Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iastor.sys BSOD once daily- no virus found


  • This topic is locked This topic is locked
40 replies to this topic

#1 mudhutbob

mudhutbob

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 25 January 2015 - 01:40 PM

Greetings,

 

I was referred here to see if my "once daily" iastor.sys BSOD could be virus related.  With another forum moderators help we ran many tests but the iastor.sys BSOD continues.  I have run GMER, tdsskiller and Malwarebytes and found a few PUP's and a Trojan.Chrome.INJ that were removed but the problem still exists.  We also updated the Intel Matrix driver and ran chkdsk /r and no disk errors were found.  I have attempted to run MBAM a few times but immediately receive the iastor.sys BSOD.  Not really sure where to go from here.  Your help is much appreciated.

 

Attached File  FRST.txt   54.87KB   2 downloadsAttached File  Addition.txt   53.37KB   1 downloads

 



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 25 January 2015 - 02:09 PM

Hello and Welcome to BleepingComputer,

my Name is Machiavelli and I will assist you with your problem.   :exclame: The fixes are specific to your problem and should only be used for the issue on your machine!  :exclame:
 
I'm in the 'Malware Staff Team' and will provide you with advice:
To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.
 
You must reply to posts within days. If you haven't replied within 4 days your topic will be closed. If you go away for some time please let me know. Communication is a important part here! If you are unsure about something - STOP - and ask me. No need to be afraid of asking - better ask than doing a mistake. Mistakes can lead to an unbootable PC! I would recommend to follow the topic by clicking on the Follow this topic button - you will get notified when I have replied to your topic.
 

:exclame: Below are a few tips :exclame:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
  • My Help is completely free of charge!
    Just if you like to donate me some money you can do it and I'd appreciate it. :)
 

Please post the logs into the thread.

Edited by Machiavelli, 25 January 2015 - 02:11 PM.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 25 January 2015 - 03:01 PM

Hello,

 

Here are the FRST and Addition logs.  Many thanks...


Edited by mudhutbob, 25 January 2015 - 04:15 PM.


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 25 January 2015 - 03:08 PM

Can you post the logs please directly into the thread? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 25 January 2015 - 04:14 PM

Oops.  Sorry.  Here they are:

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015 (ATTENTION: ====> FRST version is 18 days old and could be outdated)
Ran by The Holt's (administrator) on LUVTOHIKE on 25-01-2015 10:06:19
Running from C:\Documents and Settings\The Holt's\Desktop
Loaded Profile: The Holt's (Available profiles: The Holt's & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCDsrv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPatrol] => c:\program files\billp studios\winpatrol\winpatrol.exe [400480 2012-01-30] (BillP Studios)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [139264 2005-04-25] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => c:\program files\creative\sbaudigy2zs\surround mixer\ctsysvol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\cthelper.exe [19456 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon:  [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [NoDriveAutoRun] 0x67FFFF03
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-359015350-2660976701-2151963389-1005 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} -  No File
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15030/CTSUEng.cab
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.5.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://webprod.vcccd.net/iNotes6W.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} http://webprod.vcccd.net/dwa7W.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609
FF NewTab: hxxp://www.google.com
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npunagi2.dll (America Online, Inc.)
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-11-14]
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-01]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-22]
FF HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [846048 2012-04-27] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-12-29] (Adobe Systems) [File not signed]
S3 Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-11] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
S3 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [48368 2009-09-03] (NOS Microsystems Ltd.)
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 IAANTMon; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [86142 2005-04-25] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [163840 2006-01-04] (Alex Feinman) [File not signed]
R2 InCDsrvR; C:\Program Files\Ahead\InCD\InCDsrv.exe [869376 2005-04-12] (Nero AG) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2013-04-07] (NETGEAR)
S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [16512 2006-12-12] (Adaptec) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-11] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-08-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-11] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-06-23] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872 2014-08-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-11] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-11] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-11] ()
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [88352 2005-04-22] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2005-04-21] (Sonic Solutions) [File not signed]
R2 DVDAccss; C:\WINDOWS\System32\drivers\DVDAccss.sys [29156 2002-03-19] (Apple Computer, Inc.) [File not signed]
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 GKUPRO2D; C:\WINDOWS\System32\DRIVERS\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-02] (Ahead Software AG) [File not signed]
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-02] (Ahead Software AG) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [99456 2005-04-12] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29056 2005-04-12] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-04-12] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [28160 2005-04-12] (Nero AG) [File not signed]
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-01] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
S3 Jukebox3; C:\WINDOWS\System32\DRIVERS\ctpdusb.sys [16880 2004-05-18] (Creative Technology Ltd.)
R3 LCcfltr; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [14095 2004-03-03] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37887 2004-03-03] (Logitech, Inc.)
R3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (http://libusb-win32.sourceforge.net)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [19456 2004-11-02] (Intel Corporation ) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-06-28] (CACE Technologies, Inc.)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17217 2002-11-08] (Dell Computer Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-03-11] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2005-05-13] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2005-05-13] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86876 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15069 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-05-31] (Sonic Solutions) [File not signed]
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [125472 2013-09-14] (Acronis)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [83392 2013-09-14] (Acronis)
S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\ALSysIO.sys [X]
S3 bvrp_pci; No ImagePath
U2 CertPropSvc; No ImagePath
U5 itchfltr; C:\Windows\System32\Drivers\itchfltr.sys [12953 2004-03-10] (Logitech, Inc.)
S3 MFE_RR; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\mfe_rr.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-13] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 10:06 - 2015-01-25 10:07 - 00028207 _____ () C:\Documents and Settings\The Holt's\Desktop\FRST.txt
2015-01-25 10:06 - 2015-01-25 10:06 - 00000000 ____D () C:\FRST
2015-01-25 09:59 - 2015-01-25 09:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-02.dmp
2015-01-25 08:19 - 2015-01-25 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-01.dmp
2015-01-24 16:11 - 2015-01-24 16:11 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-05.dmp
2015-01-24 14:22 - 2015-01-24 15:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-01-24 14:21 - 2015-01-24 14:21 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-04.dmp
2015-01-24 14:09 - 2015-01-24 14:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-03.dmp
2015-01-24 13:30 - 2015-01-24 13:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-02.dmp
2015-01-24 08:12 - 2015-01-24 08:12 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-23 22:52 - 2015-01-23 22:52 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-04.dmp
2015-01-23 14:34 - 2015-01-23 14:34 - 00240259 _____ () C:\Documents and Settings\The Holt's\Desktop\Dumps.zip
2015-01-23 14:32 - 2015-01-23 14:33 - 00000000 ____D () C:\Documents and Settings\The Holt's\Desktop\Dumps
2015-01-23 13:09 - 2015-01-23 13:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-03.dmp
2015-01-23 12:30 - 2015-01-23 12:30 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-01-23 12:13 - 2015-01-23 12:13 - 00033127 _____ () C:\Documents and Settings\The Holt's\Desktop\minitoolbox.txt
2015-01-23 10:30 - 2015-01-23 10:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-02.dmp
2015-01-23 07:36 - 2015-01-23 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel® Matrix Storage Manager
2015-01-23 07:19 - 2015-01-23 07:19 - 00075151 _____ () C:\Documents and Settings\The Holt's\Desktop\DxDiag.txt
2015-01-23 05:45 - 2015-01-23 05:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-01.dmp
2015-01-22 20:10 - 2015-01-22 20:10 - 00002134 _____ () C:\Documents and Settings\The Holt's\Desktop\SystemLook.txt
2015-01-22 18:42 - 2015-01-22 18:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-04.dmp
2015-01-22 17:36 - 2015-01-23 06:53 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00001688 _____ () C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\SUPERAntiSpyware.com
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-01-22 17:05 - 2015-01-22 17:05 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-03.dmp
2015-01-22 16:59 - 2015-01-24 14:22 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 16:59 - 2015-01-24 14:22 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-22 16:59 - 2015-01-22 16:59 - 00000787 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-22 16:59 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-22 16:46 - 2015-01-22 16:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-02.dmp
2015-01-22 05:39 - 2015-01-22 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-01.dmp
2015-01-21 18:54 - 2015-01-21 18:54 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-06.dmp
2015-01-21 18:42 - 2015-01-21 18:42 - 00213192 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\97313061.sys
2015-01-21 17:49 - 2015-01-21 17:49 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-05.dmp
2015-01-21 06:17 - 2015-01-21 06:17 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-04.dmp
2015-01-21 06:06 - 2015-01-21 06:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-03.dmp
2015-01-21 06:02 - 2015-01-21 06:02 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-02.dmp
2015-01-21 06:00 - 2015-01-21 06:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\New Folder
2015-01-21 05:42 - 2015-01-21 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-01.dmp
2015-01-21 05:25 - 2015-01-21 05:25 - 00001356 _____ () C:\Documents and Settings\The Holt's\Desktop\gmer.log
2015-01-21 05:12 - 2015-01-21 05:19 - 00000000 ____D () C:\sfzone_profile
2015-01-20 22:45 - 2015-01-20 22:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-06.dmp
2015-01-20 22:42 - 2015-01-20 22:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-05.dmp
2015-01-20 22:04 - 2015-01-20 22:04 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-04.dmp
2015-01-20 21:13 - 2015-01-20 21:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-03.dmp
2015-01-20 19:03 - 2015-01-20 19:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-02.dmp
2015-01-20 05:42 - 2015-01-20 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-01.dmp
2015-01-19 20:41 - 2015-01-19 20:41 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-02.dmp
2015-01-19 05:42 - 2015-01-19 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-01.dmp
2015-01-18 21:10 - 2015-01-18 21:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-18 09:48 - 2015-01-18 09:48 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-03.dmp
2015-01-18 08:43 - 2015-01-18 08:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-02.dmp
2015-01-18 07:59 - 2015-01-18 07:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-01.dmp
2015-01-17 18:26 - 2015-01-17 18:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Elephant Games
2015-01-17 14:40 - 2015-01-17 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2015-01-17 14:39 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\WINDOWS\system32\CNC_C9L.dll
2015-01-17 14:39 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series User Registration
2015-01-17 14:38 - 2014-03-17 11:15 - 00380928 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2015-01-17 14:38 - 2014-03-17 11:15 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon Easy-WebPrint EX
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series Manual
2015-01-17 14:25 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9.DLL
2015-01-17 09:38 - 2015-01-17 09:38 - 00001979 _____ () C:\Documents and Settings\All Users\Desktop\Play Phantasmat - The Endless Night Collectors Edition.lnk
2015-01-17 09:35 - 2015-01-17 09:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Phantasmat - The Endless Night Collectors Edition
2015-01-17 09:24 - 2015-01-17 09:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-05.dmp
2015-01-17 08:46 - 2015-01-17 08:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-04.dmp
2015-01-17 08:19 - 2015-01-17 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-03.dmp
2015-01-17 06:56 - 2015-01-17 06:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-02.dmp
2015-01-17 06:43 - 2015-01-17 06:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2015-01-17 06:42 - 2015-01-17 06:42 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-01-17 06:32 - 2015-01-17 06:32 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-01.dmp
2015-01-16 18:13 - 2015-01-16 18:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-02.dmp
2015-01-16 05:39 - 2015-01-16 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-01.dmp
2015-01-15 18:41 - 2015-01-23 18:52 - 00010050 _____ () C:\WINDOWS\KB2900986.log
2015-01-15 18:06 - 2015-01-15 18:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011515-01.dmp
2015-01-14 20:55 - 2015-01-17 09:38 - 00000000 ____D () C:\Program Files\Phantasmat - The Endless Night Collectors Edition
2015-01-13 19:55 - 2015-01-13 20:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\margrave3_se
2015-01-11 14:45 - 2015-01-11 14:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJMIG
2015-01-11 14:44 - 2015-01-11 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJQuickMenu
2015-01-11 14:41 - 2013-12-02 12:58 - 00096000 _____ () C:\WINDOWS\system32\CNC177ED.TBL
2015-01-11 14:39 - 2015-01-17 14:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
2015-01-11 14:27 - 2015-01-17 14:25 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-11 14:27 - 2015-01-11 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonBJ
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(5).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(4).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(3).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(2).DLL
2015-01-10 07:35 - 2015-01-10 07:35 - 00001866 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Blackrow's Secret.lnk
2015-01-10 07:32 - 2015-01-10 07:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Blackrow's Secret
2015-01-10 07:32 - 2015-01-10 07:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Blackrow's Secret
2015-01-10 07:31 - 2015-01-10 07:31 - 00001889 _____ () C:\Documents and Settings\All Users\Desktop\Play Surface - Game of Gods Collectors Edition.lnk
2015-01-10 07:25 - 2015-01-10 07:31 - 00000000 ____D () C:\Program Files\Surface - Game of Gods Collectors Edition
2015-01-10 07:25 - 2015-01-10 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Surface - Game of Gods Collectors Edition
2015-01-10 07:20 - 2015-01-10 07:20 - 00002008 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Silent Hollow Collector's Edition.lnk
2015-01-10 07:14 - 2015-01-10 07:20 - 00000000 ____D () C:\Program Files\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-10 07:14 - 2015-01-10 07:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-09 05:51 - 2015-01-09 05:51 - 01115648 _____ (Farbar) C:\Documents and Settings\The Holt's\Desktop\FRST.exe
2015-01-07 21:42 - 2015-01-07 21:42 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-01-07 20:35 - 2015-01-07 20:35 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Hewlett-Packard
2015-01-07 20:32 - 2015-01-07 20:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-07 18:15 - 2015-01-07 18:15 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\Garmin
2015-01-07 18:08 - 2015-01-07 18:08 - 00000858 _____ () C:\WINDOWS\setupact.log
2015-01-07 18:08 - 2015-01-07 18:08 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-06 20:55 - 2015-01-25 09:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-06 06:13 - 2015-01-06 06:13 - 00001135 _____ () C:\Documents and Settings\The Holt's\Desktop\Dropbox.lnk
2015-01-06 06:13 - 2015-01-06 06:13 - 00000000 ____D () C:\Dropbox pics
2015-01-06 06:11 - 2015-01-06 06:12 - 00000000 ____D () C:\Program Files\Dropbox
2015-01-06 06:10 - 2015-01-06 06:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dropbox
2015-01-05 18:38 - 2015-01-05 18:38 - 00001552 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2015-01-05 18:38 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Program Files\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-05 18:37 - 2015-01-05 18:37 - 00000000 ____D () C:\Program Files\iPod
2015-01-04 21:17 - 2010-12-24 11:18 - 00001414 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150104-211735.backup
2014-12-30 21:35 - 2014-12-30 21:35 - 00001890 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Raincliffs Phantoms.lnk
2014-12-30 21:32 - 2014-12-30 21:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:32 - 2014-12-30 21:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:09 - 2014-12-30 21:09 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\Play Hidden Expedition - The Crown of Solomon.lnk
2014-12-30 21:06 - 2014-12-30 21:09 - 00000000 ____D () C:\Program Files\Hidden Expedition - The Crown of Solomon
2014-12-30 21:06 - 2014-12-30 21:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Hidden Expedition - The Crown of Solomon
2014-12-27 18:13 - 2015-01-15 19:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Eipix
2014-12-27 18:10 - 2014-12-27 18:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Boolat Games
2014-12-27 08:33 - 2014-12-27 08:33 - 00001780 _____ () C:\Documents and Settings\All Users\Desktop\Play Dreampath - The Two Kingdoms.lnk
2014-12-27 08:30 - 2014-12-27 08:33 - 00000000 ____D () C:\Program Files\Dreampath - The Two Kingdoms
2014-12-27 08:30 - 2014-12-27 08:30 - 00001937 _____ () C:\Documents and Settings\All Users\Desktop\Play Dark Parables - The Red Riding Hood Sisters.lnk
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dreampath - The Two Kingdoms
2014-12-27 08:25 - 2014-12-27 08:30 - 00000000 ____D () C:\Program Files\Dark Parables - The Red Riding Hood Sisters
2014-12-27 08:25 - 2014-12-27 08:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dark Parables - The Red Riding Hood Sisters
2014-12-27 08:20 - 2014-12-27 08:20 - 00002183 _____ () C:\Documents and Settings\All Users\Desktop\Play Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition.lnk
2014-12-27 08:16 - 2014-12-27 08:20 - 00000000 ____D () C:\Program Files\Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition
2014-12-27 08:16 - 2014-12-27 08:16 - 00001804 _____ () C:\Documents and Settings\All Users\Desktop\Play Christmas Stories - Nutcracker.lnk
2014-12-27 08:16 - 2014-12-27 08:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition
2014-12-27 08:13 - 2014-12-27 08:16 - 00000000 ____D () C:\Program Files\Christmas Stories - Nutcracker
2014-12-27 08:13 - 2014-12-27 08:13 - 00002231 _____ () C:\Documents and Settings\All Users\Desktop\Play Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition.lnk
2014-12-27 08:13 - 2014-12-27 08:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Christmas Stories - Nutcracker
2014-12-27 08:03 - 2014-12-27 08:13 - 00000000 ____D () C:\Program Files\Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition
2014-12-27 08:03 - 2014-12-27 08:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 10:07 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Temp
2015-01-25 10:00 - 2004-08-19 12:50 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-25 09:59 - 2014-08-11 20:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-25 09:59 - 2014-08-11 20:36 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-25 09:59 - 2014-01-07 19:05 - 00000568 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-01-25 09:59 - 2010-07-18 13:32 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-25 09:59 - 2007-09-18 17:30 - 233558016 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-25 09:59 - 2005-08-27 19:54 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-25 09:59 - 2004-08-19 13:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-25 09:58 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung
2015-01-25 09:50 - 2014-08-08 04:52 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-25 09:49 - 2014-08-11 20:36 - 00032290 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-25 09:48 - 2014-11-29 11:25 - 00301640 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-25 09:48 - 2005-08-23 20:51 - 00000278 ___SH () C:\Documents and Settings\The Holt's\ntuser.ini
2015-01-25 09:48 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's
2015-01-25 09:45 - 2014-11-29 22:43 - 04958588 ____N () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK
2015-01-25 09:45 - 2010-07-10 07:00 - 04958588 _____ () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF
2015-01-25 09:10 - 2010-06-29 05:32 - 00000000 ____D () C:\Canon Temp Pics
2015-01-25 09:10 - 2005-08-26 16:32 - 00000000 ____D () C:\Camping Info
2015-01-23 18:51 - 2013-08-15 04:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 18:36 - 2014-11-29 21:27 - 00260091 _____ () C:\WINDOWS\setupapi.log
2015-01-23 13:33 - 2010-07-18 13:32 - 00000296 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-23 12:58 - 2009-09-30 21:02 - 00000000 ____D () C:\Program Files\IObit
2015-01-23 12:45 - 2010-12-09 20:07 - 00000000 ____D () C:\Program Files\Java
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Program Files\Auslogics
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-01-23 12:39 - 2008-12-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2015-01-23 07:36 - 2005-08-17 08:31 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-22 17:32 - 2010-03-27 14:23 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple
2015-01-22 17:32 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\twain_32
2015-01-21 06:01 - 2007-01-28 16:36 - 00000000 ____D () C:\eBay pics
2015-01-21 05:17 - 2013-06-30 07:40 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-01-20 22:52 - 2013-08-25 21:41 - 00000000 ____D () C:\AdwCleaner
2015-01-20 22:45 - 2009-06-25 21:08 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-20 06:55 - 2004-08-19 13:03 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-01-20 06:18 - 2012-11-08 18:59 - 00000000 ____D () C:\Robs health info
2015-01-19 21:15 - 2005-09-17 06:13 - 00000116 ____C () C:\WINDOWS\NeroDigital.ini
2015-01-18 21:11 - 2012-04-26 21:41 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-18 10:55 - 2010-06-29 05:30 - 00000000 ____D () C:\Craigslist pics
2015-01-18 08:32 - 2007-09-18 10:29 - 00000210 ___SH () C:\boot.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000864 _____ () C:\WINDOWS\win.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-18 08:25 - 2010-09-11 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-01-17 22:47 - 2012-08-26 21:50 - 02804130 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-359015350-2660976701-2151963389-1005-0.dat
2015-01-17 22:47 - 2012-08-26 21:50 - 00307178 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-01-17 20:56 - 2014-12-07 18:27 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Blue Tea Games
2015-01-17 18:26 - 2014-09-06 05:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Elephant Games
2015-01-17 14:43 - 2008-10-19 17:28 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon
2015-01-17 14:42 - 2008-10-19 17:24 - 00000000 ____D () C:\Program Files\Canon
2015-01-17 14:40 - 2008-10-19 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2015-01-17 14:39 - 2013-12-13 18:58 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-17 14:39 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\Media
2015-01-17 09:00 - 2012-07-10 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Deployment
2015-01-17 09:00 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dell
2015-01-17 08:30 - 2010-09-11 12:44 - 00017318 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-01-17 08:08 - 2010-05-01 22:14 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 07:57 - 2004-08-19 13:02 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-17 06:51 - 2005-08-24 17:20 - 00084688 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-17 06:44 - 2004-08-19 12:57 - 00309192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 06:43 - 2010-09-11 12:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-17 06:43 - 2010-09-11 12:47 - 00000000 ____D () C:\Program Files\HP
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-17 06:41 - 2013-05-11 12:41 - 00000000 ____D () C:\Program Files\Belarc
2015-01-15 18:08 - 2009-08-21 05:48 - 00011322 _____ () C:\VEW.txt
2015-01-11 16:11 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 3
2015-01-11 14:50 - 2014-09-01 05:53 - 00000000 ____D () C:\Amelia stuff
2015-01-11 14:50 - 2012-06-27 16:56 - 00000000 ___RD () C:\Documents and Settings\The Holt's\My Documents\HP Photo Creations
2015-01-11 12:12 - 2005-08-26 16:32 - 00000000 ____D () C:\Katy's Miscellaneous
2015-01-09 21:27 - 2013-11-03 20:20 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Dropbox
2015-01-07 22:11 - 2012-06-12 04:37 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-07 22:11 - 2011-08-23 18:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-07 21:42 - 2010-09-11 12:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\HpUpdate
2015-01-07 21:17 - 2014-11-15 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Garmin
2015-01-07 21:17 - 2013-08-08 20:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Program Files\Garmin
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
2015-01-07 21:17 - 2012-08-26 09:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Garmin
2015-01-07 21:17 - 2005-08-27 13:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Adobe
2015-01-07 20:46 - 2013-02-23 20:20 - 00208331 ____C () C:\WINDOWS\hpoins41.dat.temp
2015-01-07 18:22 - 2014-01-18 14:59 - 00000000 ____D () C:\Health stuff
2015-01-06 05:59 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 2
2015-01-05 19:55 - 2013-11-03 20:23 - 00000000 ___RD () C:\Dropbox
2015-01-05 18:45 - 2006-02-15 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2015-01-05 18:45 - 2006-02-15 07:24 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-05 18:37 - 2014-05-28 21:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-01-05 18:37 - 2010-12-09 21:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-03 18:14 - 2014-08-08 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ATI
2015-01-03 18:13 - 2010-06-20 15:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\WDC
2015-01-03 18:12 - 2013-06-28 16:32 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\NETGEARGenie
2015-01-03 18:02 - 2014-08-02 10:58 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\.minecraft
2015-01-02 18:14 - 2005-08-27 11:54 - 00002477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2015-01-01 11:26 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 13
2015-01-01 11:25 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 4
2015-01-01 11:22 - 2007-12-02 14:33 - 00000000 ____D () C:\Dung Temp 2
2015-01-01 11:21 - 2012-02-20 12:24 - 00000000 ____D () C:\Dung screensaver
2015-01-01 11:20 - 2005-08-25 17:34 - 00000000 ____D () C:\Pics
2015-01-01 11:14 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 12
2015-01-01 11:12 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 11
2015-01-01 11:09 - 2014-03-09 18:34 - 00000000 ____D () C:\Nomad stuff
2015-01-01 11:09 - 2008-11-15 16:49 - 00000000 ____D () C:\Dung 10
2015-01-01 11:07 - 2011-10-02 17:19 - 00000000 ____D () C:\Dung 5
2014-12-31 13:15 - 2005-08-24 05:09 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-26 11:12 - 2013-09-24 05:57 - 00000000 ____D () C:\Football

