD - [2011/09/22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/04/29 19:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2011/04/29 19:13:50 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/04/29 19:13:48 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2011/04/22 11:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/12/17 11:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/10/29 08:14:18 | 000,613,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2011/08/08 08:39:18 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/07/27 22:04:48 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/07/27 21:48:34 | 000,340,240 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/07/27 21:44:18 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/06/03 13:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2010/11/29 16:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/09 11:48:16 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/10 18:01:54 | 003,569,512 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2012/12/10 18:01:54 | 000,118,632 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2012/12/10 18:01:54 | 000,014,696 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\Sendori.Service.exe -- (Service Sendori)
SRV - [2012/10/25 19:02:18 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/19 15:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/10 21:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2012/10/09 09:22:48 | 000,173,568 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/02/14 15:26:00 | 002,451,440 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/11/17 23:03:34 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/11/17 23:02:55 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/11/17 23:02:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2011/09/22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/11 19:04:58 | 000,248,304 | ---- | M] (CyberLink) [Auto | Stopped] -- c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2011/05/19 02:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 02:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 02:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/12/20 19:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 19:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 14:43:00 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/01/18 15:34:18 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/29 15:27:38 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/11/29 15:27:38 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012/11/29 15:27:38 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/11/29 15:27:38 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/11/24 21:51:37 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/10/25 19:02:40 | 000,284,008 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012/10/25 19:02:40 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/10/12 09:54:54 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/10/12 09:20:38 | 000,081,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/10/12 09:20:38 | 000,013,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/10/08 20:00:02 | 000,776,864 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/03 20:40:35 | 001,133,216 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2012/10/03 20:40:20 | 000,493,216 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\SymDS64.sys -- (SymDS)
DRV:64bit: - [2012/10/03 20:19:14 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/09/12 14:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/09/06 21:05:14 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/09/06 20:48:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/09/06 20:40:51 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/09 18:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/11/18 00:15:00 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/18 00:15:00 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/11/15 00:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/08/08 08:32:08 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/08/08 08:32:08 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/03 20:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/07/20 08:39:58 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/06/16 13:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 02:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/19 02:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/02/10 17:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 17:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/31 10:24:46 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/13 12:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/11/29 16:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 19:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/23 20:44:48 | 001,394,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/20 14:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/07/12 21:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/24 21:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/01/17 16:30:20 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130118.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/17 01:00:00 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130119.024\ex64.sys -- (NAVEX15)
DRV - [2013/01/17 01:00:00 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130119.024\eng64.sys -- (NAVENG)
DRV - [2013/01/10 21:00:03 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130111.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/11/03 03:52:47 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/11/03 03:52:47 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5271FE69-B3C8-4635-93BD-98A748F4F8EF}
IE:64bit: - HKLM\..\SearchScopes\{5271FE69-B3C8-4635-93BD-98A748F4F8EF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {5271FE69-B3C8-4635-93BD-98A748F4F8EF}
IE - HKLM\..\SearchScopes\{5271FE69-B3C8-4635-93BD-98A748F4F8EF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {5F0194E5-3012-40E8-A488-B32DA36263A0}
IE - HKCU\..\SearchScopes\{5F0194E5-3012-40E8-A488-B32DA36263A0}: "URL" = http://www.google.com/search?q={sea...ng?}&oe={outputEncoding?}&rlz=1I7GZGN_enUS508
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/we...&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Shelli\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2012/11/02 23:15:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/11/03 01:02:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2013/01/20 16:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2013/01/18 15:42:08 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Fast Access SSO (Enabled) = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\feocblgcojafilfbgoineopkngchgaei\1.0.0.36_0\nprt.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Shelli\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: FastAccess SSO = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\feocblgcojafilfbgoineopkngchgaei\1.0.0.36_0\
CHR - Extension: LastPass = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Google Mail Checker = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Norton Identity Protection = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: RSSPigeon = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhcmelenffkkmgholflghbmjhladega\0.0.0.5_0\
CHR - Extension: Gmail = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Yann Arthus-Bertrand = C:\Users\Shelli\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0\