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

 

 

 

 

 

Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by The Hott's at 2015-01-25 10:08:16
Running from C:\Documents and Settings\The Hott's\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9488E0FA-F058-4673-850E-E755F112BABC}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acronis True Image WD Edition (HKLM\...\{9B683A28-2172-4CF1-B85D-41375E80652A}) (Version: 13.0.14184 - Acronis)
AdMission Photo Uploader (HKLM\...\AdMission Photo Uploader) (Version:  - )
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop 5.0 Limited Edition (HKLM\...\Adobe Photoshop 5.0 Limited Edition) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\23ab716f18849b6f) (Version: 2.4.2013.3290 - Amazon)
Amazon Games & Software Downloader (HKLM\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{9C8D1ACD-1B98-9A30-42C4-B63781BD4613}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 2.6.7 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
avast! Internet Security (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C309g-m (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM\...\Canon MG6600 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG6600 series User Registration (HKLM\...\Canon MG6600 series User Registration) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Christmas Stories 3: Hans Christian Andersen's Tin Soldier Collector's Edition (HKLM\...\BFG-Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition) (Version:  - )
Christmas Stories: Nutcracker (HKLM\...\BFG-Christmas Stories - Nutcracker) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Jukebox Driver (HKLM\...\Creative Jukebox Driver) (Version:  - )
Dark Parables: Curse of Briar Rose Collector's Edition (HKLM\...\BFG-Dark Parables - Curse of Briar Rose Collector's Edition) (Version:  - )
Dark Parables: Jack and the Sky Kingdom (HKLM\...\BFG-Dark Parables - Jack and the Sky Kingdom) (Version:  - )
Dark Parables: Rise of the Snow Queen Collector's Edition (HKLM\...\BFG-Dark Parables - Rise of the Snow Queen Collector's Edition) (Version:  - )
Dark Parables: The Exiled Prince Collector's Edition (HKLM\...\BFG-Dark Parables - The Exiled Prince Collector's Edition) (Version:  - )
Dark Parables: The Final Cinderella (HKLM\...\BFG-Dark Parables - The Final Cinderella) (Version:  - )
Dark Parables: The Little Mermaid and the Purple Tide Collector's Edition (HKLM\...\BFG-Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition) (Version:  - )
Dark Parables: The Red Riding Hood Sisters (HKLM\...\BFG-Dark Parables - The Red Riding Hood Sisters) (Version:  - )
Dark Realm: Queen of Flames Collector's Edition (HKLM\...\BFG-Dark Realm - Queen of Flames Collectors Edition) (Version:  - )
Data Lifeguard Diagnostic for Windows 1.24 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Detect - 1  (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell System Detect (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell System Detect Bootstrapper (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DiskCheckup v3.1 (HKLM\...\DiskCheckup_is1) (Version: 3.1.1004 - PassMark Software)
Dreampath: The Two Kingdoms (HKLM\...\BFG-Dreampath - The Two Kingdoms) (Version:  - )
Dropbox (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
DVD@ccess 1.5 (HKLM\...\{2B34414C-14FB-11D6-A329-0050045C24B2}) (Version:  - )
Echoes of the Past: Wolf Healer (HKLM\...\BFG-Echoes of the Past - Wolf Healer) (Version:  - )
Elevated Installer (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FastStone Image Viewer 4.7 (HKLM\...\FastStone Image Viewer) (Version: 4.7 - FastStone Soft)
Fear for Sale: The 13 Keys Collector's Edition (HKLM\...\BFG-Fear for Sale - The 13 Keys Collectors Edition) (Version:  - )
Firehand Ember Millennium (HKLM\...\Firehand Ember Millennium) (Version:  - )
Fitbit Connect (HKLM\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GetDiz 3.0 (HKLM\...\GetDiz 3.0) (Version: 3.0 - Outer Technologies)
getPlus® for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.29 - NOS Microsystems Ltd.)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Grim Tales: Bloody Mary (HKLM\...\BFG-Grim Tales - Bloody Mary) (Version:  - )
Grim Tales: The Vengeance (HKLM\...\BFG-Grim Tales - The Vengeance) (Version:  - )
Hidden Expedition: The Crown of Solomon (HKLM\...\BFG-Hidden Expedition - The Crown of Solomon) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HostsMan 3.2.73 (HKLM\...\{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}) (Version: 3.2.73 - abelhadigital.com)
House of 1000 Doors - Family Secrets (HKLM\...\House of 1000 Doors - Family Secrets_is1) (Version:  - )
House of 1000 Doors: Serpent Flame (HKLM\...\BFG-House of 1000 Doors - Serpent Flame) (Version:  - )
House of 1000 Doors: The Palm of Zoroaster (HKLM\...\BFG-House of 1000 Doors - The Palm of Zoroaster) (Version:  - )
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Connections Software v9.2.4.11 (HKLM\...\PROSetDX) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
ISO Recorder (HKLM\...\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}) (Version: 2.0.0 - Alex Feinman)
iSofter DVD Audio Ripper Deluxe 3.0.2007.228 (HKLM\...\iSofter DVD Audio Ripper Deluxe_is1) (Version:  - iSofter, Inc.)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Living Legends: Frozen Beauty (HKLM\...\BFG-Living Legends - Frozen Beauty) (Version:  - )
Logitech iTouch Software (HKLM\...\{036AA4D4-6D32-11D4-9875-00105ACE7734}) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition (HKLM\...\{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}) (Version: 1.1.0.2423 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Modem Event Monitor (HKLM\...\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}) (Version:  - )
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
MotionDV STUDIO 5.3E LE for DV (HKLM\...\{43F8F1E5-C740-4293-A309-EA9DD6474DB1}) (Version:  - )
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 35.0 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 WAV Converter 3.05 (HKLM\...\MP3 WAV Converter 3.05) (Version:  - )
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Mystery Case Files &reg;: 13th Skull ™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - 13th Skull Collector's Edition) (Version:  - )
Mystery Case Files&reg;: Dire Grove™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - Dire Grove Collector's Edition) (Version:  - )
Mystery Case Files&reg;: Fate's Carnival (HKLM\...\BFG-Mystery Case Files - Fates Carnival) (Version:  - )
Mystery Case Files: Dire Grove, Sacred Grove Collector's Edition (HKLM\...\BFG-MCF - Dire Grove Sacred Grove CE) (Version:  - )
Mystery Case Files: Huntsville ™ (HKLM\...\BFG-Mystery Case Files - Huntsville) (Version:  - )
Mystery Case Files: Madame Fate &reg; (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version:  - )
Mystery of the Ancients: Three Guardians (HKLM\...\BFG-Mystery of the Ancients - Three Guardians) (Version:  - )
Mystery Trackers: Blackrow's Secret (HKLM\...\BFG-Mystery Trackers - Blackrow's Secret) (Version:  - )
Mystery Trackers: Raincliff's Phantoms (HKLM\...\BFG-Mystery Trackers - Raincliffs Phantoms) (Version:  - )
Mystery Trackers: Silent Hollow Collector's Edition (HKLM\...\BFG-Mystery Trackers - Silent Hollow Collector's Edition) (Version:  - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.28.24.exe  - NETGEAR Inc.)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
NirSoft WinUpdatesList (HKLM\...\NirSoft WinUpdatesList) (Version:  - )
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
Olympus Digital Wave Player (HKLM\...\{FB91E774-867B-4567-ACE7-8144EF036068}) (Version:  - )
Phantasmat: The Endless Night Collector's Edition (HKLM\...\BFG-Phantasmat - The Endless Night Collectors Edition) (Version:  - )
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PlayStation®Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.9.4.14625 - Sony Computer Entertainment Inc.)
PowerDVD 5.9 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PS_AIO_06_C309g-m_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Queen's Tales: The Beast and the Nightingale (HKLM\...\BFG-Queens Tales - The Beast and the Nightingale) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rite of Passage: Hide and Seek (HKLM\...\BFG-Rite of Passage - Hide and Seek) (Version:  - )
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Skins (Version: 2013.0830.304.3566 - Advanced Micro Devices, Inc.) Hidden
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic Audio module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.98 - Sonic Solutions)
Sonic DVD for Photo Story 3 for Windows (HKLM\...\{0749256F-E98D-4EF1-A15B-AED26BCC1DC8}) (Version:  - )
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sony Media Manager 2.0 (HKLM\...\{47D2D455-2C1C-4922-A520-3E3466D783E1}) (Version: 2.0.40 - Sony)
Sound Blaster Audigy 2 ZS (HKLM\...\{9E2514D9-DC24-4634-B348-61F3EF0F1628}) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Surface: Game of Gods Collector's Edition (HKLM\...\BFG-Surface - Game of Gods Collectors Edition) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
The Master Genealogist (for All Users) (HKLM\...\The Master Genealogist (for All Users)) (Version: 5.x - Wholly Genes Software)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
True Fear: Forsaken Souls (HKLM\...\BFG-True Fear - Forsaken Souls) (Version:  - )
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 2.1.0f5_16147 - Unity Technologies ApS)
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Video Stream Driver for Panasonic DVC (HKLM\...\InstallShield_{9A97D672-6C93-4DFA-B527-DE005A761495}) (Version: 1.00.0000 - Panasonic)
Video Stream Driver for Panasonic DVC (Version: 1.00.0000 - Panasonic) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 24.1.2012 - BillP Studios)
WinZip (HKLM\...\WinZip) (Version:  9.0 SR-1 (6224) - WinZip Computing, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{05716308-1784-4166-942E-0A09F1DE83D1}\localserver32 -> C:\Program Files\Acronis\TrueImageHome\aszbrowsehelper.exe (Acronis)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Hott's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\The Hott's\Local Settings\Application Data\Google\Update\1.3.21.111\psuser (the data entry has 12 more characters).

==================== Restore Points  =========================

17-12-2014 21:33:13 System Checkpoint
19-12-2014 05:58:07 System Checkpoint
20-12-2014 07:51:19 System Checkpoint
21-12-2014 08:45:43 System Checkpoint
22-12-2014 18:55:13 System Checkpoint
23-12-2014 19:56:52 System Checkpoint
24-12-2014 20:20:18 System Checkpoint
25-12-2014 21:03:16 System Checkpoint
26-12-2014 21:59:42 System Checkpoint
28-12-2014 07:24:25 System Checkpoint
31-12-2014 16:14:44 System Checkpoint
01-01-2015 16:46:15 System Checkpoint
02-01-2015 18:40:07 System Checkpoint
05-01-2015 02:05:19 System Checkpoint
06-01-2015 19:36:34 System Checkpoint
07-01-2015 18:11:03 Garmin Express
07-01-2015 18:12:42 Garmin Express
07-01-2015 20:32:10 Installed HP Support Solutions Framework
07-01-2015 21:17:18 Restore Operation
07-01-2015 21:42:38 Removed HP Update.
07-01-2015 21:46:42 Installed HP Support Solutions Framework
09-01-2015 06:17:57 System Checkpoint
10-01-2015 10:04:17 System Checkpoint
11-01-2015 10:42:47 System Checkpoint
11-01-2015 15:05:55 Removed HP Support Solutions Framework
11-01-2015 15:06:29 Removed HP Update.
12-01-2015 18:41:01 System Checkpoint
14-01-2015 06:21:22 System Checkpoint
15-01-2015 18:25:55 Software Distribution Service 3.0
16-01-2015 22:38:06 System Checkpoint
17-01-2015 06:39:47 Restore Operation
17-01-2015 08:03:54 Restore Operation
17-01-2015 08:09:56 Restore Operation
17-01-2015 08:21:31 Revo Uninstaller's restore point - Belarc Advisor 8.3
17-01-2015 08:23:41 Revo Uninstaller's restore point - Belarc Advisor 8.3
17-01-2015 08:25:28 Revo Uninstaller's restore point - HP CD Labeler II
17-01-2015 08:26:32 Revo Uninstaller's restore point - HP Customer Participation Program 14.0
17-01-2015 08:27:29 Revo Uninstaller's restore point - HP Imaging Device Functions 14.0
17-01-2015 08:28:14 Revo Uninstaller's restore point - HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6
17-01-2015 08:29:17 Revo Uninstaller's restore point - HP Smart Web Printing 4.60
17-01-2015 08:30:00 Revo Uninstaller's restore point - HP Solution Center 14.0
17-01-2015 08:30:50 Revo Uninstaller's restore point - HP Support Solutions Framework
17-01-2015 08:32:04 Revo Uninstaller's restore point - HP Support Solutions Framework
17-01-2015 08:32:45 Revo Uninstaller's restore point - HP Update
17-01-2015 08:32:55 Removed HP Update.
17-01-2015 08:34:17 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 08:23:09 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 08:25:00 Revo Uninstaller's restore point - HP Photo Creations
18-01-2015 08:26:22 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 10:35:24 Revo Uninstaller's restore point - HP Support Solutions Framework
20-01-2015 06:34:55 System Checkpoint
21-01-2015 19:15:48 System Checkpoint
22-01-2015 21:44:54 System Checkpoint
23-01-2015 12:29:48 Revo Uninstaller's restore point - Advanced SystemCare 7
23-01-2015 12:33:13 Revo Uninstaller's restore point - Driver Booster
23-01-2015 12:34:59 Revo Uninstaller's restore point - IObit Uninstaller
23-01-2015 12:39:00 Revo Uninstaller's restore point - Auslogics BoostSpeed
23-01-2015 12:42:04 Revo Uninstaller's restore point - Java 7 Update 71
23-01-2015 12:42:36 Removed Java 7 Update 71
23-01-2015 12:46:02 Revo Uninstaller's restore point - Macromedia Flash Player
23-01-2015 12:46:11 Removed Macromedia Flash Player
23-01-2015 12:46:59 Revo Uninstaller's restore point - Macromedia Shockwave Player
23-01-2015 18:37:56 Software Distribution Service 3.0
24-01-2015 21:43:06 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-12-11 20:19 - 2010-12-24 11:18 - 00001414 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\The Hott's\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2014-06-22 19:28 - 2014-08-11 20:47 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-25 08:10 - 2015-01-25 08:10 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012500\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-10 18:59 - 2011-04-14 17:01 - 00548854 ____N () C:\program files\billp studios\winpatrol\sqlite3.dll
2014-06-22 19:28 - 2014-08-11 20:47 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-03-16 11:22 - 2010-03-16 11:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-30 02:03 - 2013-08-30 02:03 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:103E96B0
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:10DB9BB7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2701CA70
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2BFBA0B7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2DB4FB78
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2F0A4DCE
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2F522D1F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:3BDF57F4
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:494E4266
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:4B6A9FDA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:553056F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5559517D
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:566B9179
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:57B2B96C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:58306E4C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:60E755E6
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:63C48B80
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:641A21EA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:699EFEED
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:6DEB5611
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7687A3E3
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7F477B0D
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8751B175
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:88C5973F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8927A071
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8CFF4966
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A81A3C86
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B0456F0C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:BCFEA004
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C04D2B44
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C1D3D9A3
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C76D8487
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D5E3E8C4
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E402E439
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E534B4D1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F83E8359
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FAFEC4B9
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FE1665C7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FFA396CD

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71555656.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71555656.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Detector 3.lnk => C:\WINDOWS\pss\Device Detector 3.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD@ccess.lnk => C:\WINDOWS\pss\DVD@ccess.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Symantec Fax Starter Edition Port.lnk => C:\WINDOWS\pss\Symantec Fax Starter Edition Port.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wallpaper Changer.lnk => C:\WINDOWS\pss\Wallpaper Changer.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\WINDOWS\pss\WDDMStatus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WPChanger.lnk => C:\WINDOWS\pss\WPChanger.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^The Hott's^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^The Hott's^Start Menu^Programs^Startup^TA_Start.lnk =>
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Documents and Settings\The Hott's\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonGSDownloaderTray => C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: Creative Detector =>
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Microsoft Default Manager =>
MSCONFIG\startupreg: MSN Toolbar =>
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: RealTray =>
MSCONFIG\startupreg: worvedwlvb => regsvr32.exe /s "C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple\worvedwlvb.dll"
MSCONFIG\startupreg: zBrowser Launcher => C:\Program Files\Logitech\iTouch\iTouch.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-359015350-2660976701-2151963389-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-359015350-2660976701-2151963389-1006 - Limited - Enabled)
Guest (S-1-5-21-359015350-2660976701-2151963389-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-359015350-2660976701-2151963389-1004 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-359015350-2660976701-2151963389-1002 - Limited - Disabled)
The Holt's (S-1-5-21-359015350-2660976701-2151963389-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\The Holt's

==================== Faulty Device Manager Devices =============

Name: Samsung CF Card       CF USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Samsung MS Card       MS USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Samsung SM/XD Card    SM USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 10:49:46 PM) (Source: Microsoft Management Console) (EventID: 1000) (User: )
Description: mmc.exe5.2.3790.4136ntdll.dll0.0.0.000064879

Error: (01/22/2015 04:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.1.711, faulting module mbam.exe, version 1.0.1.711, fault address 0x001dc060.
Processing media-specific event for [mbam.exe!ws!]