O1 HOSTS File: ([2013/01/17 17:10:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [CTMasterOnOffMonitor] C:\Windows\SysNative\CTMWatch.dll (Creative Technology Ltd)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [PDVD9LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files (x86)\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" File not found
O4 - Startup: C:\Users\Shelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Shelli\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: pinterest.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtorrents.com ([www] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab (SysInfo Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mygp.gp.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B34BA86-2C39-415B-9F6F-541F0D2687CE}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A025C8A1-6C0C-4BF7-B7C3-2062A071045B}: DhcpNameServer = 13.36.0.1 13.36.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFBA02F4-D8C8-47EA-9194-1DEABEF2671A}: NameServer = 216.146.35.240,216.146.36.240,192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\System32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/01/09 22:39:42 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{eb65307f-2878-11e2-b42d-4c8093113225}\Shell - "" = AutoRun
O33 - MountPoints2\{eb65307f-2878-11e2-b42d-4c8093113225}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/20 16:30:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Shelli\Desktop\OTL.exe
[2013/01/20 16:07:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6
[2013/01/20 14:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2013/01/18 17:50:26 | 000,000,000 | ---D | C] -- C:\Users\Shelli\Desktop\VirusProtection
[2013/01/18 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Malwarebytes
[2013/01/18 17:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/18 17:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/18 17:38:36 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/01/18 17:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/18 17:17:57 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Local\LogMeIn Rescue Applet
[2013/01/18 15:41:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013/01/18 15:32:10 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2013/01/17 17:10:39 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/01/17 16:45:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/17 16:45:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/17 16:45:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/17 16:45:24 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/01/17 16:40:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/17 16:40:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/10 20:34:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/01/10 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\Shelli\Desktop\Documents\My Digital Editions
[2013/01/10 18:25:43 | 000,000,000 | ---D | C] -- C:\Users\Shelli\Desktop\Documents\Calibre Library
[2013/01/10 18:25:40 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\calibre
[2013/01/10 18:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2
[2013/01/10 18:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2013/01/10 18:22:31 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Apple Computer
[2013/01/10 18:22:31 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Local\Apple Computer
[2013/01/10 18:22:30 | 000,000,000 | ---D | C] -- C:\Users\Shelli\Desktop\Documents\My Barnes & Noble eBooks
[2013/01/10 18:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barnes & Noble
[2013/01/10 18:22:25 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Barnes & Noble
[2013/01/10 18:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barnes & Noble
[2013/01/09 23:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2013/01/09 23:07:47 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2013/01/09 23:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2013/01/09 23:05:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013/01/09 23:05:48 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\TestApp
[2013/01/09 22:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/01/09 22:39:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/01/09 21:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/09 21:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/09 21:49:59 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/01/09 21:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/01/09 21:10:02 | 065,273,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2013/01/09 21:07:13 | 000,000,000 | ---D | C] -- C:\Users\Shelli\GooredFix Backups
[2013/01/09 20:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2013/01/09 12:01:57 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/09 12:01:57 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/09 12:01:49 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/09 12:01:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/09 12:01:47 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/09 12:01:47 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/09 12:01:47 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/09 12:01:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/09 12:01:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/09 12:01:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/09 12:01:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/09 12:01:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/09 12:01:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/09 12:01:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/09 12:01:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/09 