Error: (01/20/2015 11:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.1.711, faulting module mbamcore.dll, version 1.1.20.0, fault address 0x0003ec90.
Processing media-specific event for [mbam.exe!ws!]

Error: (01/08/2015 08:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (01/08/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (12/22/2014 05:52:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application queenstales_thebeastandthenightingale_se.exe, version 0.0.0.0, faulting module queenstales_thebeastandthenightingale_se.exe, version 0.0.0.0, fault address 0x002c725a.
Processing media-specific event for [queenstales_thebeastandthenightingale_se.exe!ws!]

Error: (12/12/2014 06:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0014c493.
Processing media-specific event for [iexplore.exe!ws!]

Error: (12/03/2014 08:05:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x06222398.
Processing media-specific event for [iexplore.exe!ws!]

Error: (12/03/2014 06:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 33.1.0.5423, faulting module mozalloc.dll, version 33.1.0.5423, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (11/26/2014 05:37:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x5c223df5.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (01/24/2015 03:03:24 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/24/2015 02:24:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
BANTExt
Fips
intelppm
SASDIFSV
SASKUTIL

Error: (01/24/2015 02:22:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/23/2015 10:41:51 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000369ntuser.iniHarddiskVolume2

Error: (01/22/2015 05:33:52 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (01/22/2015 05:32:28 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/22/2015 05:07:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
BANTExt
Fips
intelppm

Error: (01/22/2015 05:05:38 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/21/2015 05:19:05 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/21/2015 05:05:41 AM) (Source: DCOM) (EventID: 10005) (User: LUVTOHIKE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (01/23/2015 10:49:46 PM) (Source: Microsoft Management Console) (EventID: 1000) (User: )
Description: mmc.exe5.2.3790.4136ntdll.dll0.0.0.000064879

Error: (01/22/2015 04:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711mbam.exe1.0.1.711001dc060

Error: (01/20/2015 11:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711mbamcore.dll1.1.20.00003ec90

Error: (01/08/2015 08:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425

Error: (01/08/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425

Error: (12/22/2014 05:52:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: queenstales_thebeastandthenightingale_se.exe0.0.0.0queenstales_thebeastandthenightingale_se.exe0.0.0.0002c725a

Error: (12/12/2014 06:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.235880014c493

Error: (12/03/2014 08:05:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.006222398

Error: (12/03/2014 06:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/26/2014 05:37:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.05c223df5


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 19%
Total physical RAM: 3326.09 MB
Available physical RAM: 2669.25 MB
Total Pagefile: 6487.87 MB
Available Pagefile: 5882.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.07 MB

==================== Drives ================================

Drive c: (Local Disk) (Fixed) (Total:902.2 GB) (Free:736.33 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive g: (My Book) (Fixed) (Total:465.11 GB) (Free:332.63 GB) NTFS
Drive j: (Back Up) (Fixed) (Total:232.88 GB) (Free:82.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7724CF55)
Partition 1: (Not Active) - (Size=291 MB) - (Type=DE)
Partition 2: (Active) - (Size=902.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=DB)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 25134A89)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.1 GB) (Disk ID: 000487A0)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 26 January 2015 - 09:17 AM

Looks like I didn't do all my homework M.  I didn't see that I need to disable my CD Emulation.  I have a Nero virtual drive.  Let me know if I should run DeFogger.  Thanks



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 26 January 2015 - 10:52 AM

No need to run Defogger for now. ;)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015 (ATTENTION: ====> FRST version is 18 days old and could be outdated)

Could you please update FRST and rescan? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 26 January 2015 - 10:00 PM

Updated Logs :) :

 

FRST LOG:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by The Holt's (administrator) on LUVTOHIKE on 26-01-2015 18:43:40
Running from C:\Documents and Settings\The Holt's\Desktop
Loaded Profiles: The Holt's (Available profiles: The Holt's & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCDsrv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPatrol] => c:\program files\billp studios\winpatrol\winpatrol.exe [400480 2012-01-30] (BillP Studios)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [139264 2005-04-25] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => c:\program files\creative\sbaudigy2zs\surround mixer\ctsysvol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\cthelper.exe [19456 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon:  [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [NoDriveAutoRun] 0x67FFFF03
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-359015350-2660976701-2151963389-1005 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} -  No File
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15030/CTSUEng.cab
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.5.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://webprod.vcccd.net/iNotes6W.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} http://webprod.vcccd.net/dwa7W.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609
FF NewTab: hxxp://www.google.com
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npunagi2.dll (America Online, Inc.)
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-11-14]
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-01]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-22]
FF HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [846048 2012-04-27] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-12-29] (Adobe Systems) [File not signed]
S3 Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-11] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
S3 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [48368 2009-09-03] (NOS Microsystems Ltd.)
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 IAANTMon; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [86142 2005-04-25] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [163840 2006-01-04] (Alex Feinman) [File not signed]
R2 InCDsrvR; C:\Program Files\Ahead\InCD\InCDsrv.exe [869376 2005-04-12] (Nero AG) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2013-04-07] (NETGEAR)
S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [16512 2006-12-12] (Adaptec)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-11] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-08-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-11] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-06-23] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872 2014-08-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-11] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-11] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-11] ()
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [88352 2005-04-22] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2005-04-21] (Sonic Solutions) [File not signed]
R2 DVDAccss; C:\WINDOWS\System32\drivers\DVDAccss.sys [29156 2002-03-19] (Apple Computer, Inc.) [File not signed]
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 GKUPRO2D; C:\WINDOWS\System32\DRIVERS\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R0 HFXP2; C:\WINDOWS\System32\DRIVERS\HFXP2.SYS [17264 2007-01-23] (FSPro Labs)
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-02] (Ahead Software AG) [File not signed]
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-02] (Ahead Software AG) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [99456 2005-04-12] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29056 2005-04-12] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-04-12] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [28160 2005-04-12] (Nero AG) [File not signed]
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-01] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
S3 Jukebox3; C:\WINDOWS\System32\DRIVERS\ctpdusb.sys [16880 2004-05-18] (Creative Technology Ltd.)
R3 LCcfltr; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [14095 2004-03-03] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37887 2004-03-03] (Logitech, Inc.)
R3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (http://libusb-win32.sourceforge.net)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [19456 2004-11-02] (Intel Corporation ) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-06-28] (CACE Technologies, Inc.)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17217 2002-11-08] (Dell Computer Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-03-11] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2005-05-13] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2005-05-13] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86876 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15069 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-05-31] (Sonic Solutions) [File not signed]
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [125472 2013-09-14] (Acronis)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [83392 2013-09-14] (Acronis)
S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\ALSysIO.sys [X]
S3 bvrp_pci; No ImagePath
U2 CertPropSvc; No ImagePath
U5 itchfltr; C:\Windows\System32\Drivers\itchfltr.sys [12953 2004-03-10] (Logitech, Inc.)
S3 MFE_RR; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\mfe_rr.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-13] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:43 - 2015-01-26 18:44 - 00028105 _____ () C:\Documents and Settings\The Holt's\Desktop\FRST.txt
2015-01-26 18:42 - 2015-01-26 15:49 - 01120768 _____ (Farbar) C:\Documents and Settings\The Holt's\Desktop\FRST.exe
2015-01-26 18:40 - 2015-01-26 18:40 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-02.dmp
2015-01-26 05:30 - 2015-01-26 05:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-01.dmp
2015-01-25 16:21 - 2015-01-25 16:22 - 00000000 ____D () C:\Computer BSOD Bleepcomputer
2015-01-25 10:08 - 2015-01-25 10:15 - 00054647 _____ () C:\Documents and Settings\The Holt's\Desktop\Additionold.txt
2015-01-25 10:06 - 2015-01-26 18:43 - 00000000 ____D () C:\FRST
2015-01-25 10:06 - 2015-01-25 10:23 - 00056191 _____ () C:\Documents and Settings\The Holt's\Desktop\FRSTold.txt
2015-01-25 09:59 - 2015-01-25 09:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-02.dmp
2015-01-25 08:19 - 2015-01-25 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-01.dmp
2015-01-24 16:11 - 2015-01-24 16:11 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-05.dmp
2015-01-24 14:22 - 2015-01-24 15:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-01-24 14:21 - 2015-01-24 14:21 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-04.dmp
2015-01-24 14:09 - 2015-01-24 14:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-03.dmp
2015-01-24 13:30 - 2015-01-24 13:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-02.dmp
2015-01-24 08:12 - 2015-01-24 08:12 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-23 22:52 - 2015-01-23 22:52 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-04.dmp
2015-01-23 13:09 - 2015-01-23 13:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-03.dmp
2015-01-23 12:30 - 2015-01-23 12:30 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-01-23 10:30 - 2015-01-23 10:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-02.dmp
2015-01-23 07:36 - 2015-01-23 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel® Matrix Storage Manager
2015-01-23 05:45 - 2015-01-23 05:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-01.dmp
2015-01-22 18:42 - 2015-01-22 18:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-04.dmp
2015-01-22 17:36 - 2015-01-23 06:53 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\SUPERAntiSpyware.com
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-01-22 17:05 - 2015-01-22 17:05 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-03.dmp
2015-01-22 16:59 - 2015-01-24 14:22 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 16:59 - 2015-01-24 14:22 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-22 16:59 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-22 16:46 - 2015-01-22 16:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-02.dmp
2015-01-22 05:39 - 2015-01-22 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-01.dmp
2015-01-21 18:54 - 2015-01-21 18:54 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-06.dmp
2015-01-21 18:42 - 2015-01-21 18:42 - 00213192 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\97313061.sys
2015-01-21 17:49 - 2015-01-21 17:49 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-05.dmp
2015-01-21 06:17 - 2015-01-21 06:17 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-04.dmp
2015-01-21 06:06 - 2015-01-21 06:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-03.dmp
2015-01-21 06:02 - 2015-01-21 06:02 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-02.dmp
2015-01-21 06:00 - 2015-01-21 06:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\New Folder
2015-01-21 05:42 - 2015-01-21 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-01.dmp
2015-01-21 05:12 - 2015-01-21 05:19 - 00000000 ____D () C:\sfzone_profile
2015-01-20 22:45 - 2015-01-20 22:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-06.dmp
2015-01-20 22:42 - 2015-01-20 22:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-05.dmp
2015-01-20 22:04 - 2015-01-20 22:04 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-04.dmp
2015-01-20 21:13 - 2015-01-20 21:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-03.dmp
2015-01-20 19:03 - 2015-01-20 19:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-02.dmp
2015-01-20 05:42 - 2015-01-20 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-01.dmp
2015-01-19 20:41 - 2015-01-19 20:41 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-02.dmp
2015-01-19 05:42 - 2015-01-19 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-01.dmp
2015-01-18 21:10 - 2015-01-18 21:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-18 09:48 - 2015-01-18 09:48 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-03.dmp
2015-01-18 08:43 - 2015-01-18 08:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-02.dmp
2015-01-18 07:59 - 2015-01-18 07:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-01.dmp
2015-01-17 18:26 - 2015-01-17 18:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Elephant Games
2015-01-17 14:40 - 2015-01-17 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2015-01-17 14:39 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\WINDOWS\system32\CNC_C9L.dll
2015-01-17 14:39 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series User Registration
2015-01-17 14:38 - 2014-03-17 11:15 - 00380928 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2015-01-17 14:38 - 2014-03-17 11:15 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon Easy-WebPrint EX
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series Manual
2015-01-17 14:25 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9.DLL
2015-01-17 09:38 - 2015-01-17 09:38 - 00001979 _____ () C:\Documents and Settings\All Users\Desktop\Play Phantasmat - The Endless Night Collectors Edition.lnk
2015-01-17 09:35 - 2015-01-17 09:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Phantasmat - The Endless Night Collectors Edition
2015-01-17 09:24 - 2015-01-17 09:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-05.dmp
2015-01-17 08:46 - 2015-01-17 08:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-04.dmp
2015-01-17 08:19 - 2015-01-17 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-03.dmp
2015-01-17 06:56 - 2015-01-17 06:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-02.dmp
2015-01-17 06:43 - 2015-01-17 06:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2015-01-17 06:42 - 2015-01-17 06:42 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-01-17 06:32 - 2015-01-17 06:32 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-01.dmp
2015-01-16 18:13 - 2015-01-16 18:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-02.dmp
2015-01-16 05:39 - 2015-01-16 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-01.dmp
2015-01-15 18:41 - 2015-01-23 18:52 - 00010050 _____ () C:\WINDOWS\KB2900986.log
2015-01-15 18:06 - 2015-01-15 18:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011515-01.dmp
2015-01-14 20:55 - 2015-01-17 09:38 - 00000000 ____D () C:\Program Files\Phantasmat - The Endless Night Collectors Edition
2015-01-13 19:55 - 2015-01-13 20:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\margrave3_se
2015-01-11 14:45 - 2015-01-11 14:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJMIG
2015-01-11 14:44 - 2015-01-11 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJQuickMenu
2015-01-11 14:41 - 2013-12-02 12:58 - 00096000 _____ () C:\WINDOWS\system32\CNC177ED.TBL
2015-01-11 14:39 - 2015-01-17 14:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
2015-01-11 14:27 - 2015-01-17 14:25 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-11 14:27 - 2015-01-11 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonBJ
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(5).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(4).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(3).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(2).DLL
2015-01-10 07:35 - 2015-01-10 07:35 - 00001866 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Blackrow's Secret.lnk
2015-01-10 07:32 - 2015-01-10 07:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Blackrow's Secret
2015-01-10 07:32 - 2015-01-10 07:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Blackrow's Secret
2015-01-10 07:31 - 2015-01-10 07:31 - 00001889 _____ () C:\Documents and Settings\All Users\Desktop\Play Surface - Game of Gods Collectors Edition.lnk
2015-01-10 07:25 - 2015-01-10 07:31 - 00000000 ____D () C:\Program Files\Surface - Game of Gods Collectors Edition
2015-01-10 07:25 - 2015-01-10 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Surface - Game of Gods Collectors Edition
2015-01-10 07:20 - 2015-01-10 07:20 - 00002008 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Silent Hollow Collector's Edition.lnk
2015-01-10 07:14 - 2015-01-10 07:20 - 00000000 ____D () C:\Program Files\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-10 07:14 - 2015-01-10 07:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-07 21:42 - 2015-01-07 21:42 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-01-07 20:35 - 2015-01-07 20:35 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Hewlett-Packard
2015-01-07 20:32 - 2015-01-07 20:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-07 18:15 - 2015-01-07 18:15 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\Garmin
2015-01-07 18:08 - 2015-01-07 18:08 - 00000858 _____ () C:\WINDOWS\setupact.log
2015-01-07 18:08 - 2015-01-07 18:08 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-06 20:55 - 2015-01-26 06:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-06 06:13 - 2015-01-06 06:13 - 00001135 _____ () C:\Documents and Settings\The Holt's\Desktop\Dropbox.lnk
2015-01-06 06:13 - 2015-01-06 06:13 - 00000000 ____D () C:\Dropbox pics
2015-01-06 06:11 - 2015-01-06 06:12 - 00000000 ____D () C:\Program Files\Dropbox
2015-01-06 06:10 - 2015-01-06 06:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dropbox
2015-01-05 18:38 - 2015-01-05 18:38 - 00001552 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2015-01-05 18:38 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Program Files\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-05 18:37 - 2015-01-05 18:37 - 00000000 ____D () C:\Program Files\iPod
2015-01-04 21:17 - 2010-12-24 11:18 - 00001414 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150104-211735.backup
2014-12-30 21:35 - 2014-12-30 21:35 - 00001890 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Raincliffs Phantoms.lnk
2014-12-30 21:32 - 2014-12-30 21:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:32 - 2014-12-30 21:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:09 - 2014-12-30 21:09 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\Play Hidden Expedition - The Crown of Solomon.lnk
2014-12-30 21:06 - 2014-12-30 21:09 - 00000000 ____D () C:\Program Files\Hidden Expedition - The Crown of Solomon
2014-12-30 21:06 - 2014-12-30 21:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Hidden Expedition - The Crown of Solomon
2014-12-27 18:13 - 2015-01-15 19:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Eipix
2014-12-27 18:10 - 2014-12-27 18:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Boolat Games
2014-12-27 08:33 - 2014-12-27 08:33 - 00001780 _____ () C:\Documents and Settings\All Users\Desktop\Play Dreampath - The Two Kingdoms.lnk
2014-12-27 08:30 - 2014-12-27 08:33 - 00000000 ____D () C:\Program Files\Dreampath - The Two Kingdoms
2014-12-27 08:30 - 2014-12-27 08:30 - 00001937 _____ () C:\Documents and Settings\All Users\Desktop\Play Dark Parables - The Red Riding Hood Sisters.lnk
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dreampath - The Two Kingdoms
2014-12-27 08:25 - 2014-12-27 08:30 - 00000000 ____D () C:\Program Files\Dark Parables - The Red Riding Hood Sisters
2014-12-27 08:25 - 2014-12-27 08:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dark Parables - The Red Riding Hood Sisters
2014-12-27 08:20 - 2014-12-27 08:20 - 00002183 _____ () C:\Documents and Settings\All Users\Desktop\Play Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition.lnk
2014-12-27 08:16 - 2014-12-27 08:20 - 00000000 ____D () C:\Program Files\Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition
2014-12-27 08:16 - 2014-12-27 08:16 - 00001804 _____ () C:\Documents and Settings\All Users\Desktop\Play Christmas Stories - Nutcracker.lnk
2014-12-27 08:16 - 2014-12-27 08:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition
2014-12-27 08:13 - 2014-12-27 08:16 - 00000000 ____D () C:\Program Files\Christmas Stories - Nutcracker
2014-12-27 08:13 - 2014-12-27 08:13 - 00002231 _____ () C:\Documents and Settings\All Users\Desktop\Play Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition.lnk
2014-12-27 08:13 - 2014-12-27 08:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Christmas Stories - Nutcracker
2014-12-27 08:03 - 2014-12-27 08:13 - 00000000 ____D () C:\Program Files\Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition
2014-12-27 08:03 - 2014-12-27 08:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:44 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Temp
2015-01-26 18:41 - 2014-08-11 20:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-26 18:41 - 2014-08-11 20:36 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-26 18:41 - 2004-08-19 12:50 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-26 18:40 - 2014-01-07 19:05 - 00000568 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-01-26 18:40 - 2010-07-18 13:32 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-26 18:40 - 2007-09-18 17:30 - 202194944 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-26 18:40 - 2005-08-27 19:54 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-26 18:40 - 2004-08-19 13:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-26 17:57 - 2014-08-08 04:52 - 00131072 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-26 07:03 - 2014-11-29 22:43 - 04958588 ____N () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK
2015-01-26 07:03 - 2014-11-29 11:25 - 00302408 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-26 07:03 - 2014-08-11 20:36 - 00032290 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-26 07:03 - 2010-07-10 07:00 - 04958588 _____ () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF
2015-01-26 07:03 - 2005-08-23 20:51 - 00000278 ___SH () C:\Documents and Settings\The Holt's\ntuser.ini
2015-01-26 07:03 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's
2015-01-25 09:58 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung
2015-01-25 09:10 - 2010-06-29 05:32 - 00000000 ____D () C:\Canon Temp Pics
2015-01-25 09:10 - 2005-08-26 16:32 - 00000000 ____D () C:\Camping Info
2015-01-23 18:51 - 2013-08-15 04:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 18:36 - 2014-11-29 21:27 - 00260091 _____ () C:\WINDOWS\setupapi.log
2015-01-23 13:33 - 2010-07-18 13:32 - 00000296 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-23 12:58 - 2009-09-30 21:02 - 00000000 ____D () C:\Program Files\IObit
2015-01-23 12:45 - 2010-12-09 20:07 - 00000000 ____D () C:\Program Files\Java
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Program Files\Auslogics
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-01-23 12:39 - 2008-12-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2015-01-23 07:36 - 2005-08-17 08:31 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-22 17:32 - 2010-03-27 14:23 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple
2015-01-22 17:32 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\twain_32
2015-01-21 06:01 - 2007-01-28 16:36 - 00000000 ____D () C:\eBay pics
2015-01-21 05:17 - 2013-06-30 07:40 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-01-20 22:52 - 2013-08-25 21:41 - 00000000 ____D () C:\AdwCleaner
2015-01-20 22:45 - 2009-06-25 21:08 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-20 06:55 - 2004-08-19 13:03 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-01-20 06:18 - 2012-11-08 18:59 - 00000000 ____D () C:\Robs health info
2015-01-19 21:15 - 2005-09-17 06:13 - 00000116 ____C () C:\WINDOWS\NeroDigital.ini
2015-01-18 21:11 - 2012-04-26 21:41 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-18 10:55 - 2010-06-29 05:30 - 00000000 ____D () C:\Craigslist pics
2015-01-18 08:32 - 2007-09-18 10:29 - 00000210 ___SH () C:\boot.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000864 _____ () C:\WINDOWS\win.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-18 08:25 - 2010-09-11 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-01-17 22:47 - 2012-08-26 21:50 - 02804130 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-359015350-2660976701-2151963389-1005-0.dat
2015-01-17 22:47 - 2012-08-26 21:50 - 00307178 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-01-17 20:56 - 2014-12-07 18:27 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Blue Tea Games
2015-01-17 18:26 - 2014-09-06 05:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Elephant Games
2015-01-17 14:43 - 2008-10-19 17:28 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon
2015-01-17 14:42 - 2008-10-19 17:24 - 00000000 ____D () C:\Program Files\Canon
2015-01-17 14:40 - 2008-10-19 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2015-01-17 14:39 - 2013-12-13 18:58 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-17 14:39 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\Media
2015-01-17 09:00 - 2012-07-10 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Deployment
2015-01-17 09:00 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dell
2015-01-17 08:30 - 2010-09-11 12:44 - 00017318 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-01-17 08:08 - 2010-05-01 22:14 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 07:57 - 2004-08-19 13:02 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-17 06:51 - 2005-08-24 17:20 - 00084688 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-17 06:44 - 2004-08-19 12:57 - 00309192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 06:43 - 2010-09-11 12:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-17 06:43 - 2010-09-11 12:47 - 00000000 ____D () C:\Program Files\HP
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-17 06:41 - 2013-05-11 12:41 - 00000000 ____D () C:\Program Files\Belarc
2015-01-15 18:08 - 2009-08-21 05:48 - 00011322 _____ () C:\VEW.txt
2015-01-11 16:11 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 3
2015-01-11 14:50 - 2014-09-01 05:53 - 00000000 ____D () C:\Amelia stuff
2015-01-11 14:50 - 2012-06-27 16:56 - 00000000 ___RD () C:\Documents and Settings\The Holt's\My Documents\HP Photo Creations
2015-01-11 12:12 - 2005-08-26 16:32 - 00000000 ____D () C:\Katy's Miscellaneous
2015-01-09 21:27 - 2013-11-03 20:20 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Dropbox
2015-01-07 22:11 - 2012-06-12 04:37 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-07 22:11 - 2011-08-23 18:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-07 21:42 - 2010-09-11 12:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\HpUpdate
2015-01-07 21:17 - 2014-11-15 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Garmin
2015-01-07 21:17 - 2013-08-08 20:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Program Files\Garmin
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
2015-01-07 21:17 - 2012-08-26 09:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Garmin
2015-01-07 21:17 - 2005-08-27 13:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Adobe
2015-01-07 20:46 - 2013-02-23 20:20 - 00208331 ____C () C:\WINDOWS\hpoins41.dat.temp
2015-01-07 18:22 - 2014-01-18 14:59 - 00000000 ____D () C:\Health stuff
2015-01-06 05:59 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 2
2015-01-05 19:55 - 2013-11-03 20:23 - 00000000 ___RD () C:\Dropbox
2015-01-05 18:45 - 2006-02-15 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2015-01-05 18:45 - 2006-02-15 07:24 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-05 18:37 - 2014-05-28 21:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-01-05 18:37 - 2010-12-09 21:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-03 18:14 - 2014-08-08 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ATI
2015-01-03 18:13 - 2010-06-20 15:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\WDC
2015-01-03 18:12 - 2013-06-28 16:32 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\NETGEARGenie
2015-01-03 18:02 - 2014-08-02 10:58 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\.minecraft
2015-01-02 18:14 - 2005-08-27 11:54 - 00002477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2015-01-01 11:26 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 13
2015-01-01 11:25 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 4
2015-01-01 11:22 - 2007-12-02 14:33 - 00000000 ____D () C:\Dung Temp 2
2015-01-01 11:21 - 2012-02-20 12:24 - 00000000 ____D () C:\Dung screensaver
2015-01-01 11:20 - 2005-08-25 17:34 - 00000000 ____D () C:\Pics
2015-01-01 11:14 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 12
2015-01-01 11:12 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 11
2015-01-01 11:09 - 2014-03-09 18:34 - 00000000 ____D () C:\Nomad stuff
2015-01-01 11:09 - 2008-11-15 16:49 - 00000000 ____D () C:\Dung 10
2015-01-01 11:07 - 2011-10-02 17:19 - 00000000 ____D () C:\Dung 5
2014-12-31 13:15 - 2005-08-24 05:09 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2005-09-08 17:35 - 2005-09-08 17:35 - 0774144 ____C (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2005-09-04 14:20 - 2005-09-04 14:20 - 0000251 ____C () C:\Program Files\wt3d.ini
1998-12-09 01:53 - 1998-12-09 01:53 - 0099840 _____ (Symantec Corp.) C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0017920 _____ (Symantec Corp.) C:\Program Files\Common Files\IRASRIAL.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAWEBTR.DLL
2005-10-27 13:02 - 2005-10-27 13:02 - 0000187 _____ () C:\Documents and Settings\The Holt's\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2008-06-21 07:27 - 2008-06-21 07:27 - 0001024 _____ () C:\Documents and Settings\The Holt's\Application Data\WavCodec.wff
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.bmp
2006-02-01 18:09 - 2009-11-22 17:23 - 0004694 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.ini
2006-02-01 18:09 - 2010-09-16 18:00 - 0092406 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cal.bmp
2011-06-19 19:03 - 2011-06-19 20:02 - 0000580 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cookies.ini
2005-08-31 06:02 - 2013-06-14 18:52 - 0049664 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-03-04 11:08 - 2006-03-04 11:08 - 0000085 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\FASTWiz.log
2005-08-23 20:51 - 2005-08-24 19:26 - 0000133 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\fusioncache.dat
2006-02-01 18:09 - 2010-09-16 18:39 - 0000879 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ScreenSaver.ini
2006-02-01 18:17 - 2009-12-22 09:09 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ssprep.bmp
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\sswpprep.bmp

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

 

 

 

ADDITION LOG:

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by The Holt's at 2015-01-26 18:45:40
Running from C:\Documents and Settings\The Holt's\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9488E0FA-F058-4673-850E-E755F112BABC}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acronis True Image WD Edition (HKLM\...\{9B683A28-2172-4CF1-B85D-41375E80652A}) (Version: 13.0.14184 - Acronis)
AdMission Photo Uploader (HKLM\...\AdMission Photo Uploader) (Version:  - )
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop 5.0 Limited Edition (HKLM\...\Adobe Photoshop 5.0 Limited Edition) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\23ab716f18849b6f) (Version: 2.4.2013.3290 - Amazon)
Amazon Games & Software Downloader (HKLM\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{9C8D1ACD-1B98-9A30-42C4-B63781BD4613}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 2.6.7 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
avast! Internet Security (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C309g-m (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM\...\Canon MG6600 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG6600 series User Registration (HKLM\...\Canon MG6600 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Christmas Stories 3: Hans Christian Andersen's Tin Soldier Collector's Edition (HKLM\...\BFG-Christmas Stories 3 - Hans Christian Andersens Tin Soldier Collectors Edition) (Version:  - )
Christmas Stories: Nutcracker (HKLM\...\BFG-Christmas Stories - Nutcracker) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Jukebox Driver (HKLM\...\Creative Jukebox Driver) (Version:  - )
Dark Parables: Curse of Briar Rose Collector's Edition (HKLM\...\BFG-Dark Parables - Curse of Briar Rose Collector's Edition) (Version:  - )
Dark Parables: Jack and the Sky Kingdom (HKLM\...\BFG-Dark Parables - Jack and the Sky Kingdom) (Version:  - )
Dark Parables: Rise of the Snow Queen Collector's Edition (HKLM\...\BFG-Dark Parables - Rise of the Snow Queen Collector's Edition) (Version:  - )
Dark Parables: The Exiled Prince Collector's Edition (HKLM\...\BFG-Dark Parables - The Exiled Prince Collector's Edition) (Version:  - )
Dark Parables: The Final Cinderella (HKLM\...\BFG-Dark Parables - The Final Cinderella) (Version:  - )
Dark Parables: The Little Mermaid and the Purple Tide Collector's Edition (HKLM\...\BFG-Dark Parables - The Little Mermaid and the Purple Tide Collectors Edition) (Version:  - )
Dark Parables: The Red Riding Hood Sisters (HKLM\...\BFG-Dark Parables - The Red Riding Hood Sisters) (Version:  - )
Dark Realm: Queen of Flames Collector's Edition (HKLM\...\BFG-Dark Realm - Queen of Flames Collectors Edition) (Version:  - )
Data Lifeguard Diagnostic for Windows 1.24 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Detect - 1  (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell System Detect (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell System Detect Bootstrapper (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DiskCheckup v3.1 (HKLM\...\DiskCheckup_is1) (Version: 3.1.1004 - PassMark Software)
Dreampath: The Two Kingdoms (HKLM\...\BFG-Dreampath - The Two Kingdoms) (Version:  - )
Dropbox (HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
DVD@ccess 1.5 (HKLM\...\{2B34414C-14FB-11D6-A329-0050045C24B2}) (Version:  - )
Echoes of the Past: Wolf Healer (HKLM\...\BFG-Echoes of the Past - Wolf Healer) (Version:  - )
Elevated Installer (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FastStone Image Viewer 4.7 (HKLM\...\FastStone Image Viewer) (Version: 4.7 - FastStone Soft)
Fear for Sale: The 13 Keys Collector's Edition (HKLM\...\BFG-Fear for Sale - The 13 Keys Collectors Edition) (Version:  - )
Firehand Ember Millennium (HKLM\...\Firehand Ember Millennium) (Version:  - )
Fitbit Connect (HKLM\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GetDiz 3.0 (HKLM\...\GetDiz 3.0) (Version: 3.0 - Outer Technologies)
getPlus® for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.29 - NOS Microsystems Ltd.)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Grim Tales: Bloody Mary (HKLM\...\BFG-Grim Tales - Bloody Mary) (Version:  - )
Grim Tales: The Vengeance (HKLM\...\BFG-Grim Tales - The Vengeance) (Version:  - )
Hidden Expedition: The Crown of Solomon (HKLM\...\BFG-Hidden Expedition - The Crown of Solomon) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HostsMan 3.2.73 (HKLM\...\{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}) (Version: 3.2.73 - abelhadigital.com)
House of 1000 Doors - Family Secrets (HKLM\...\House of 1000 Doors - Family Secrets_is1) (Version:  - )
House of 1000 Doors: Serpent Flame (HKLM\...\BFG-House of 1000 Doors - Serpent Flame) (Version:  - )
House of 1000 Doors: The Palm of Zoroaster (HKLM\...\BFG-House of 1000 Doors - The Palm of Zoroaster) (Version:  - )
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version:  - )
Intel® PRO Network Connections Software v9.2.4.11 (HKLM\...\PROSetDX) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
ISO Recorder (HKLM\...\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}) (Version: 2.0.0 - Alex Feinman)
iSofter DVD Audio Ripper Deluxe 3.0.2007.228 (HKLM\...\iSofter DVD Audio Ripper Deluxe_is1) (Version:  - iSofter, Inc.)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Living Legends: Frozen Beauty (HKLM\...\BFG-Living Legends - Frozen Beauty) (Version:  - )
Logitech iTouch Software (HKLM\...\{036AA4D4-6D32-11D4-9875-00105ACE7734}) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition (HKLM\...\{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}) (Version: 1.1.0.2423 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Modem Event Monitor (HKLM\...\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}) (Version:  - )
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
MotionDV STUDIO 5.3E LE for DV (HKLM\...\{43F8F1E5-C740-4293-A309-EA9DD6474DB1}) (Version:  - )
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 35.0 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 WAV Converter 3.05 (HKLM\...\MP3 WAV Converter 3.05) (Version:  - )
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Mystery Case Files &reg;: 13th Skull ™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - 13th Skull Collector's Edition) (Version:  - )
Mystery Case Files&reg;: Dire Grove™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - Dire Grove Collector's Edition) (Version:  - )
Mystery Case Files&reg;: Fate's Carnival (HKLM\...\BFG-Mystery Case Files - Fates Carnival) (Version:  - )
Mystery Case Files: Dire Grove, Sacred Grove Collector's Edition (HKLM\...\BFG-MCF - Dire Grove Sacred Grove CE) (Version:  - )
Mystery Case Files: Huntsville ™ (HKLM\...\BFG-Mystery Case Files - Huntsville) (Version:  - )
Mystery Case Files: Madame Fate &reg; (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version:  - )
Mystery of the Ancients: Three Guardians (HKLM\...\BFG-Mystery of the Ancients - Three Guardians) (Version:  - )
Mystery Trackers: Blackrow's Secret (HKLM\...\BFG-Mystery Trackers - Blackrow's Secret) (Version:  - )
Mystery Trackers: Raincliff's Phantoms (HKLM\...\BFG-Mystery Trackers - Raincliffs Phantoms) (Version:  - )
Mystery Trackers: Silent Hollow Collector's Edition (HKLM\...\BFG-Mystery Trackers - Silent Hollow Collector's Edition) (Version:  - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.28.24.exe  - NETGEAR Inc.)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
NirSoft WinUpdatesList (HKLM\...\NirSoft WinUpdatesList) (Version:  - )
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
Olympus Digital Wave Player (HKLM\...\{FB91E774-867B-4567-ACE7-8144EF036068}) (Version:  - )
Phantasmat: The Endless Night Collector's Edition (HKLM\...\BFG-Phantasmat - The Endless Night Collectors Edition) (Version:  - )
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PlayStation®Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.9.4.14625 - Sony Computer Entertainment Inc.)
PowerDVD 5.9 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PS_AIO_06_C309g-m_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Queen's Tales: The Beast and the Nightingale (HKLM\...\BFG-Queens Tales - The Beast and the Nightingale) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rite of Passage: Hide and Seek (HKLM\...\BFG-Rite of Passage - Hide and Seek) (Version:  - )
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Skins (Version: 2013.0830.304.3566 - Advanced Micro Devices, Inc.) Hidden
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic Audio module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.98 - Sonic Solutions)
Sonic DVD for Photo Story 3 for Windows (HKLM\...\{0749256F-E98D-4EF1-A15B-AED26BCC1DC8}) (Version:  - )
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sony Media Manager 2.0 (HKLM\...\{47D2D455-2C1C-4922-A520-3E3466D783E1}) (Version: 2.0.40 - Sony)
Sound Blaster Audigy 2 ZS (HKLM\...\{9E2514D9-DC24-4634-B348-61F3EF0F1628}) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Surface: Game of Gods Collector's Edition (HKLM\...\BFG-Surface - Game of Gods Collectors Edition) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
The Master Genealogist (for All Users) (HKLM\...\The Master Genealogist (for All Users)) (Version: 5.x - Wholly Genes Software)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
True Fear: Forsaken Souls (HKLM\...\BFG-True Fear - Forsaken Souls) (Version:  - )
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 2.1.0f5_16147 - Unity Technologies ApS)
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Video Stream Driver for Panasonic DVC (HKLM\...\InstallShield_{9A97D672-6C93-4DFA-B527-DE005A761495}) (Version: 1.00.0000 - Panasonic)
Video Stream Driver for Panasonic DVC (Version: 1.00.0000 - Panasonic) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 24.1.2012 - BillP Studios)
WinZip (HKLM\...\WinZip) (Version:  9.0 SR-1 (6224) - WinZip Computing, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{05716308-1784-4166-942E-0A09F1DE83D1}\localserver32 -> C:\Program Files\Acronis\TrueImageHome\aszbrowsehelper.exe (Acronis)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\The Holt's\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-359015350-2660976701-2151963389-1005_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\The Holt's\Local Settings\Application Data\Google\Update\1.3.21.111\psuser (the data entry has 12 more characters).