12:01:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/09 12:01:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/09 12:01:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/09 12:01:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/09 12:01:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/09 12:01:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/09 12:01:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/09 12:01:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/09 12:01:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/09 12:01:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/09 12:01:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/09 12:01:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/09 12:01:46 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/09 12:01:46 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/09 12:01:46 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/09 12:01:46 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/09 12:01:46 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/09 12:01:46 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/09 12:01:46 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/09 12:01:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/09 12:01:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/09 12:01:35 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/01/09 12:01:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/09 12:01:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/09 12:01:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/09 12:01:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/09 12:01:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/09 12:01:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/09 12:01:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/09 12:01:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/09 12:01:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/09 12:01:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/09 12:01:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/09 12:01:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 12:01:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 12:01:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 12:01:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 12:01:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/09 12:01:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 12:01:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 12:01:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 12:01:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/06 10:43:58 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Juniper Networks
[2013/01/01 18:10:19 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/12/22 12:20:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/12/22 12:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/12/22 12:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/12/22 12:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cozi Express
[2012/12/21 16:42:19 | 000,000,000 | ---D | C] -- C:\Users\Shelli\Desktop\Documents\My Kindle Content
[2012/12/21 16:42:11 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/12/21 16:42:05 | 000,000,000 | ---D | C] -- C:\Users\Shelli\AppData\Local\Amazon
[2012/11/03 01:10:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/20 16:36:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/20 16:31:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shelli\Desktop\OTL.exe
[2013/01/20 16:15:25 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 16:15:25 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 16:07:05 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/20 16:06:20 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\QZLGYMJGV.job
[2013/01/20 16:06:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/20 16:06:12 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/20 15:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/20 14:51:06 | 000,001,941 | ---- | M] () -- C:\Users\Shelli\Desktop\Angie's List The Big Deal.url
[2013/01/20 14:43:56 | 001,568,652 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/01/20 14:39:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_usb3Hub_01009.Wdf
[2013/01/20 14:39:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_XHCIPort_01009.Wdf
[2013/01/20 14:38:47 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Intel(R) WiDi.lnk
[2013/01/20 00:58:11 | 000,003,579 | ---- | M] () -- C:\Users\Shelli\Desktop\Slow Cooked Creamy Chicken & Wild Rice RecipeLion.com.url
[2013/01/19 23:15:44 | 000,000,214 | ---- | M] () -- C:\Users\Shelli\Desktop\Wood Floor Stains Queen City Hardwoods.url
[2013/01/19 22:43:20 | 000,005,047 | ---- | M] () -- C:\Users\Shelli\Desktop\The Hardwood Flooring Blog What is Water Popping a Hardwood Floor.url
[2013/01/19 22:30:58 | 000,000,302 | ---- | M] () -- C:\Users\Shelli\Desktop\Need help with Jacobean! - Flooring Forum - GardenWeb.url
[2013/01/19 21:46:26 | 000,000,154 | ---- | M] () -- C:\Users\Shelli\Desktop\ERS RESTORE.url
[2013/01/19 21:37:57 | 000,001,392 | ---- | M] () -- C:\Users\Shelli\Desktop\Deck tiles and wood decking tiles by HardwoodHome, Outdoor Floor Superstore.url
[2013/01/19 20:08:38 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/19 20:08:38 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/19 20:08:38 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/19 18:39:08 | 000,002,138 | ---- | M] () -- C:\Users\Shelli\Desktop\Water Blob Tutorial.url
[2013/01/19 18:30:49 | 000,051,359 | ---- | M] () -- C:\Users\Shelli\Desktop\shelli-godfrey_dc-val-academy-ballroom-atlanta.pdf
[2013/01/19 18:30:29 | 000,037,381 | ---- | M] () -- C:\Users\Shelli\Desktop\shelli-godfrey_atlanta-fulton-county-zoo.pdf