==================== Restore Points  =========================

17-12-2014 21:33:13 System Checkpoint
19-12-2014 05:58:07 System Checkpoint
20-12-2014 07:51:19 System Checkpoint
21-12-2014 08:45:43 System Checkpoint
22-12-2014 18:55:13 System Checkpoint
23-12-2014 19:56:52 System Checkpoint
24-12-2014 20:20:18 System Checkpoint
25-12-2014 21:03:16 System Checkpoint
26-12-2014 21:59:42 System Checkpoint
28-12-2014 07:24:25 System Checkpoint
31-12-2014 16:14:44 System Checkpoint
01-01-2015 16:46:15 System Checkpoint
02-01-2015 18:40:07 System Checkpoint
05-01-2015 02:05:19 System Checkpoint
06-01-2015 19:36:34 System Checkpoint
07-01-2015 18:11:03 Garmin Express
07-01-2015 18:12:42 Garmin Express
07-01-2015 20:32:10 Installed HP Support Solutions Framework
07-01-2015 21:17:18 Restore Operation
07-01-2015 21:42:38 Removed HP Update.
07-01-2015 21:46:42 Installed HP Support Solutions Framework
09-01-2015 06:17:57 System Checkpoint
10-01-2015 10:04:17 System Checkpoint
11-01-2015 10:42:47 System Checkpoint
11-01-2015 15:05:55 Removed HP Support Solutions Framework
11-01-2015 15:06:29 Removed HP Update.
12-01-2015 18:41:01 System Checkpoint
14-01-2015 06:21:22 System Checkpoint
15-01-2015 18:25:55 Software Distribution Service 3.0
16-01-2015 22:38:06 System Checkpoint
17-01-2015 06:39:47 Restore Operation
17-01-2015 08:03:54 Restore Operation
17-01-2015 08:09:56 Restore Operation
17-01-2015 08:21:31 Revo Uninstaller's restore point - Belarc Advisor 8.3
17-01-2015 08:23:41 Revo Uninstaller's restore point - Belarc Advisor 8.3
17-01-2015 08:25:28 Revo Uninstaller's restore point - HP CD Labeler II
17-01-2015 08:26:32 Revo Uninstaller's restore point - HP Customer Participation Program 14.0
17-01-2015 08:27:29 Revo Uninstaller's restore point - HP Imaging Device Functions 14.0
17-01-2015 08:28:14 Revo Uninstaller's restore point - HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6
17-01-2015 08:29:17 Revo Uninstaller's restore point - HP Smart Web Printing 4.60
17-01-2015 08:30:00 Revo Uninstaller's restore point - HP Solution Center 14.0
17-01-2015 08:30:50 Revo Uninstaller's restore point - HP Support Solutions Framework
17-01-2015 08:32:04 Revo Uninstaller's restore point - HP Support Solutions Framework
17-01-2015 08:32:45 Revo Uninstaller's restore point - HP Update
17-01-2015 08:32:55 Removed HP Update.
17-01-2015 08:34:17 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 08:23:09 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 08:25:00 Revo Uninstaller's restore point - HP Photo Creations
18-01-2015 08:26:22 Revo Uninstaller's restore point - HP Support Solutions Framework
18-01-2015 10:35:24 Revo Uninstaller's restore point - HP Support Solutions Framework
20-01-2015 06:34:55 System Checkpoint
21-01-2015 19:15:48 System Checkpoint
22-01-2015 21:44:54 System Checkpoint
23-01-2015 12:29:48 Revo Uninstaller's restore point - Advanced SystemCare 7
23-01-2015 12:33:13 Revo Uninstaller's restore point - Driver Booster
23-01-2015 12:34:59 Revo Uninstaller's restore point - IObit Uninstaller
23-01-2015 12:39:00 Revo Uninstaller's restore point - Auslogics BoostSpeed
23-01-2015 12:42:04 Revo Uninstaller's restore point - Java 7 Update 71
23-01-2015 12:42:36 Removed Java 7 Update 71
23-01-2015 12:46:02 Revo Uninstaller's restore point - Macromedia Flash Player
23-01-2015 12:46:11 Removed Macromedia Flash Player
23-01-2015 12:46:59 Revo Uninstaller's restore point - Macromedia Shockwave Player
23-01-2015 18:37:56 Software Distribution Service 3.0
24-01-2015 21:43:06 System Checkpoint
26-01-2015 06:37:41 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-12-11 20:19 - 2010-12-24 11:18 - 00001414 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\The Holt's\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2014-06-22 19:28 - 2014-08-11 20:47 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-26 17:57 - 2015-01-26 17:57 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012601\algo.dll
2014-08-30 10:57 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-30 10:57 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2010-12-10 18:59 - 2011-04-14 17:01 - 00548854 ____N () C:\program files\billp studios\winpatrol\sqlite3.dll
2014-06-22 19:28 - 2014-08-11 20:47 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 11:22 - 2010-03-16 11:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-30 02:03 - 2013-08-30 02:03 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:103E96B0
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:10DB9BB7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2701CA70
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2BFBA0B7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2DB4FB78
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2F0A4DCE
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2F522D1F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:3BDF57F4
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:494E4266
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:4B6A9FDA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:553056F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5559517D
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:566B9179
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:57B2B96C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:58306E4C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:60E755E6
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:63C48B80
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:641A21EA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:699EFEED
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:6DEB5611
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7687A3E3
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7F477B0D
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8751B175
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:88C5973F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8927A071
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8CFF4966
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A81A3C86
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B0456F0C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:BCFEA004
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C04D2B44
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C1D3D9A3
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C76D8487
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D5E3E8C4
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E402E439
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E534B4D1
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F83E8359
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FAFEC4B9
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FE1665C7
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:FFA396CD

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71555656.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71555656.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Device Detector 3.lnk => C:\WINDOWS\pss\Device Detector 3.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD@ccess.lnk => C:\WINDOWS\pss\DVD@ccess.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Symantec Fax Starter Edition Port.lnk => C:\WINDOWS\pss\Symantec Fax Starter Edition Port.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wallpaper Changer.lnk => C:\WINDOWS\pss\Wallpaper Changer.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\WINDOWS\pss\WDDMStatus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WPChanger.lnk => C:\WINDOWS\pss\WPChanger.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^The Holt's^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^The Holt's^Start Menu^Programs^Startup^TA_Start.lnk =>
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Documents and Settings\The Holt's\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonGSDownloaderTray => C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: Creative Detector =>
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Microsoft Default Manager =>
MSCONFIG\startupreg: MSN Toolbar =>
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: RealTray =>
MSCONFIG\startupreg: worvedwlvb => regsvr32.exe /s "C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple\worvedwlvb.dll"
MSCONFIG\startupreg: zBrowser Launcher => C:\Program Files\Logitech\iTouch\iTouch.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-359015350-2660976701-2151963389-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-359015350-2660976701-2151963389-1006 - Limited - Enabled)
Guest (S-1-5-21-359015350-2660976701-2151963389-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-359015350-2660976701-2151963389-1004 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-359015350-2660976701-2151963389-1002 - Limited - Disabled)
The Holt's (S-1-5-21-359015350-2660976701-2151963389-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\The Holt's

==================== Faulty Device Manager Devices =============

Name: Samsung CF Card       CF USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Samsung MS Card       MS USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Samsung SM/XD Card    SM USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 10:49:46 PM) (Source: Microsoft Management Console) (EventID: 1000) (User: )
Description: mmc.exe5.2.3790.4136ntdll.dll0.0.0.000064879

Error: (01/22/2015 04:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.1.711, faulting module mbam.exe, version 1.0.1.711, fault address 0x001dc060.
Processing media-specific event for [mbam.exe!ws!]

Error: (01/20/2015 11:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.1.711, faulting module mbamcore.dll, version 1.1.20.0, fault address 0x0003ec90.
Processing media-specific event for [mbam.exe!ws!]

Error: (01/08/2015 08:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (01/08/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (12/22/2014 05:52:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application queenstales_thebeastandthenightingale_se.exe, version 0.0.0.0, faulting module queenstales_thebeastandthenightingale_se.exe, version 0.0.0.0, fault address 0x002c725a.
Processing media-specific event for [queenstales_thebeastandthenightingale_se.exe!ws!]

Error: (12/12/2014 06:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0014c493.
Processing media-specific event for [iexplore.exe!ws!]

Error: (12/03/2014 08:05:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x06222398.
Processing media-specific event for [iexplore.exe!ws!]

Error: (12/03/2014 06:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 33.1.0.5423, faulting module mozalloc.dll, version 33.1.0.5423, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (11/26/2014 05:37:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x5c223df5.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (01/24/2015 03:03:24 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/24/2015 02:24:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
BANTExt
Fips
intelppm
SASDIFSV
SASKUTIL

Error: (01/24/2015 02:22:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/23/2015 10:41:51 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000369ntuser.iniHarddiskVolume2

Error: (01/22/2015 05:33:52 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (01/22/2015 05:32:28 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/22/2015 05:07:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
BANTExt
Fips
intelppm

Error: (01/22/2015 05:05:38 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/21/2015 05:19:05 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/21/2015 05:05:41 AM) (Source: DCOM) (EventID: 10005) (User: LUVTOHIKE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (01/23/2015 10:49:46 PM) (Source: Microsoft Management Console) (EventID: 1000) (User: )
Description: mmc.exe5.2.3790.4136ntdll.dll0.0.0.000064879

Error: (01/22/2015 04:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711mbam.exe1.0.1.711001dc060

Error: (01/20/2015 11:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711mbamcore.dll1.1.20.00003ec90

Error: (01/08/2015 08:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425

Error: (01/08/2015 08:37:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425

Error: (12/22/2014 05:52:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: queenstales_thebeastandthenightingale_se.exe0.0.0.0queenstales_thebeastandthenightingale_se.exe0.0.0.0002c725a

Error: (12/12/2014 06:23:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.235880014c493

Error: (12/03/2014 08:05:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.006222398

Error: (12/03/2014 06:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/26/2014 05:37:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.05c223df5


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 20%
Total physical RAM: 3326.09 MB
Available physical RAM: 2656.89 MB
Total Pagefile: 6487.87 MB
Available Pagefile: 5894.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.06 MB

==================== Drives ================================

Drive c: (Local Disk) (Fixed) (Total:902.2 GB) (Free:735.94 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive g: (My Book) (Fixed) (Total:465.11 GB) (Free:332.63 GB) NTFS
Drive j: (Back Up) (Fixed) (Total:232.88 GB) (Free:82.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7724CF55)
Partition 1: (Not Active) - (Size=291 MB) - (Type=DE)
Partition 2: (Active) - (Size=902.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=DB)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 25134A89)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.1 GB) (Disk ID: 000487A0)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 27 January 2015 - 11:40 AM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 27 January 2015 - 05:48 PM

Sorry for the delay.  Here are the logs.  Hope you find something M.  Many thanks for your time...

 

AdwCleaner:

 

# AdwCleaner v4.109 - Report created 27/01/2015 at 09:21:59
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : The Holt's - LUVTOHIKE
# Running from : C:\Documents and Settings\The Holt's\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [1182 octets] - [25/08/2013 21:41:23]
AdwCleaner[R10].txt - [2508 octets] - [20/01/2015 21:17:06]
AdwCleaner[R11].txt - [1792 octets] - [20/01/2015 22:48:28]
AdwCleaner[R12].txt - [1999 octets] - [27/01/2015 09:16:38]
AdwCleaner[R1].txt - [1501 octets] - [15/09/2013 19:51:47]
AdwCleaner[R2].txt - [1147 octets] - [22/09/2013 08:04:39]
AdwCleaner[R3].txt - [1207 octets] - [01/10/2013 04:12:34]
AdwCleaner[R4].txt - [1626 octets] - [17/11/2013 09:23:57]
AdwCleaner[R5].txt - [3663 octets] - [08/06/2014 08:10:58]
AdwCleaner[R6].txt - [1937 octets] - [23/11/2014 20:26:49]
AdwCleaner[R7].txt - [1494 octets] - [26/12/2014 18:46:39]
AdwCleaner[R8].txt - [2268 octets] - [26/12/2014 18:54:51]
AdwCleaner[R9].txt - [363 octets] - [20/01/2015 21:08:47]
AdwCleaner[S0].txt - [1251 octets] - [25/08/2013 21:43:23]
AdwCleaner[S1].txt - [1570 octets] - [15/09/2013 20:03:17]
AdwCleaner[S2].txt - [1693 octets] - [17/11/2013 09:39:13]
AdwCleaner[S3].txt - [3752 octets] - [08/06/2014 08:12:41]
AdwCleaner[S4].txt - [2012 octets] - [23/11/2014 20:43:31]
AdwCleaner[S5].txt - [2502 octets] - [20/01/2015 21:22:15]
AdwCleaner[S6].txt - [1922 octets] - [27/01/2015 09:21:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1982 octets] ##########
 

 

 

Malawarebytes Log file:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/27/2015
Scan Time: 9:52:28 AM
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.27.07
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: The Holt's

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 421240
Time Elapsed: 28 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

JRT Log file:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by The Holt's on Tue 01/27/2015 at 10:24:38.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193}



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pcdr"
Successfully deleted: [Folder] "C:\Documents and Settings\The Holt's\Application Data\pcdr"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/27/2015 at 10:51:13.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