[2013/01/19 18:30:18 | 000,052,887 | ---- | M] () -- C:\Users\Shelli\Desktop\shelli-godfrey_atlanta-botanical-garden-4.pdf
[2013/01/19 18:30:06 | 000,048,180 | ---- | M] () -- C:\Users\Shelli\Desktop\shelli-godfrey_sharpshooters-usa.pdf
[2013/01/19 18:29:07 | 000,230,505 | ---- | M] () -- C:\Users\Shelli\Desktop\2013-01-19 18_28_50-Order Details.pdf
[2013/01/19 16:49:05 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\AllmyappsUpdateTask.job
[2013/01/19 01:03:38 | 000,000,912 | ---- | M] () -- C:\Users\Shelli\Desktop\Amazon.com SmartGuard 120W 4-in-1 security system motion activated light+camera+SD card memory+audio warning Camera & Photo.url
[2013/01/19 01:01:38 | 000,003,517 | ---- | M] () -- C:\Users\Shelli\Desktop\SmartGuard AEC-931A2BSD Motion Sensor Twin Light with Security Camera - Smarthome.url
[2013/01/19 01:00:10 | 000,000,242 | ---- | M] () -- C:\Users\Shelli\Desktop\Outdoor Security Camera - Video Surveillance Camera - Camera & Recorder - Smart Guard.url
[2013/01/18 21:49:56 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2013/01/18 17:38:37 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/18 15:45:16 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\VT20130115.021
[2013/01/18 15:42:50 | 000,001,255 | ---- | M] () -- C:\Users\Shelli\Desktop\Norton Installation Files.lnk
[2013/01/18 15:41:19 | 000,002,321 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/01/18 15:39:41 | 000,000,259 | ---- | M] () -- C:\Users\Shelli\Desktop\Half Off Depot Help Desk.url
[2013/01/18 15:34:18 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/18 15:34:18 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/18 15:34:18 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/17 17:10:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/01/16 13:30:14 | 014,794,312 | ---- | M] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013/01/16 13:30:14 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
[2013/01/16 13:30:14 | 000,001,192 | ---- | M] () -- C:\Users\Shelli\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2013/01/16 13:30:12 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013/01/15 19:46:07 | 000,001,570 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\halfoffdepot.com
[2013/01/14 23:49:56 | 000,001,190 | ---- | M] () -- C:\Users\Shelli\Desktop\Episode 1.01 - The Tudors Wiki.url
[2013/01/14 20:19:02 | 000,604,016 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\fagor manual.pdf
[2013/01/12 16:02:59 | 001,838,008 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\Real-World-and-Remediation-Testing-Report.pdf
[2013/01/10 21:43:24 | 000,001,706 | ---- | M] () -- C:\Users\Shelli\Desktop\Scour redirect virus in Google via Internet Explorer - Tech Support Guy Forums.url
[2013/01/10 18:56:44 | 000,464,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/10 18:22:27 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2013/01/10 18:19:48 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/09 23:14:44 | 000,000,047 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2013/01/09 23:08:52 | 000,018,182 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\cc_20130109_230816.reg
[2013/01/09 23:08:30 | 001,769,850 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/01/09 22:39:42 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/01/09 15:32:03 | 000,073,775 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\dekalbwater.pdf
[2013/01/09 14:25:35 | 000,143,360 | RHS- | M] () -- C:\Windows\SysWow64\dbghelpo.dll
[2013/01/09 13:53:28 | 000,300,157 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\Data Intergration Project Plan v2.pdf
[2013/01/09 11:48:16 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 11:48:16 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/09 11:47:32 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/01/02 21:17:05 | 000,027,456 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\Cupcake-Wrapper-Template.pdf
[2013/01/01 22:57:41 | 001,774,223 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\juniorrangergazette.pdf
[2012/12/31 18:13:42 | 000,967,689 | ---- | M] () -- C:\Users\Shelli\Desktop\Documents\Identity-PDF.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/20 14:51:06 | 000,001,941 | ---- | C] () -- C:\Users\Shelli\Desktop\Angie's List The Big Deal.url
[2013/01/20 14:39:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_usb3Hub_01009.Wdf
[2013/01/20 14:39:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_XHCIPort_01009.Wdf
[2013/01/20 14:38:47 | 000,001,984 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
[2013/01/20 14:38:47 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Intel(R) WiDi.lnk
[2013/01/20 00:58:11 | 000,003,579 | ---- | C] () -- C:\Users\Shelli\Desktop\Slow Cooked Creamy Chicken & Wild Rice RecipeLion.com.url
[2013/01/19 23:15:44 | 000,000,214 | ---- | C] () -- C:\Users\Shelli\Desktop\Wood Floor Stains Queen City Hardwoods.url
[2013/01/19 22:43:20 | 000,005,047 | ---- | C] () -- C:\Users\Shelli\Desktop\The Hardwood Flooring Blog What is Water Popping a Hardwood Floor.url
[2013/01/19 22:30:58 | 000,000,302 | ---- | C] () -- C:\Users\Shelli\Desktop\Need help with Jacobean! - Flooring Forum - GardenWeb.url
[2013/01/19 21:46:26 | 000,000,154 | ---- | C] () -- C:\Users\Shelli\Desktop\ERS RESTORE.url
[2013/01/19 21:37:57 | 000,001,392 | ---- | C] () -- C:\Users\Shelli\Desktop\Deck tiles and wood decking tiles by HardwoodHome, Outdoor Floor Superstore.url
[2013/01/19 18:39:08 | 000,002,138 | ---- | C] () -- C:\Users\Shelli\Desktop\Water Blob Tutorial.url
[2013/01/19 18:30:49 | 000,051,359 | ---- | C] () -- C:\Users\Shelli\Desktop\shelli-godfrey_dc-val-academy-ballroom-atlanta.pdf