FRST Log file:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by The Holt's (administrator) on LUVTOHIKE on 27-01-2015 14:33:35
Running from C:\Documents and Settings\The Holt's\Desktop
Loaded Profiles: The Holt's (Available profiles: The Holt's & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCDsrv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPatrol] => c:\program files\billp studios\winpatrol\winpatrol.exe [400480 2012-01-30] (BillP Studios)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [139264 2005-04-25] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => c:\program files\creative\sbaudigy2zs\surround mixer\ctsysvol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\cthelper.exe [19456 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon:  [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [NoDriveAutoRun] 0x67FFFF03
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
Toolbar: HKU\S-1-5-21-359015350-2660976701-2151963389-1005 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} -  No File
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15030/CTSUEng.cab
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.5.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://webprod.vcccd.net/iNotes6W.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} http://webprod.vcccd.net/dwa7W.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609
FF NewTab: hxxp://www.google.com
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npunagi2.dll (America Online, Inc.)
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-11-14]
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-01]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-22]
FF HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-27]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [846048 2012-04-27] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-12-29] (Adobe Systems) [File not signed]
S3 Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-11] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
S3 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [48368 2009-09-03] (NOS Microsystems Ltd.)
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 IAANTMon; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [86142 2005-04-25] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [163840 2006-01-04] (Alex Feinman) [File not signed]
R2 InCDsrvR; C:\Program Files\Ahead\InCD\InCDsrv.exe [869376 2005-04-12] (Nero AG) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2013-04-07] (NETGEAR)
S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [16512 2006-12-12] (Adaptec)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-27] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2015-01-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-27] (AVAST Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [253640 2015-01-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-27] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-27] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-27] ()
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [88352 2005-04-22] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2005-04-21] (Sonic Solutions) [File not signed]
R2 DVDAccss; C:\WINDOWS\System32\drivers\DVDAccss.sys [29156 2002-03-19] (Apple Computer, Inc.) [File not signed]
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 GKUPRO2D; C:\WINDOWS\System32\DRIVERS\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R0 HFXP2; C:\WINDOWS\System32\DRIVERS\HFXP2.SYS [17264 2007-01-23] (FSPro Labs)
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-02] (Ahead Software AG) [File not signed]
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-02] (Ahead Software AG) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [99456 2005-04-12] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29056 2005-04-12] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-04-12] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [28160 2005-04-12] (Nero AG) [File not signed]
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-01] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
S3 Jukebox3; C:\WINDOWS\System32\DRIVERS\ctpdusb.sys [16880 2004-05-18] (Creative Technology Ltd.)
R3 LCcfltr; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [14095 2004-03-03] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37887 2004-03-03] (Logitech, Inc.)
R3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-27] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [19456 2004-11-02] (Intel Corporation ) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-06-28] (CACE Technologies, Inc.)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17217 2002-11-08] (Dell Computer Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-03-11] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2005-05-13] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2005-05-13] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86876 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15069 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-05-31] (Sonic Solutions) [File not signed]
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [125472 2013-09-14] (Acronis)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [83392 2013-09-14] (Acronis)
S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\ALSysIO.sys [X]
S3 bvrp_pci; No ImagePath
U2 CertPropSvc; No ImagePath
U5 itchfltr; C:\Windows\System32\Drivers\itchfltr.sys [12953 2004-03-10] (Logitech, Inc.)
S3 MFE_RR; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\mfe_rr.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-13] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 11:06 - 2015-01-27 11:06 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-27 11:06 - 2015-01-27 11:06 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-27 11:06 - 2015-01-27 11:06 - 00000000 ____D () C:\WINDOWS\LastGood
2015-01-27 11:06 - 2015-01-27 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-01-27 10:51 - 2015-01-27 10:54 - 00001451 _____ () C:\Documents and Settings\The Holt's\Desktop\JRT.txt
2015-01-27 10:24 - 2015-01-27 10:24 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-27 10:22 - 2015-01-27 10:23 - 00001069 _____ () C:\Documents and Settings\The Holt's\Desktop\Malwarebytes.txt
2015-01-27 09:43 - 2015-01-27 09:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012715-02.dmp
2015-01-27 09:36 - 2015-01-27 09:44 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 09:35 - 2015-01-27 09:35 - 00000787 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-27 09:35 - 2015-01-27 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-27 09:35 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-27 09:35 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-27 09:33 - 2015-01-27 09:33 - 00002062 _____ () C:\Documents and Settings\The Holt's\Desktop\AdwCleaner[S6].txt
2015-01-27 09:10 - 2015-01-27 09:10 - 01707939 _____ (Thisisu) C:\Documents and Settings\The Holt's\Desktop\JRT.exe
2015-01-27 09:09 - 2015-01-27 09:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\The Holt's\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-27 09:00 - 2015-01-27 09:00 - 02194432 _____ () C:\Documents and Settings\The Holt's\Desktop\AdwCleaner.exe
2015-01-27 05:07 - 2015-01-27 05:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-27 05:03 - 2015-01-27 05:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012715-01.dmp
2015-01-26 18:45 - 2015-01-26 18:49 - 00054925 _____ () C:\Documents and Settings\The Holt's\Desktop\Addition.txt
2015-01-26 18:43 - 2015-01-27 14:34 - 00028479 _____ () C:\Documents and Settings\The Holt's\Desktop\FRST.txt
2015-01-26 18:42 - 2015-01-26 15:49 - 01120768 _____ (Farbar) C:\Documents and Settings\The Holt's\Desktop\FRST.exe
2015-01-26 18:40 - 2015-01-26 18:40 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-02.dmp
2015-01-26 05:30 - 2015-01-26 05:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-01.dmp
2015-01-25 16:21 - 2015-01-25 16:22 - 00000000 ____D () C:\Computer BSOD Bleepcomputer
2015-01-25 10:08 - 2015-01-25 10:15 - 00054647 _____ () C:\Documents and Settings\The Holt's\Desktop\Additionold.txt
2015-01-25 10:06 - 2015-01-27 14:33 - 00000000 ____D () C:\FRST
2015-01-25 10:06 - 2015-01-25 10:23 - 00056191 _____ () C:\Documents and Settings\The Holt's\Desktop\FRSTold.txt
2015-01-25 09:59 - 2015-01-25 09:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-02.dmp
2015-01-25 08:19 - 2015-01-25 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-01.dmp
2015-01-24 16:11 - 2015-01-24 16:11 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-05.dmp
2015-01-24 14:22 - 2015-01-24 15:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-01-24 14:21 - 2015-01-24 14:21 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-04.dmp
2015-01-24 14:09 - 2015-01-24 14:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-03.dmp
2015-01-24 13:30 - 2015-01-24 13:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-02.dmp
2015-01-24 08:12 - 2015-01-24 08:12 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-23 22:52 - 2015-01-23 22:52 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-04.dmp
2015-01-23 13:09 - 2015-01-23 13:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-03.dmp
2015-01-23 12:30 - 2015-01-23 12:30 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-01-23 10:30 - 2015-01-23 10:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-02.dmp
2015-01-23 07:36 - 2015-01-23 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel® Matrix Storage Manager
2015-01-23 05:45 - 2015-01-23 05:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-01.dmp
2015-01-22 18:42 - 2015-01-22 18:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-04.dmp
2015-01-22 17:36 - 2015-01-23 06:53 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\SUPERAntiSpyware.com
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-01-22 17:05 - 2015-01-22 17:05 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-03.dmp
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-22 16:46 - 2015-01-22 16:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-02.dmp
2015-01-22 05:39 - 2015-01-22 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-01.dmp
2015-01-21 18:54 - 2015-01-21 18:54 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-06.dmp
2015-01-21 18:42 - 2015-01-21 18:42 - 00213192 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\97313061.sys
2015-01-21 17:49 - 2015-01-21 17:49 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-05.dmp
2015-01-21 06:17 - 2015-01-21 06:17 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-04.dmp
2015-01-21 06:06 - 2015-01-21 06:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-03.dmp
2015-01-21 06:02 - 2015-01-21 06:02 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-02.dmp
2015-01-21 06:00 - 2015-01-21 06:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\New Folder
2015-01-21 05:42 - 2015-01-21 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-01.dmp
2015-01-21 05:12 - 2015-01-21 05:19 - 00000000 ____D () C:\sfzone_profile
2015-01-20 22:45 - 2015-01-20 22:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-06.dmp
2015-01-20 22:42 - 2015-01-20 22:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-05.dmp
2015-01-20 22:04 - 2015-01-20 22:04 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-04.dmp
2015-01-20 21:13 - 2015-01-20 21:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-03.dmp
2015-01-20 19:03 - 2015-01-20 19:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-02.dmp
2015-01-20 05:42 - 2015-01-20 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-01.dmp
2015-01-19 20:41 - 2015-01-19 20:41 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-02.dmp
2015-01-19 05:42 - 2015-01-19 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-01.dmp
2015-01-18 09:48 - 2015-01-18 09:48 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-03.dmp
2015-01-18 08:43 - 2015-01-18 08:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-02.dmp
2015-01-18 07:59 - 2015-01-18 07:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-01.dmp
2015-01-17 18:26 - 2015-01-17 18:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Elephant Games
2015-01-17 14:40 - 2015-01-17 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2015-01-17 14:39 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\WINDOWS\system32\CNC_C9L.dll
2015-01-17 14:39 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series User Registration
2015-01-17 14:38 - 2014-03-17 11:15 - 00380928 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2015-01-17 14:38 - 2014-03-17 11:15 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon Easy-WebPrint EX
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series Manual
2015-01-17 14:25 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9.DLL
2015-01-17 09:38 - 2015-01-17 09:38 - 00001979 _____ () C:\Documents and Settings\All Users\Desktop\Play Phantasmat - The Endless Night Collectors Edition.lnk
2015-01-17 09:35 - 2015-01-17 09:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Phantasmat - The Endless Night Collectors Edition
2015-01-17 09:24 - 2015-01-17 09:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-05.dmp
2015-01-17 08:46 - 2015-01-17 08:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-04.dmp
2015-01-17 08:19 - 2015-01-17 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-03.dmp
2015-01-17 06:56 - 2015-01-17 06:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-02.dmp
2015-01-17 06:43 - 2015-01-17 06:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2015-01-17 06:42 - 2015-01-17 06:42 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-01-17 06:32 - 2015-01-17 06:32 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-01.dmp
2015-01-16 18:13 - 2015-01-16 18:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-02.dmp
2015-01-16 05:39 - 2015-01-16 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-01.dmp
2015-01-15 18:41 - 2015-01-23 18:52 - 00010050 _____ () C:\WINDOWS\KB2900986.log
2015-01-15 18:06 - 2015-01-15 18:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011515-01.dmp
2015-01-14 20:55 - 2015-01-17 09:38 - 00000000 ____D () C:\Program Files\Phantasmat - The Endless Night Collectors Edition
2015-01-13 19:55 - 2015-01-13 20:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\margrave3_se
2015-01-11 14:45 - 2015-01-11 14:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJMIG
2015-01-11 14:44 - 2015-01-11 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJQuickMenu
2015-01-11 14:41 - 2013-12-02 12:58 - 00096000 _____ () C:\WINDOWS\system32\CNC177ED.TBL
2015-01-11 14:39 - 2015-01-17 14:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
2015-01-11 14:27 - 2015-01-17 14:25 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-11 14:27 - 2015-01-11 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonBJ
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(5).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(4).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(3).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(2).DLL
2015-01-10 07:35 - 2015-01-10 07:35 - 00001866 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Blackrow's Secret.lnk
2015-01-10 07:32 - 2015-01-10 07:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Blackrow's Secret
2015-01-10 07:32 - 2015-01-10 07:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Blackrow's Secret
2015-01-10 07:31 - 2015-01-10 07:31 - 00001889 _____ () C:\Documents and Settings\All Users\Desktop\Play Surface - Game of Gods Collectors Edition.lnk
2015-01-10 07:25 - 2015-01-10 07:31 - 00000000 ____D () C:\Program Files\Surface - Game of Gods Collectors Edition
2015-01-10 07:25 - 2015-01-10 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Surface - Game of Gods Collectors Edition
2015-01-10 07:20 - 2015-01-10 07:20 - 00002008 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Silent Hollow Collector's Edition.lnk
2015-01-10 07:14 - 2015-01-10 07:20 - 00000000 ____D () C:\Program Files\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-10 07:14 - 2015-01-10 07:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-07 21:42 - 2015-01-07 21:42 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-01-07 20:35 - 2015-01-07 20:35 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Hewlett-Packard
2015-01-07 20:32 - 2015-01-07 20:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-07 18:15 - 2015-01-07 18:15 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\Garmin
2015-01-07 18:08 - 2015-01-07 18:08 - 00000858 _____ () C:\WINDOWS\setupact.log
2015-01-07 18:08 - 2015-01-07 18:08 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-06 20:55 - 2015-01-27 14:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-06 06:13 - 2015-01-06 06:13 - 00001135 _____ () C:\Documents and Settings\The Holt's\Desktop\Dropbox.lnk
2015-01-06 06:13 - 2015-01-06 06:13 - 00000000 ____D () C:\Dropbox pics
2015-01-06 06:11 - 2015-01-06 06:12 - 00000000 ____D () C:\Program Files\Dropbox
2015-01-06 06:10 - 2015-01-06 06:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dropbox
2015-01-05 18:38 - 2015-01-05 18:38 - 00001552 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2015-01-05 18:38 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Program Files\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-05 18:37 - 2015-01-05 18:37 - 00000000 ____D () C:\Program Files\iPod
2015-01-04 21:17 - 2010-12-24 11:18 - 00001414 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150104-211735.backup
2014-12-30 21:35 - 2014-12-30 21:35 - 00001890 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Raincliffs Phantoms.lnk
2014-12-30 21:32 - 2014-12-30 21:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:32 - 2014-12-30 21:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:09 - 2014-12-30 21:09 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\Play Hidden Expedition - The Crown of Solomon.lnk
2014-12-30 21:06 - 2014-12-30 21:09 - 00000000 ____D () C:\Program Files\Hidden Expedition - The Crown of Solomon
2014-12-30 21:06 - 2014-12-30 21:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Hidden Expedition - The Crown of Solomon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 14:34 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Temp
2015-01-27 14:30 - 2014-08-08 04:52 - 00196608 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-27 11:06 - 2014-11-29 21:27 - 00263457 _____ () C:\WINDOWS\setupapi.log
2015-01-27 11:06 - 2014-06-23 04:42 - 00026136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-27 11:06 - 2014-06-04 19:32 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-27 11:05 - 2014-06-23 04:42 - 00253640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2015-01-27 09:43 - 2014-08-11 20:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-27 09:43 - 2014-08-11 20:36 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-27 09:43 - 2014-01-07 19:05 - 00000568 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-01-27 09:43 - 2010-07-18 13:32 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-27 09:43 - 2005-08-27 19:54 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-27 09:43 - 2004-08-19 13:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-27 09:43 - 2004-08-19 12:50 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-27 09:42 - 2007-09-18 17:30 - 218025984 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-27 09:22 - 2014-11-29 11:25 - 00303176 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-27 09:22 - 2014-08-11 20:36 - 00031914 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-27 09:22 - 2013-08-25 21:41 - 00000000 ____D () C:\AdwCleaner
2015-01-27 09:22 - 2005-08-23 20:51 - 00000278 ___SH () C:\Documents and Settings\The Holt's\ntuser.ini
2015-01-27 09:22 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's
2015-01-27 09:10 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung
2015-01-27 05:43 - 2012-04-26 21:41 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-26 22:22 - 2014-11-29 22:43 - 04958588 ____N () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK
2015-01-26 22:22 - 2010-07-10 07:00 - 04958588 _____ () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF
2015-01-26 21:06 - 2008-12-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2015-01-25 09:10 - 2010-06-29 05:32 - 00000000 ____D () C:\Canon Temp Pics
2015-01-25 09:10 - 2005-08-26 16:32 - 00000000 ____D () C:\Camping Info
2015-01-23 18:51 - 2013-08-15 04:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 13:33 - 2010-07-18 13:32 - 00000296 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-23 12:58 - 2009-09-30 21:02 - 00000000 ____D () C:\Program Files\IObit
2015-01-23 12:45 - 2010-12-09 20:07 - 00000000 ____D () C:\Program Files\Java
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Program Files\Auslogics
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-01-23 07:36 - 2005-08-17 08:31 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-22 17:32 - 2010-03-27 14:23 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple
2015-01-22 17:32 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\twain_32
2015-01-21 06:01 - 2007-01-28 16:36 - 00000000 ____D () C:\eBay pics
2015-01-21 05:17 - 2013-06-30 07:40 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-01-20 22:45 - 2009-06-25 21:08 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-20 06:55 - 2004-08-19 13:03 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-01-20 06:18 - 2012-11-08 18:59 - 00000000 ____D () C:\Robs health info
2015-01-19 21:15 - 2005-09-17 06:13 - 00000116 ____C () C:\WINDOWS\NeroDigital.ini
2015-01-18 10:55 - 2010-06-29 05:30 - 00000000 ____D () C:\Craigslist pics
2015-01-18 08:32 - 2007-09-18 10:29 - 00000210 ___SH () C:\boot.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000864 _____ () C:\WINDOWS\win.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-18 08:25 - 2010-09-11 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-01-17 22:47 - 2012-08-26 21:50 - 02804130 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-359015350-2660976701-2151963389-1005-0.dat
2015-01-17 22:47 - 2012-08-26 21:50 - 00307178 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-01-17 20:56 - 2014-12-07 18:27 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Blue Tea Games
2015-01-17 18:26 - 2014-09-06 05:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Elephant Games
2015-01-17 14:43 - 2008-10-19 17:28 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon
2015-01-17 14:42 - 2008-10-19 17:24 - 00000000 ____D () C:\Program Files\Canon
2015-01-17 14:40 - 2008-10-19 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2015-01-17 14:39 - 2013-12-13 18:58 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-17 14:39 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\Media
2015-01-17 09:00 - 2012-07-10 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Deployment
2015-01-17 09:00 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dell
2015-01-17 08:30 - 2010-09-11 12:44 - 00017318 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-01-17 08:08 - 2010-05-01 22:14 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 07:57 - 2004-08-19 13:02 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-17 06:51 - 2005-08-24 17:20 - 00084688 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-17 06:44 - 2004-08-19 12:57 - 00309192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 06:43 - 2010-09-11 12:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-17 06:43 - 2010-09-11 12:47 - 00000000 ____D () C:\Program Files\HP
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-17 06:41 - 2013-05-11 12:41 - 00000000 ____D () C:\Program Files\Belarc
2015-01-15 19:06 - 2014-12-27 18:13 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Eipix
2015-01-15 18:08 - 2009-08-21 05:48 - 00011322 _____ () C:\VEW.txt
2015-01-11 16:11 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 3
2015-01-11 14:50 - 2014-09-01 05:53 - 00000000 ____D () C:\Amelia stuff
2015-01-11 14:50 - 2012-06-27 16:56 - 00000000 ___RD () C:\Documents and Settings\The Holt's\My Documents\HP Photo Creations
2015-01-11 12:12 - 2005-08-26 16:32 - 00000000 ____D () C:\Katy's Miscellaneous
2015-01-09 21:27 - 2013-11-03 20:20 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Dropbox
2015-01-07 22:11 - 2012-06-12 04:37 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-07 22:11 - 2011-08-23 18:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-07 21:42 - 2010-09-11 12:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\HpUpdate
2015-01-07 21:17 - 2014-11-15 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Garmin
2015-01-07 21:17 - 2013-08-08 20:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Program Files\Garmin
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
2015-01-07 21:17 - 2012-08-26 09:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Garmin
2015-01-07 21:17 - 2005-08-27 13:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Adobe
2015-01-07 20:46 - 2013-02-23 20:20 - 00208331 ____C () C:\WINDOWS\hpoins41.dat.temp
2015-01-07 18:22 - 2014-01-18 14:59 - 00000000 ____D () C:\Health stuff
2015-01-06 05:59 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 2
2015-01-05 19:55 - 2013-11-03 20:23 - 00000000 ___RD () C:\Dropbox
2015-01-05 18:45 - 2006-02-15 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2015-01-05 18:45 - 2006-02-15 07:24 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-05 18:37 - 2014-05-28 21:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-01-05 18:37 - 2010-12-09 21:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-03 18:14 - 2014-08-08 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ATI
2015-01-03 18:13 - 2010-06-20 15:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\WDC
2015-01-03 18:12 - 2013-06-28 16:32 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\NETGEARGenie
2015-01-03 18:02 - 2014-08-02 10:58 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\.minecraft
2015-01-02 18:14 - 2005-08-27 11:54 - 00002477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2015-01-01 11:26 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 13
2015-01-01 11:25 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 4
2015-01-01 11:22 - 2007-12-02 14:33 - 00000000 ____D () C:\Dung Temp 2
2015-01-01 11:21 - 2012-02-20 12:24 - 00000000 ____D () C:\Dung screensaver
2015-01-01 11:20 - 2005-08-25 17:34 - 00000000 ____D () C:\Pics
2015-01-01 11:14 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 12
2015-01-01 11:12 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 11
2015-01-01 11:09 - 2014-03-09 18:34 - 00000000 ____D () C:\Nomad stuff
2015-01-01 11:09 - 2008-11-15 16:49 - 00000000 ____D () C:\Dung 10
2015-01-01 11:07 - 2011-10-02 17:19 - 00000000 ____D () C:\Dung 5
2014-12-31 13:15 - 2005-08-24 05:09 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2005-09-08 17:35 - 2005-09-08 17:35 - 0774144 ____C (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2005-09-04 14:20 - 2005-09-04 14:20 - 0000251 ____C () C:\Program Files\wt3d.ini
1998-12-09 01:53 - 1998-12-09 01:53 - 0099840 _____ (Symantec Corp.) C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0017920 _____ (Symantec Corp.) C:\Program Files\Common Files\IRASRIAL.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAWEBTR.DLL
2005-10-27 13:02 - 2005-10-27 13:02 - 0000187 _____ () C:\Documents and Settings\The Holt's\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2008-06-21 07:27 - 2008-06-21 07:27 - 0001024 _____ () C:\Documents and Settings\The Holt's\Application Data\WavCodec.wff
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.bmp
2006-02-01 18:09 - 2009-11-22 17:23 - 0004694 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.ini
2006-02-01 18:09 - 2010-09-16 18:00 - 0092406 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cal.bmp
2011-06-19 19:03 - 2011-06-19 20:02 - 0000580 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cookies.ini
2005-08-31 06:02 - 2013-06-14 18:52 - 0049664 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-03-04 11:08 - 2006-03-04 11:08 - 0000085 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\FASTWiz.log
2005-08-23 20:51 - 2005-08-24 19:26 - 0000133 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\fusioncache.dat
2006-02-01 18:09 - 2010-09-16 18:39 - 0000879 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ScreenSaver.ini
2006-02-01 18:17 - 2009-12-22 09:09 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ssprep.bmp
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\sswpprep.bmp

Some content of TEMP:
====================
C:\Documents and Settings\The Holt's\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\The Holt's\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
 



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 28 January 2015 - 10:26 AM

Hey, :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    Winlogon\Notify\SDWinLogon:  [X]
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-359015350-2660976701-2151963389-1005 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} -  No File
    CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
    EmptyTemp:
    
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 29 January 2015 - 12:40 AM

Howdy,

Here are the logs requested.  Computer running good but prolly won't know until morning if I get the BSOD iastor.sys error.  I did lose my Firefox bookmark icons but no big deal.  Just looks incomplete.  I'll post in the morning if BSOD.

 

Fixlog.txt log file:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2015 01
Ran by The Holt's at 2015-01-28 18:05:49 Run:1
Running from C:\Documents and Settings\The Holt's\Desktop
Loaded Profiles: The Holt's (Available profiles: The Holt's & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Winlogon\Notify\SDWinLogon:  [X]
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-359015350-2660976701-2151963389-1005 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} -  No File
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
EmptyTemp:
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} => value deleted successfully.
HKCR\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} => Key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key deleted successfully.
EmptyTemp: => Removed 6.1 GB temporary data.


The system needed a reboot.

==== End of Fixlog 18:09:14 ====

 

 