[2013/01/19 18:30:29 | 000,037,381 | ---- | C] () -- C:\Users\Shelli\Desktop\shelli-godfrey_atlanta-fulton-county-zoo.pdf
[2013/01/19 18:30:18 | 000,052,887 | ---- | C] () -- C:\Users\Shelli\Desktop\shelli-godfrey_atlanta-botanical-garden-4.pdf
[2013/01/19 18:30:06 | 000,048,180 | ---- | C] () -- C:\Users\Shelli\Desktop\shelli-godfrey_sharpshooters-usa.pdf
[2013/01/19 18:29:11 | 000,230,505 | ---- | C] () -- C:\Users\Shelli\Desktop\2013-01-19 18_28_50-Order Details.pdf
[2013/01/19 01:03:38 | 000,000,912 | ---- | C] () -- C:\Users\Shelli\Desktop\Amazon.com SmartGuard 120W 4-in-1 security system motion activated light+camera+SD card memory+audio warning Camera & Photo.url
[2013/01/19 01:01:38 | 000,003,517 | ---- | C] () -- C:\Users\Shelli\Desktop\SmartGuard AEC-931A2BSD Motion Sensor Twin Light with Security Camera - Smarthome.url
[2013/01/19 01:00:10 | 000,000,242 | ---- | C] () -- C:\Users\Shelli\Desktop\Outdoor Security Camera - Video Surveillance Camera - Camera & Recorder - Smart Guard.url
[2013/01/18 17:38:37 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/18 17:22:21 | 000,011,580 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\IDDStore_bak.dat
[2013/01/18 17:22:21 | 000,011,580 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\IDDStore.dat
[2013/01/18 15:41:19 | 000,002,321 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/01/18 15:39:41 | 000,000,259 | ---- | C] () -- C:\Users\Shelli\Desktop\Half Off Depot Help Desk.url
[2013/01/18 15:32:10 | 000,001,255 | ---- | C] () -- C:\Users\Shelli\Desktop\Norton Installation Files.lnk
[2013/01/17 16:45:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/17 16:45:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/17 16:45:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/17 16:45:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/17 16:45:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/16 13:30:12 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013/01/15 19:46:07 | 000,001,570 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\halfoffdepot.com
[2013/01/14 23:49:56 | 000,001,190 | ---- | C] () -- C:\Users\Shelli\Desktop\Episode 1.01 - The Tudors Wiki.url
[2013/01/14 20:19:01 | 000,604,016 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\fagor manual.pdf
[2013/01/12 16:02:59 | 001,838,008 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\Real-World-and-Remediation-Testing-Report.pdf
[2013/01/10 21:43:24 | 000,001,706 | ---- | C] () -- C:\Users\Shelli\Desktop\Scour redirect virus in Google via Internet Explorer - Tech Support Guy Forums.url
[2013/01/10 18:25:33 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2013/01/10 18:22:27 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2013/01/09 23:14:44 | 000,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/01/09 23:08:21 | 000,018,182 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\cc_20130109_230816.reg
[2013/01/09 23:07:50 | 001,769,850 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/01/09 22:39:42 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/01/09 21:50:03 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/09 15:30:12 | 000,073,775 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\dekalbwater.pdf
[2013/01/09 14:25:35 | 000,143,360 | RHS- | C] () -- C:\Windows\SysWow64\dbghelpo.dll
[2013/01/09 14:25:35 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\QZLGYMJGV.job
[2013/01/09 13:53:28 | 000,300,157 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\Data Intergration Project Plan v2.pdf
[2013/01/09 13:50:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/02 21:17:02 | 000,027,456 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\Cupcake-Wrapper-Template.pdf
[2013/01/01 22:57:41 | 001,774,223 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\juniorrangergazette.pdf
[2012/12/31 18:13:42 | 000,967,689 | ---- | C] () -- C:\Users\Shelli\Desktop\Documents\Identity-PDF.pdf
[2012/12/22 12:03:53 | 000,002,445 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cozi.lnk
[2012/11/09 19:57:43 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/11/05 00:14:52 | 000,015,259 | ---- | C] () -- C:\Windows\SysWow64\compress.exe
[2012/11/03 11:44:11 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/11/03 04:55:56 | 000,000,600 | ---- | C] () -- C:\Users\Shelli\AppData\Roaming\winscp.rnd
[2012/11/03 01:33:23 | 000,039,424 | ---- | C] () -- C:\Windows\SysWow64\webquizx.dll
[2012/11/03 01:33:17 | 000,000,212 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2012/11/03 01:33:16 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2012/02/14 15:26:16 | 000,089,584 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2012/02/14 15:26:06 | 000,059,888 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2012/02/14 15:25:56 | 000,251,888 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2011/11/17 23:56:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/11/17 23:56:25 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/17 23:56:24 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/11/17 23:56:23 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/11/17 23:56:21 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/17 23:04:30 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk.ini
[2011/11/17 23:04:30 | 000,002,409 | ---- | C] () -- C:\Windows\FF08_Render_Hp.ini
[2011/11/17 23:04:30 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2011/11/17 23:04:30 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2011/11/17 23:04:19 | 000,185,856 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/11/17 23:04:19 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/02/10 11:10:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TempFC5A2B2
< End of report >

OTL Extras logfile created on: 1/20/2013 4:31:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shelli\Desktop
64bit-Windows XP Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 3.88 Gb Available Physical Memory | 49.11% Memory free
15.79 Gb Paging File | 10.95 Gb Available in Paging File | 69.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 347.22 Gb Total Space | 293.56 Gb Free Space | 84.55% Space Free | Partition Type: NTFS
Drive E: | 331.78 Gb Total Space | 41.96 Gb Free Space | 12.65% Space Free | Partition Type: NTFS

Computer Name: ASLAN | User Name: Shelli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23D486D4-FBE0-40F3-A245-E4D56D094764}" = Intel(R) WiDi
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F1BC763F-C519-4C91-AD50-94F07ADAEC58}" = Face Recognition
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Greenshot_is1" = Greenshot 1.0.6.2228
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.46-1 (x64)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{17787BE3-4E5B-4D50-89BD-77E0C23B5C78}" = calibre
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}" = System Requirements Lab for Intel
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}" = Sound Blaster X-Fi MB
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7AB01508-C2B2-43C8-8B44-514801E7CCC9}" = Jing
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D68BB9E3-92FC-46E3-923C-89863A197972}" = Cozi
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}" = Dell Stage
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F91BF1B5-4213-440C-8539-C6EB2F1D1734}" = Dell Digital Delivery
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 2.0.2
"Big Solitaires 3D 1.4_is1" = Big Solitaires 3D 1.4
"BN_DesktopReader" = NOOK for PC
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"FastStone Photo Resizer" = FastStone Photo Resizer 3.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031
"Google Chrome" = Google Chrome
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.4.6 (Standard)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LastPass" = LastPass(uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"N360" = Norton 360
"PROR" = Microsoft Office Professional 2007
"RealPlayer 15.0" = RealPlayer
"Sendori" = Sendori
"SmartTRAK" = SmartTRAK
"SpeedFan" = SpeedFan (remove only)
"ULTIMATER" = Microsoft Office Ultimate 2007
"WebQuiz XP" = WebQuiz XP
"WeBuilder 2011_is1" = WeBuilder 2011 v11.4
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 5.1.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Allmyapps" = Allmyapps
"Amazon Kindle" = Amazon Kindle
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/5/2013 9:33:06 PM | Computer Name = Aslan | Source = Application Error | ID = 1000
Description = Faulting application name: FASecFacX.exe, version: 3.1.83.1, time
stamp: 0x4f3afb82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x02ac2e30 Faulting process id: 0x1f00 Faulting application
start time: 0x01cdebabd8ab365e Faulting application path: C:\Program Files (x86)\Sensible
Vision\Fast Access\FASecFacX.exe Faulting module path: unknown Report Id: 04b55901-57a1-11e2-af97-4c8093113225