FRST log file:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01
Ran by The Holt's (administrator) on LUVTOHIKE on 28-01-2015 18:38:40
Running from C:\Documents and Settings\The Holt's\Desktop
Loaded Profiles: The Holt's (Available profiles: The Holt's & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCDsrv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPatrol] => c:\program files\billp studios\winpatrol\winpatrol.exe [400480 2012-01-30] (BillP Studios)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [139264 2005-04-25] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => c:\program files\creative\sbaudigy2zs\surround mixer\ctsysvol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\cthelper.exe [19456 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Policies\Explorer: [NoDriveAutoRun] 0x67FFFF03
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-359015350-2660976701-2151963389-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15030/CTSUEng.cab
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.5.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://webprod.vcccd.net/iNotes6W.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} http://webprod.vcccd.net/dwa7W.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609
FF NewTab: hxxp://www.google.com
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 -> C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKU\S-1-5-21-359015350-2660976701-2151963389-1005: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npracplug.dll (RealNetworks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npunagi2.dll (America Online, Inc.)
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\gugitlt4.default-1387866924609\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-11-14]
FF Extension: Tab Mix Plus - C:\Documents and Settings\The Holt's\Application Data\Mozilla\Firefox\Profiles\dh4x8h7w.Robert\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-01]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-22]
FF HKU\S-1-5-21-359015350-2660976701-2151963389-1005\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-27]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [846048 2012-04-27] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-12-29] (Adobe Systems) [File not signed]
S3 Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-27] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
S3 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [48368 2009-09-03] (NOS Microsystems Ltd.)
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 IAANTMon; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [86142 2005-04-25] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [163840 2006-01-04] (Alex Feinman) [File not signed]
R2 InCDsrvR; C:\Program Files\Ahead\InCD\InCDsrv.exe [869376 2005-04-12] (Nero AG) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2013-04-07] (NETGEAR)
S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [16512 2006-12-12] (Adaptec)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-27] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2015-01-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-27] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-06-23] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [253640 2015-01-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-27] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-27] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-27] ()
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [88352 2005-04-22] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40544 2005-04-21] (Sonic Solutions) [File not signed]
R2 DVDAccss; C:\WINDOWS\System32\drivers\DVDAccss.sys [29156 2002-03-19] (Apple Computer, Inc.) [File not signed]
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 GKUPRO2D; C:\WINDOWS\System32\DRIVERS\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5504 2004-03-02] (Ahead Software AG) [File not signed]
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [125184 2004-03-02] (Ahead Software AG) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [99456 2005-04-12] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29056 2005-04-12] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-04-12] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [28160 2005-04-12] (Nero AG) [File not signed]
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-01] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
S3 Jukebox3; C:\WINDOWS\System32\DRIVERS\ctpdusb.sys [16880 2004-05-18] (Creative Technology Ltd.)
R3 LCcfltr; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [14095 2004-03-03] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37887 2004-03-03] (Logitech, Inc.)
R3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [35776 2013-09-23] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [19456 2004-11-02] (Intel Corporation ) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-06-28] (CACE Technologies, Inc.)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17217 2002-11-08] (Dell Computer Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-03-11] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2005-05-13] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2005-05-13] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25725 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34845 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4125 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2241 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86876 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15069 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6365 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98716 2005-05-31] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100605 2005-05-31] (Sonic Solutions) [File not signed]
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [125472 2013-09-14] (Acronis)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [83392 2013-09-14] (Acronis)
S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed]
S3 ALSysIO; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\ALSysIO.sys [X]
S3 bvrp_pci; No ImagePath
U2 CertPropSvc; No ImagePath
U5 itchfltr; C:\Windows\System32\Drivers\itchfltr.sys [12953 2004-03-10] (Logitech, Inc.)
S3 MFE_RR; \??\C:\DOCUME~1\THEHOT~1\LOCALS~1\Temp\mfe_rr.sys [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-13] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 18:24 - 2015-01-28 18:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012815-03.dmp
2015-01-28 18:19 - 2015-01-28 18:19 - 00035583 _____ () C:\Documents and Settings\The Holt's\Desktop\Addition.txt
2015-01-28 18:04 - 2015-01-28 18:04 - 00000000 ____D () C:\Documents and Settings\The Holt's\Desktop\FRST-OlderVersion
2015-01-28 17:41 - 2015-01-28 17:41 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012815-02.dmp
2015-01-28 05:24 - 2015-01-28 05:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012815-01.dmp
2015-01-27 19:26 - 2015-01-27 19:26 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012715-03.dmp
2015-01-27 11:06 - 2015-01-27 11:06 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-27 11:06 - 2015-01-27 11:06 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-27 11:06 - 2015-01-27 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-01-27 10:51 - 2015-01-27 10:54 - 00001451 _____ () C:\Documents and Settings\The Holt's\Desktop\JRT.txt
2015-01-27 10:24 - 2015-01-27 10:24 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-27 10:22 - 2015-01-27 10:23 - 00001069 _____ () C:\Documents and Settings\The Holt's\Desktop\Malwarebytes.txt
2015-01-27 09:43 - 2015-01-27 09:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012715-02.dmp
2015-01-27 09:36 - 2015-01-27 19:27 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 09:35 - 2015-01-27 09:35 - 00000787 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-27 09:35 - 2015-01-27 09:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-27 09:35 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-27 09:35 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-27 09:33 - 2015-01-27 09:33 - 00002062 _____ () C:\Documents and Settings\The Holt's\Desktop\AdwCleaner[S6].txt
2015-01-27 09:10 - 2015-01-27 09:10 - 01707939 _____ (Thisisu) C:\Documents and Settings\The Holt's\Desktop\JRT.exe
2015-01-27 09:09 - 2015-01-27 09:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\The Holt's\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-27 09:00 - 2015-01-27 09:00 - 02194432 _____ () C:\Documents and Settings\The Holt's\Desktop\AdwCleaner.exe
2015-01-27 05:07 - 2015-01-27 05:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-27 05:03 - 2015-01-27 05:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012715-01.dmp
2015-01-26 18:43 - 2015-01-28 18:39 - 00027643 _____ () C:\Documents and Settings\The Holt's\Desktop\FRST.txt
2015-01-26 18:42 - 2015-01-28 18:04 - 01121792 _____ (Farbar) C:\Documents and Settings\The Holt's\Desktop\FRST.exe
2015-01-26 18:40 - 2015-01-26 18:40 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-02.dmp
2015-01-26 05:30 - 2015-01-26 05:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012615-01.dmp
2015-01-25 16:21 - 2015-01-28 18:04 - 00000000 ____D () C:\Computer BSOD Bleepcomputer
2015-01-25 10:06 - 2015-01-28 18:38 - 00000000 ____D () C:\FRST
2015-01-25 09:59 - 2015-01-25 09:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-02.dmp
2015-01-25 08:19 - 2015-01-25 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012515-01.dmp
2015-01-24 16:11 - 2015-01-24 16:11 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-05.dmp
2015-01-24 14:22 - 2015-01-24 15:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-01-24 14:21 - 2015-01-24 14:21 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-04.dmp
2015-01-24 14:09 - 2015-01-24 14:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-03.dmp
2015-01-24 13:30 - 2015-01-24 13:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-02.dmp
2015-01-24 08:12 - 2015-01-24 08:12 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-23 22:52 - 2015-01-23 22:52 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-04.dmp
2015-01-23 13:09 - 2015-01-23 13:09 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-03.dmp
2015-01-23 12:30 - 2015-01-23 12:30 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-01-23 10:30 - 2015-01-23 10:30 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-02.dmp
2015-01-23 07:36 - 2015-01-23 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel® Matrix Storage Manager
2015-01-23 05:45 - 2015-01-23 05:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012315-01.dmp
2015-01-22 18:42 - 2015-01-22 18:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-04.dmp
2015-01-22 17:36 - 2015-01-23 06:53 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\SUPERAntiSpyware.com
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-01-22 17:36 - 2015-01-22 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-01-22 17:05 - 2015-01-22 17:05 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-03.dmp
2015-01-22 16:59 - 2015-01-22 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-22 16:46 - 2015-01-22 16:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-02.dmp
2015-01-22 05:39 - 2015-01-22 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012215-01.dmp
2015-01-21 18:54 - 2015-01-21 18:54 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-06.dmp
2015-01-21 18:42 - 2015-01-21 18:42 - 00213192 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\97313061.sys
2015-01-21 17:49 - 2015-01-21 17:49 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-05.dmp
2015-01-21 06:17 - 2015-01-21 06:17 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-04.dmp
2015-01-21 06:06 - 2015-01-21 06:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-03.dmp
2015-01-21 06:02 - 2015-01-21 06:02 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-02.dmp
2015-01-21 06:00 - 2015-01-21 06:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\New Folder
2015-01-21 05:42 - 2015-01-21 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-01.dmp
2015-01-21 05:12 - 2015-01-21 05:19 - 00000000 ____D () C:\sfzone_profile
2015-01-20 22:45 - 2015-01-20 22:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-06.dmp
2015-01-20 22:42 - 2015-01-20 22:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-05.dmp
2015-01-20 22:04 - 2015-01-20 22:04 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-04.dmp
2015-01-20 21:13 - 2015-01-20 21:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-03.dmp
2015-01-20 19:03 - 2015-01-20 19:03 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-02.dmp
2015-01-20 05:42 - 2015-01-20 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012015-01.dmp
2015-01-19 20:41 - 2015-01-19 20:41 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-02.dmp
2015-01-19 05:42 - 2015-01-19 05:42 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011915-01.dmp
2015-01-18 09:48 - 2015-01-18 09:48 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-03.dmp
2015-01-18 08:43 - 2015-01-18 08:43 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-02.dmp
2015-01-18 07:59 - 2015-01-18 07:59 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011815-01.dmp
2015-01-17 18:26 - 2015-01-17 18:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Elephant Games
2015-01-17 14:40 - 2015-01-17 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2015-01-17 14:39 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\WINDOWS\system32\CNC_C9L.dll
2015-01-17 14:39 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-01-17 14:38 - 2015-01-17 14:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series User Registration
2015-01-17 14:38 - 2014-03-17 11:15 - 00380928 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2015-01-17 14:38 - 2014-03-17 11:15 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2015-01-17 14:37 - 2015-01-17 14:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon Easy-WebPrint EX
2015-01-17 14:26 - 2015-01-17 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon MG6600 series Manual
2015-01-17 14:25 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9.DLL
2015-01-17 09:38 - 2015-01-17 09:38 - 00001979 _____ () C:\Documents and Settings\All Users\Desktop\Play Phantasmat - The Endless Night Collectors Edition.lnk
2015-01-17 09:35 - 2015-01-17 09:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Phantasmat - The Endless Night Collectors Edition
2015-01-17 09:24 - 2015-01-17 09:24 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-05.dmp
2015-01-17 08:46 - 2015-01-17 08:46 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-04.dmp
2015-01-17 08:19 - 2015-01-17 08:19 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-03.dmp
2015-01-17 06:56 - 2015-01-17 06:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-02.dmp
2015-01-17 06:43 - 2015-01-17 06:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2015-01-17 06:42 - 2015-01-17 06:42 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-01-17 06:32 - 2015-01-17 06:32 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011715-01.dmp
2015-01-16 18:13 - 2015-01-16 18:13 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-02.dmp
2015-01-16 05:39 - 2015-01-16 05:39 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011615-01.dmp
2015-01-15 18:41 - 2015-01-23 18:52 - 00010050 _____ () C:\WINDOWS\KB2900986.log
2015-01-15 18:06 - 2015-01-15 18:06 - 00065536 _____ () C:\WINDOWS\Minidump\Mini011515-01.dmp
2015-01-14 20:55 - 2015-01-17 09:38 - 00000000 ____D () C:\Program Files\Phantasmat - The Endless Night Collectors Edition
2015-01-13 19:55 - 2015-01-13 20:00 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\margrave3_se
2015-01-11 14:45 - 2015-01-11 14:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJMIG
2015-01-11 14:44 - 2015-01-11 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJQuickMenu
2015-01-11 14:41 - 2013-12-02 12:58 - 00096000 _____ () C:\WINDOWS\system32\CNC177ED.TBL
2015-01-11 14:39 - 2015-01-17 14:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
2015-01-11 14:27 - 2015-01-17 14:25 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-11 14:27 - 2015-01-11 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonBJ
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(5).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(4).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(3).DLL
2015-01-11 14:27 - 2014-03-18 05:00 - 00329216 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC9(2).DLL
2015-01-10 07:35 - 2015-01-10 07:35 - 00001866 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Blackrow's Secret.lnk
2015-01-10 07:32 - 2015-01-10 07:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Blackrow's Secret
2015-01-10 07:32 - 2015-01-10 07:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Blackrow's Secret
2015-01-10 07:31 - 2015-01-10 07:31 - 00001889 _____ () C:\Documents and Settings\All Users\Desktop\Play Surface - Game of Gods Collectors Edition.lnk
2015-01-10 07:25 - 2015-01-10 07:31 - 00000000 ____D () C:\Program Files\Surface - Game of Gods Collectors Edition
2015-01-10 07:25 - 2015-01-10 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Surface - Game of Gods Collectors Edition
2015-01-10 07:20 - 2015-01-10 07:20 - 00002008 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Silent Hollow Collector's Edition.lnk
2015-01-10 07:14 - 2015-01-10 07:20 - 00000000 ____D () C:\Program Files\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-10 07:14 - 2015-01-10 07:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Silent Hollow Collector's Edition
2015-01-07 21:42 - 2015-01-07 21:42 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-01-07 20:35 - 2015-01-07 20:35 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Hewlett-Packard
2015-01-07 20:32 - 2015-01-07 20:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-07 18:15 - 2015-01-07 18:15 - 00000000 ____D () C:\Documents and Settings\The Holt's\My Documents\Garmin
2015-01-07 18:08 - 2015-01-07 18:08 - 00000858 _____ () C:\WINDOWS\setupact.log
2015-01-07 18:08 - 2015-01-07 18:08 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-06 20:55 - 2015-01-28 18:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-06 06:13 - 2015-01-06 06:13 - 00001135 _____ () C:\Documents and Settings\The Holt's\Desktop\Dropbox.lnk
2015-01-06 06:13 - 2015-01-06 06:13 - 00000000 ____D () C:\Dropbox pics
2015-01-06 06:11 - 2015-01-06 06:12 - 00000000 ____D () C:\Program Files\Dropbox
2015-01-06 06:10 - 2015-01-06 06:10 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dropbox
2015-01-05 18:38 - 2015-01-05 18:38 - 00001552 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2015-01-05 18:38 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Program Files\iTunes
2015-01-05 18:37 - 2015-01-05 18:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-01-05 18:37 - 2015-01-05 18:37 - 00000000 ____D () C:\Program Files\iPod
2015-01-04 21:17 - 2010-12-24 11:18 - 00001414 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150104-211735.backup
2014-12-30 21:35 - 2014-12-30 21:35 - 00001890 _____ () C:\Documents and Settings\All Users\Desktop\Play Mystery Trackers - Raincliffs Phantoms.lnk
2014-12-30 21:32 - 2014-12-30 21:35 - 00000000 ____D () C:\Program Files\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:32 - 2014-12-30 21:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mystery Trackers - Raincliffs Phantoms
2014-12-30 21:09 - 2014-12-30 21:09 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\Play Hidden Expedition - The Crown of Solomon.lnk
2014-12-30 21:06 - 2014-12-30 21:09 - 00000000 ____D () C:\Program Files\Hidden Expedition - The Crown of Solomon
2014-12-30 21:06 - 2014-12-30 21:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Hidden Expedition - The Crown of Solomon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 18:39 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Temp
2015-01-28 18:31 - 2014-08-08 04:52 - 00262144 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-28 18:30 - 2004-08-19 12:50 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-28 18:29 - 2014-08-11 20:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-28 18:29 - 2014-08-11 20:36 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-28 18:29 - 2014-01-07 19:05 - 00000568 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-01-28 18:29 - 2010-07-18 13:32 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-28 18:29 - 2004-08-19 13:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-28 18:24 - 2014-08-11 20:36 - 00032034 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-28 18:24 - 2005-08-27 19:54 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-28 18:23 - 2007-09-18 17:30 - 217112576 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-28 18:09 - 2014-11-29 22:43 - 04958588 ____N () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK
2015-01-28 18:09 - 2014-11-29 11:25 - 00305180 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-28 18:09 - 2010-07-10 07:00 - 04958588 _____ () C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.CDF
2015-01-28 18:09 - 2005-08-23 20:51 - 00000278 ___SH () C:\Documents and Settings\The Holt's\ntuser.ini
2015-01-28 18:09 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's
2015-01-28 18:06 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-28 18:06 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-28 17:56 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 4
2015-01-27 21:39 - 2008-12-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2015-01-27 18:38 - 2014-11-29 21:27 - 00271321 _____ () C:\WINDOWS\setupapi.log
2015-01-27 11:06 - 2014-06-23 04:42 - 00026136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2015-01-27 11:06 - 2014-06-22 19:28 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-27 11:06 - 2014-06-04 19:32 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-27 11:05 - 2014-06-23 04:42 - 00253640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2015-01-27 09:22 - 2013-08-25 21:41 - 00000000 ____D () C:\AdwCleaner
2015-01-27 09:10 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung
2015-01-27 05:43 - 2012-04-26 21:41 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-25 09:10 - 2010-06-29 05:32 - 00000000 ____D () C:\Canon Temp Pics
2015-01-25 09:10 - 2005-08-26 16:32 - 00000000 ____D () C:\Camping Info
2015-01-23 18:51 - 2013-08-15 04:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 13:33 - 2010-07-18 13:32 - 00000296 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-359015350-2660976701-2151963389-1005.job
2015-01-23 12:58 - 2009-09-30 21:02 - 00000000 ____D () C:\Program Files\IObit
2015-01-23 12:45 - 2010-12-09 20:07 - 00000000 ____D () C:\Program Files\Java
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Program Files\Auslogics
2015-01-23 12:39 - 2013-01-11 06:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2015-01-23 07:36 - 2005-08-17 08:31 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-22 17:38 - 2010-04-22 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-22 17:32 - 2010-03-27 14:23 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Apple
2015-01-22 17:32 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\twain_32
2015-01-21 06:01 - 2007-01-28 16:36 - 00000000 ____D () C:\eBay pics
2015-01-21 05:17 - 2013-06-30 07:40 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-01-20 22:45 - 2009-06-25 21:08 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-20 06:55 - 2004-08-19 13:03 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-01-20 06:18 - 2012-11-08 18:59 - 00000000 ____D () C:\Robs health info
2015-01-19 21:15 - 2005-09-17 06:13 - 00000116 ____C () C:\WINDOWS\NeroDigital.ini
2015-01-18 10:55 - 2010-06-29 05:30 - 00000000 ____D () C:\Craigslist pics
2015-01-18 08:32 - 2007-09-18 10:29 - 00000210 ___SH () C:\boot.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000864 _____ () C:\WINDOWS\win.ini
2015-01-18 08:32 - 2004-08-19 12:49 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-18 08:25 - 2010-09-11 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-01-17 22:47 - 2012-08-26 21:50 - 02804130 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-359015350-2660976701-2151963389-1005-0.dat
2015-01-17 22:47 - 2012-08-26 21:50 - 00307178 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-01-17 20:56 - 2014-12-07 18:27 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Blue Tea Games
2015-01-17 18:26 - 2014-09-06 05:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Elephant Games
2015-01-17 14:43 - 2008-10-19 17:28 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Canon
2015-01-17 14:42 - 2008-10-19 17:24 - 00000000 ____D () C:\Program Files\Canon
2015-01-17 14:40 - 2008-10-19 17:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2015-01-17 14:39 - 2013-12-13 18:58 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-17 14:39 - 2004-08-19 12:52 - 00000000 ____D () C:\WINDOWS\Media
2015-01-17 09:00 - 2012-07-10 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Deployment
2015-01-17 09:00 - 2005-08-23 20:51 - 00000000 ____D () C:\Documents and Settings\The Holt's\Start Menu\Programs\Dell
2015-01-17 08:30 - 2010-09-11 12:44 - 00017318 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-01-17 08:08 - 2010-05-01 22:14 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 07:57 - 2004-08-19 13:02 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-17 06:51 - 2005-08-24 17:20 - 00084688 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-17 06:44 - 2004-08-19 12:57 - 00309192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 06:43 - 2010-09-11 12:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-17 06:43 - 2010-09-11 12:47 - 00000000 ____D () C:\Program Files\HP
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-17 06:43 - 2004-08-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-17 06:41 - 2013-05-11 12:41 - 00000000 ____D () C:\Program Files\Belarc
2015-01-15 19:06 - 2014-12-27 18:13 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Eipix
2015-01-15 18:08 - 2009-08-21 05:48 - 00011322 _____ () C:\VEW.txt
2015-01-11 16:11 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 3
2015-01-11 14:50 - 2014-09-01 05:53 - 00000000 ____D () C:\Amelia stuff
2015-01-11 14:50 - 2012-06-27 16:56 - 00000000 ___RD () C:\Documents and Settings\The Holt's\My Documents\HP Photo Creations
2015-01-11 12:12 - 2005-08-26 16:32 - 00000000 ____D () C:\Katy's Miscellaneous
2015-01-09 21:27 - 2013-11-03 20:20 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Dropbox
2015-01-07 22:11 - 2012-06-12 04:37 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-07 22:11 - 2011-08-23 18:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-07 21:42 - 2010-09-11 12:53 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\HpUpdate
2015-01-07 21:17 - 2014-11-15 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Garmin
2015-01-07 21:17 - 2013-08-08 20:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Program Files\Garmin
2015-01-07 21:17 - 2012-08-26 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
2015-01-07 21:17 - 2012-08-26 09:06 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\Garmin
2015-01-07 21:17 - 2005-08-27 13:36 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\Adobe
2015-01-07 20:46 - 2013-02-23 20:20 - 00208331 ____C () C:\WINDOWS\hpoins41.dat.temp
2015-01-07 18:22 - 2014-01-18 14:59 - 00000000 ____D () C:\Health stuff
2015-01-06 05:59 - 2005-08-24 17:37 - 00000000 ____D () C:\Dung 2
2015-01-05 19:55 - 2013-11-03 20:23 - 00000000 ___RD () C:\Dropbox
2015-01-05 18:45 - 2006-02-15 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2015-01-05 18:45 - 2006-02-15 07:24 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-05 18:37 - 2014-05-28 21:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-01-05 18:37 - 2010-12-09 21:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-03 18:14 - 2014-08-08 04:52 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ATI
2015-01-03 18:13 - 2010-06-20 15:37 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\WDC
2015-01-03 18:12 - 2013-06-28 16:32 - 00000000 ____D () C:\Documents and Settings\The Holt's\Local Settings\Application Data\NETGEARGenie
2015-01-03 18:02 - 2014-08-02 10:58 - 00000000 ____D () C:\Documents and Settings\The Holt's\Application Data\.minecraft
2015-01-02 18:14 - 2005-08-27 11:54 - 00002477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2015-01-01 11:26 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 13
2015-01-01 11:22 - 2007-12-02 14:33 - 00000000 ____D () C:\Dung Temp 2
2015-01-01 11:21 - 2012-02-20 12:24 - 00000000 ____D () C:\Dung screensaver
2015-01-01 11:20 - 2005-08-25 17:34 - 00000000 ____D () C:\Pics
2015-01-01 11:14 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 12
2015-01-01 11:12 - 2013-09-02 07:10 - 00000000 ____D () C:\Dung 11
2015-01-01 11:09 - 2014-03-09 18:34 - 00000000 ____D () C:\Nomad stuff
2015-01-01 11:09 - 2008-11-15 16:49 - 00000000 ____D () C:\Dung 10
2015-01-01 11:07 - 2011-10-02 17:19 - 00000000 ____D () C:\Dung 5
2014-12-31 13:15 - 2005-08-24 05:09 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2005-09-08 17:35 - 2005-09-08 17:35 - 0774144 ____C (RealNetworks, Inc.) C:\Program Files\RngInterstitial.dll
2005-09-04 14:20 - 2005-09-04 14:20 - 0000251 ____C () C:\Program Files\wt3d.ini
1998-12-09 01:53 - 1998-12-09 01:53 - 0099840 _____ (Symantec Corp.) C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0017920 _____ (Symantec Corp.) C:\Program Files\Common Files\IRASRIAL.DLL
1998-12-09 01:53 - 1998-12-09 01:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAWEBTR.DLL
2005-10-27 13:02 - 2005-10-27 13:02 - 0000187 _____ () C:\Documents and Settings\The Holt's\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2008-06-21 07:27 - 2008-06-21 07:27 - 0001024 _____ () C:\Documents and Settings\The Holt's\Application Data\WavCodec.wff
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.bmp
2006-02-01 18:09 - 2009-11-22 17:23 - 0004694 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\AzureBay.ini
2006-02-01 18:09 - 2010-09-16 18:00 - 0092406 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cal.bmp
2011-06-19 19:03 - 2011-06-19 20:02 - 0000580 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\cookies.ini
2005-08-31 06:02 - 2013-06-14 18:52 - 0049664 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-03-04 11:08 - 2006-03-04 11:08 - 0000085 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\FASTWiz.log
2005-08-23 20:51 - 2005-08-24 19:26 - 0000133 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\fusioncache.dat
2006-02-01 18:09 - 2010-09-16 18:39 - 0000879 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ScreenSaver.ini
2006-02-01 18:17 - 2009-12-22 09:09 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\ssprep.bmp
2006-02-01 18:09 - 2010-09-16 18:00 - 2359350 _____ () C:\Documents and Settings\The Holt's\Local Settings\Application Data\sswpprep.bmp

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

 

ESET Log file:

 

C:\Program Files\IObit\Advanced SystemCare 6\unlocker-setup.exe    a variant of Win32/Toolbar.Widgi potentially unwanted application    deleted - quarantined
 



#13 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 29 January 2015 - 09:10 AM

Woke up this morning.... iastor.sys BSOD.  This will only happen once a day at first start-up after 5 minutes of running.  Once I reboot the computer runs fine.  However, if I reboot on purpose.... the BSOD will appear again after that 5 minute time lapse.  Once I reboot again... the system runs fine and I won't get another BSOD.  Hope that makes sense.  Good day.....