Error - 1/5/2013 10:12:49 PM | Computer Name = Aslan | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 12.0.6668.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 26b8 Start
Time: 01cdeba26775ad58 Termination Time: 0 Application Path: C:\Program Files (x86)\Microsoft
Office\Office12\WINWORD.EXE Report Id:

Error - 1/6/2013 1:30:32 AM | Computer Name = Aslan | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/6/2013 10:52:11 AM | Computer Name = Aslan | Source = Application Error | ID = 1000
Description = Faulting application name: FASecFacX.exe, version: 3.1.83.1, time
stamp: 0x4f3afb82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x02ad2e30 Faulting process id: 0x2238 Faulting application
start time: 0x01cdebc28f61a56f Faulting application path: C:\Program Files (x86)\Sensible
Vision\Fast Access\FASecFacX.exe Faulting module path: unknown Report Id: a654c031-5810-11e2-af97-4c8093113225

Error - 1/6/2013 11:05:01 AM | Computer Name = Aslan | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 5dd0 Start
Time: 01cdec1e7e4a0189 Termination Time: 24 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 1/6/2013 10:04:32 PM | Computer Name = Aslan | Source = Application Error | ID = 1000
Description = Faulting application name: WiDiApp.exe, version: 3.1.29.0, time stamp:
0x4f90b12b Faulting module name: mscorwks.dll, version: 2.0.50727.5466, time stamp:
0x503ef7aa Exception code: 0xc0000005 Fault offset: 0x00000000002be39e Faulting process
id: 0x1b00 Faulting application start time: 0x01cdec6da93baf9e Faulting application
path: C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe Faulting module
path: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll Report Id: 9327cf44-586e-11e2-af97-4c8093113225

Error - 1/6/2013 10:04:38 PM | Computer Name = Aslan | Source = Application Error | ID = 1000
Description = Faulting application name: PanUI.exe, version: 14.2.0.1, time stamp:
0x4e30dd82 Faulting module name: PanApi.dll, version: 14.2.0.0, time stamp: 0x4e30dd1a
Exception
code: 0xc0000005 Fault offset: 0x000000000001bef0 Faulting process id: 0x36ec Faulting
application start time: 0x01cdec1e1f531361 Faulting application path: C:\Program
Files\Intel\WiFi\bin\PanUI.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\PanApi.dll
Report
Id: 96f70dfc-586e-11e2-af97-4c8093113225

Error - 1/7/2013 2:31:44 PM | Computer Name = Aslan | Source = WinMgmt | ID = 10
Description =

Error - 1/7/2013 4:24:38 PM | Computer Name = Aslan | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/7/2013 6:50:33 PM | Computer Name = Aslan | Source = Application Error | ID = 1000
Description = Faulting application name: FASecFacX.exe, version: 3.1.83.1, time
stamp: 0x4f3afb82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x028e07d2 Faulting process id: 0x325c Faulting application
start time: 0x01cded0e7b866a81 Faulting application path: C:\Program Files (x86)\Sensible
Vision\Fast Access\FASecFacX.exe Faulting module path: unknown Report Id: a41cc30d-591c-11e2-88bf-4c8093113225

Error - 1/7/2013 6:54:23 PM | Computer Name = Aslan | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 1/10/2013 7:59:12 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 1/10/2013 8:00:22 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 1/10/2013 8:00:22 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 1/10/2013 9:35:00 PM | Computer Name = Aslan | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:33:14 PM on ?1/?10/?2013 was unexpected.

Error - 1/10/2013 9:35:09 PM | Computer Name = Aslan | Source = BugCheck | ID = 1001
Description =

Error - 1/10/2013 9:36:01 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7001
Description = The Spybot-S&D 2 Security Center Service service depends on the Security
Center service which failed to start because of the following error: %%1058

Error - 1/10/2013 9:39:04 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 1/10/2013 9:39:04 PM | Computer Name = Aslan | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 1/10/2013 9:53:49 PM | Computer Name = Aslan | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:48:39 PM on ?1/?10/?2013 was unexpected.

Error - 1/10/2013 9:53:57 PM | Computer Name = Aslan | Source = BugCheck | ID = 1001
Description =


< End of report >

 

Had trouble posting, hopefully I have now deleted all duplicated postings as they sent me to a blank screen

 

Hi again

You have a Windows Task named QZLGYMJGV.job - does this mean anything to you?

Do you have a Windows CD/DVD?

 

nope don't recognize.
No I do not have a Windows CD.DVD
Last time I had to reinstall windows it was from a partition on the hard drive.