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 PM

Posted 29 January 2015 - 10:23 AM

Hey, :)

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process. Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 mudhutbob

mudhutbob
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 29 January 2015 - 09:02 PM

No threats found.  Here is the log.  Yikes!!!

 

 

TDSSkiller Log file:

 

17:50:13.0484 0x10c8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:50:20.0000 0x10c8  ============================================================
17:50:20.0000 0x10c8  Current date / time: 2015/01/29 17:50:20.0000
17:50:20.0000 0x10c8  SystemInfo:
17:50:20.0000 0x10c8  
17:50:20.0000 0x10c8  OS Version: 5.1.2600 ServicePack: 3.0
17:50:20.0000 0x10c8  Product type: Workstation
17:50:20.0000 0x10c8  ComputerName: LUVTOHIKE
17:50:20.0000 0x10c8  UserName: The Hott's
17:50:20.0000 0x10c8  Windows directory: C:\WINDOWS
17:50:20.0000 0x10c8  System windows directory: C:\WINDOWS
17:50:20.0000 0x10c8  Processor architecture: Intel x86
17:50:20.0000 0x10c8  Number of processors: 2
17:50:20.0000 0x10c8  Page size: 0x1000
17:50:20.0000 0x10c8  Boot type: Normal boot
17:50:20.0000 0x10c8  ============================================================
17:50:20.0187 0x10c8  KLMD registered as C:\WINDOWS\system32\drivers\99834613.sys
17:50:20.0437 0x10c8  System UUID: {98FB4B2D-9E83-07D6-FA49-D48F8042C01C}
17:50:21.0281 0x10c8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:50:21.0281 0x10c8  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:50:21.0281 0x10c8  Drive \Device\Harddisk2\DR6 - Size: 0x7446E00000 ( 465.11 Gb ), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:50:21.0296 0x10c8  ============================================================
17:50:21.0296 0x10c8  \Device\Harddisk0\DR0:
17:50:21.0296 0x10c8  MBR partitions:
17:50:21.0296 0x10c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x92000, BlocksNum 0x70C68000
17:50:21.0296 0x10c8  \Device\Harddisk1\DR1:
17:50:21.0296 0x10c8  MBR partitions:
17:50:21.0296 0x10c8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
17:50:21.0296 0x10c8  \Device\Harddisk2\DR6:
17:50:21.0296 0x10c8  MBR partitions:
17:50:21.0296 0x10c8  \Device\Harddisk2\DR6\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
17:50:21.0296 0x10c8  ============================================================
17:50:21.0328 0x10c8  C: <-> \Device\Harddisk0\DR0\Partition1
17:50:21.0328 0x10c8  G: <-> \Device\Harddisk2\DR6\Partition1
17:50:21.0328 0x10c8  J: <-> \Device\Harddisk1\DR1\Partition1
17:50:21.0328 0x10c8  ============================================================
17:50:21.0328 0x10c8  Initialize success
17:50:21.0328 0x10c8  ============================================================
17:51:24.0093 0x02d4  ============================================================
17:51:24.0093 0x02d4  Scan started
17:51:24.0093 0x02d4  Mode: Manual;
17:51:24.0093 0x02d4  ============================================================
17:51:24.0093 0x02d4  KSN ping started
17:51:27.0000 0x02d4  KSN ping finished: true
17:51:27.0515 0x02d4  ================ Scan system memory ========================
17:51:27.0515 0x02d4  System memory - ok
17:51:27.0515 0x02d4  ================ Scan services =============================
17:51:27.0625 0x02d4  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:51:27.0640 0x02d4  !SASCORE - ok
17:51:27.0875 0x02d4  [ 914A9709FC3BF419AD2F85547F2A4832, 37757BC684D39073B92ECF5C92E1F2A4482D8A8AE16F168EBB0353A34059CA2E ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
17:51:27.0875 0x02d4  61883 - ok
17:51:27.0890 0x02d4  Abiosdsk - ok
17:51:27.0921 0x02d4  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:51:27.0921 0x02d4  abp480n5 - ok
17:51:27.0953 0x02d4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:51:27.0953 0x02d4  ACPI - ok
17:51:27.0984 0x02d4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:51:28.0000 0x02d4  ACPIEC - ok
17:51:28.0046 0x02d4  [ B7E1E0B26ACD15980C23506D49326C04, B51C8BFB55F8A137843202D7B43F2EFB3BD99DD29FFF8F0AB8623F760F26F115 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
17:51:28.0078 0x02d4  AcrSch2Svc - ok
17:51:28.0093 0x02d4  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:51:28.0093 0x02d4  Adobe LM Service - ok
17:51:28.0171 0x02d4  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:51:28.0187 0x02d4  AdobeFlashPlayerUpdateSvc - ok
17:51:28.0218 0x02d4  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:51:28.0218 0x02d4  adpu160m - ok
17:51:28.0250 0x02d4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:51:28.0250 0x02d4  aec - ok
17:51:28.0296 0x02d4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:51:28.0296 0x02d4  AFD - ok
17:51:28.0328 0x02d4  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
17:51:28.0343 0x02d4  agp440 - ok
17:51:28.0359 0x02d4  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:51:28.0359 0x02d4  agpCPQ - ok
17:51:28.0375 0x02d4  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:51:28.0375 0x02d4  Aha154x - ok
17:51:28.0390 0x02d4  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:51:28.0390 0x02d4  aic78u2 - ok
17:51:28.0406 0x02d4  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:51:28.0406 0x02d4  aic78xx - ok
17:51:28.0437 0x02d4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:51:28.0453 0x02d4  Alerter - ok
17:51:28.0484 0x02d4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
17:51:28.0484 0x02d4  ALG - ok
17:51:28.0515 0x02d4  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
17:51:28.0515 0x02d4  AliIde - ok
17:51:28.0515 0x02d4  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:51:28.0515 0x02d4  alim1541 - ok
17:51:28.0640 0x02d4  ALSysIO - ok
17:51:28.0687 0x02d4  [ FF6F0F6A2D72065AE4300426FA414693, 124FEB2AFA0050D3418FB1E341FC8A5E8EE8D6EDEFE4A192BE948057CE5EB74E ] Amazon Download Agent C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
17:51:28.0703 0x02d4  Amazon Download Agent - ok
17:51:28.0750 0x02d4  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:51:28.0750 0x02d4  amdagp - ok
17:51:28.0765 0x02d4  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
17:51:28.0765 0x02d4  amsint - ok
17:51:28.0796 0x02d4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:51:28.0796 0x02d4  Apple Mobile Device - ok
17:51:28.0843 0x02d4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:51:28.0843 0x02d4  AppMgmt - ok
17:51:28.0859 0x02d4  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:51:28.0875 0x02d4  Arp1394 - ok
17:51:28.0875 0x02d4  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
17:51:28.0890 0x02d4  asc - ok
17:51:28.0906 0x02d4  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:51:28.0906 0x02d4  asc3350p - ok
17:51:28.0906 0x02d4  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:51:28.0921 0x02d4  asc3550 - ok
17:51:28.0937 0x02d4  [ 54AB078660E536DA72B21A27F56B035B, 41FA4D644EBC12AC8768D3D0EC12FF4E31FE0A7FE5E049432132710A1ED4E500 ] ASPI32          C:\WINDOWS\system32\drivers\ASPI32.sys
17:51:28.0937 0x02d4  ASPI32 - ok
17:51:29.0000 0x02d4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:51:29.0031 0x02d4  aspnet_state - ok
17:51:29.0062 0x02d4  [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
17:51:29.0062 0x02d4  aswHwid - ok
17:51:29.0093 0x02d4  [ D1AD7B24E80D34280B9D0463C881CF93, 98A6B8EFF9892272C33F2D6E4D50FFAD78BCB516182E6C8FC49B87C81E0A199C ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
17:51:29.0093 0x02d4  aswKbd - ok
17:51:29.0125 0x02d4  [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
17:51:29.0140 0x02d4  aswMonFlt - ok
17:51:29.0156 0x02d4  [ 7B948E3657BEA62E437BC46CA6EF6012, D518FEB29DBCC1406FFFAF7F618A4475B0A469D4C2714313859D7AD402283A5C ] aswNdis         C:\WINDOWS\system32\DRIVERS\aswNdis.sys
17:51:29.0156 0x02d4  aswNdis - ok
17:51:29.0171 0x02d4  [ 3FCCD675CE8BE8C720A9CF66B2282081, 1FDEA22A2AE0D16A56CA995F12D9BC9FEA94B8CF384163EB1366EB6213241EFC ] aswNdis2        C:\WINDOWS\system32\drivers\aswNdis2.sys
17:51:29.0187 0x02d4  aswNdis2 - ok
17:51:29.0203 0x02d4  [ 0926775B8C3B32EE99921CCB0F85378E, 21A46B124B3E9F2569030E2DF591858B85AA640DDBB5C994B5C00A1E78C9EF67 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
17:51:29.0203 0x02d4  aswRdr - ok
17:51:29.0218 0x02d4  [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
17:51:29.0218 0x02d4  aswRvrt - ok
17:51:29.0250 0x02d4  [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
17:51:29.0265 0x02d4  aswSnx - ok
17:51:29.0312 0x02d4  [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
17:51:29.0312 0x02d4  aswSP - ok
17:51:29.0328 0x02d4  [ 4C0ECF1AFA6992904814C74B99DD36F9, AA0D9BA7FE829888C636EC9D72E8E2D987A1C3FF092F95A38EC607CEE25A91F8 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
17:51:29.0328 0x02d4  aswTdi - ok
17:51:29.0343 0x02d4  [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
17:51:29.0359 0x02d4  aswVmm - ok
17:51:29.0359 0x02d4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:51:29.0359 0x02d4  AsyncMac - ok
17:51:29.0390 0x02d4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:51:29.0390 0x02d4  atapi - ok
17:51:29.0406 0x02d4  Atdisk - ok
17:51:29.0453 0x02d4  [ D0F5737FA2A52369199A78BCBCBF9CFE, 90FB1843CB961E4923A1832B6293ED172D706B26177E0123089D7BD04EAAB67F ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:51:29.0468 0x02d4  Ati HotKey Poller - ok
17:51:29.0703 0x02d4  [ ECECFB17F03E8C758C0F635D5EB9F5CB, EADB8055C7CC555F0B1E0CC957500146928C42ACA0D03E4602A0189AB35AB438 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:51:29.0875 0x02d4  ati2mtag - ok
17:51:29.0937 0x02d4  [ 924971A182E07463765EF9FA8876F24F, 62B849254390411AB33B2F0E209971970ADDD95D176803ADD9AFD19C493B3228 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
17:51:29.0937 0x02d4  AtiHDAudioService - ok
17:51:29.0953 0x02d4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:51:29.0968 0x02d4  Atmarpc - ok
17:51:30.0000 0x02d4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:51:30.0015 0x02d4  AudioSrv - ok
17:51:30.0015 0x02d4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:51:30.0031 0x02d4  audstub - ok
17:51:30.0078 0x02d4  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:51:30.0078 0x02d4  avast! Antivirus - ok
17:51:30.0125 0x02d4  [ D25195B0A2075862E988B85161DF07FD, 4CF120D958EBD5F9F1785B5576F5E37A7F508E5694C43E8336310F2B7A278A77 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
17:51:30.0125 0x02d4  avast! Firewall - ok
17:51:30.0140 0x02d4  [ F8E6956A614F15A0860474C5E2A7DE6B, A745F2AA8F9F90AC7FC63D4DD1CD93070050405026AE4ECBDB9C8754A23C569C ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
17:51:30.0156 0x02d4  Avc - ok
17:51:30.0171 0x02d4  [ 5D7BE7B19E827125E016325334E58FF1, 76AE80C91BF53DF4EE18C92D47EDC6541C2013E3669278166079D1A4A24F9FB6 ] BANTExt         C:\WINDOWS\System32\Drivers\BANTExt.sys
17:51:30.0171 0x02d4  BANTExt - ok
17:51:30.0218 0x02d4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:51:30.0218 0x02d4  Beep - ok
17:51:30.0250 0x02d4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:51:30.0437 0x02d4  BITS - ok
17:51:30.0468 0x02d4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:51:30.0484 0x02d4  Bonjour Service - ok
17:51:30.0500 0x02d4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
17:51:30.0515 0x02d4  Browser - ok
17:51:30.0515 0x02d4  bvrp_pci - ok
17:51:30.0546 0x02d4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:51:30.0546 0x02d4  cbidf - ok
17:51:30.0546 0x02d4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:51:30.0546 0x02d4  cbidf2k - ok
17:51:30.0578 0x02d4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:51:30.0593 0x02d4  CCDECODE - ok
17:51:30.0609 0x02d4  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:51:30.0609 0x02d4  cd20xrnt - ok
17:51:30.0625 0x02d4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:51:30.0640 0x02d4  Cdaudio - ok
17:51:30.0687 0x02d4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:51:30.0703 0x02d4  Cdfs - ok
17:51:30.0703 0x02d4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:51:30.0703 0x02d4  Cdrom - ok
17:51:30.0718 0x02d4  Changer - ok
17:51:30.0734 0x02d4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:51:30.0734 0x02d4  CiSvc - ok
17:51:30.0750 0x02d4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:51:30.0750 0x02d4  ClipSrv - ok
17:51:30.0843 0x02d4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:30.0906 0x02d4  clr_optimization_v2.0.50727_32 - ok
17:51:30.0921 0x02d4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:30.0968 0x02d4  clr_optimization_v4.0.30319_32 - ok
17:51:31.0000 0x02d4  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:51:31.0000 0x02d4  CmdIde - ok
17:51:31.0031 0x02d4  [ 1EF05B641E9A67DED74AC8AD40055DBF, A27C22D785BBD3A92D686CD6C7BE6992A6BC0EE4F832F4934D11E2D2263421FF ] COMMONFX.DLL    C:\WINDOWS\system32\COMMONFX.DLL
17:51:31.0031 0x02d4  COMMONFX.DLL - ok
17:51:31.0031 0x02d4  COMSysApp - ok
17:51:31.0062 0x02d4  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:51:31.0062 0x02d4  Cpqarray - ok
17:51:31.0109 0x02d4  [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
17:51:31.0109 0x02d4  cpudrv - ok
17:51:31.0156 0x02d4  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
17:51:31.0156 0x02d4  Creative Service for CDROM Access - ok
17:51:31.0156 0x02d4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:51:31.0171 0x02d4  CryptSvc - ok
17:51:31.0203 0x02d4  [ 6191A973461852A09D643609E1D5F7C6, 66D731C335B8A6CA225B8B5CCB4B89B1920928322E2483D4CAF2CF250606A917 ] CT20XUT.DLL     C:\WINDOWS\system32\CT20XUT.DLL
17:51:31.0203 0x02d4  CT20XUT.DLL - ok
17:51:31.0265 0x02d4  [ 8AC5F77E30E37D2D11BD99EFF0C53D8C, 0A10560ED02CF1760506241ABFC7BB10C39516D1373C8991BFBF956C1C1FE5E0 ] ctac32k         C:\WINDOWS\system32\drivers\ctac32k.sys
17:51:31.0281 0x02d4  ctac32k - ok
17:51:31.0312 0x02d4  [ 673241D314E932F4890509AE8EBF26DB, C739993F99F2BABFF831CA116A683C2C452F834DFC61B3850063FF41E7BE71EC ] ctaud2k         C:\WINDOWS\system32\drivers\ctaud2k.sys
17:51:31.0328 0x02d4  ctaud2k - ok
17:51:31.0359 0x02d4  [ 472B82D7E549E7FAB428852E4D16F21D, D79E9806ABDA55185337469FB612012913B5D9F5213F9C10F448F2AD6BACA2A2 ] CTAUDFX.DLL     C:\WINDOWS\system32\CTAUDFX.DLL
17:51:31.0375 0x02d4  CTAUDFX.DLL - ok
17:51:31.0421 0x02d4  [ ED316D4C3D39C5B6C23DE067E275C183, 9CF974809CAA573407D30D838EC339F6BCD9A164464A764EE473C82F43AF84B2 ] ctdvda2k        C:\WINDOWS\system32\drivers\ctdvda2k.sys
17:51:31.0437 0x02d4  ctdvda2k - ok
17:51:31.0468 0x02d4  [ 6A57F82009563AEE8826F117E1D3C72C, C1D8E5AF7571B01C039B431862F5937F1315996D8039F48780E856F7640A99D1 ] CTEAPSFX.DLL    C:\WINDOWS\system32\CTEAPSFX.DLL
17:51:31.0468 0x02d4  CTEAPSFX.DLL - ok
17:51:31.0500 0x02d4  [ C8AC1FFAEADD655193D7B1811A572D8D, 708A16A6A642F5A21FDFA478964B4D428ACA329CBE6308BAB3759B5C058955E2 ] CTEDSPFX.DLL    C:\WINDOWS\system32\CTEDSPFX.DLL
17:51:31.0515 0x02d4  CTEDSPFX.DLL - ok
17:51:31.0531 0x02d4  [ 44495D9DAF675257D00B25B041EE6667, 23123D90B9C6E42FE3871D0F417A413BC5515543B9F380D158D523806E29401B ] CTEDSPIO.DLL    C:\WINDOWS\system32\CTEDSPIO.DLL
17:51:31.0531 0x02d4  CTEDSPIO.DLL - ok
17:51:31.0562 0x02d4  [ 8E90B1762CB42E2FC76DAC9210C83C66, 3F9FABCC92F10234D86E75B5FBC97096FF5EF49694B20B8A425F063C03368F86 ] CTEDSPSY.DLL    C:\WINDOWS\system32\CTEDSPSY.DLL
17:51:31.0578 0x02d4  CTEDSPSY.DLL - ok
17:51:31.0593 0x02d4  [ D3FBD9983325435B06795F29CB57ED3D, 61649EC01E15F9D3A91428FB4150C5441F9C568A04C3389F1E7A2F4217B938C0 ] CTERFXFX.DLL    C:\WINDOWS\system32\CTERFXFX.DLL
17:51:31.0593 0x02d4  CTERFXFX.DLL - ok
17:51:31.0640 0x02d4  [ 2C48E9D8CA703964463F27AE341115B7, 7EB81214200A4ED6BFAFC7F1CC70353F136BEF8CA55953EF554C73FD78357885 ] CTEXFIFX.DLL    C:\WINDOWS\system32\CTEXFIFX.DLL
17:51:31.0703 0x02d4  CTEXFIFX.DLL - ok
17:51:31.0734 0x02d4  [ F7657C598E7C29C6683C1E4A8DD68884, 84EA9946F00141A839C42FE19DB9B3A589433E472D26D6126D084B7F217B2642 ] CTHWIUT.DLL     C:\WINDOWS\system32\CTHWIUT.DLL
17:51:31.0750 0x02d4  CTHWIUT.DLL - ok
17:51:31.0750 0x02d4  [ 34E7F8A499FD8361DF14FEDB724C0AD3, 57AB7DEA85308FF262B9E566C1F1B00D984E2558F4461E1AF8FE7C4D56876E77 ] ctprxy2k        C:\WINDOWS\system32\drivers\ctprxy2k.sys
17:51:31.0750 0x02d4  ctprxy2k - ok
17:51:31.0781 0x02d4  [ 679AE21EB7F48A08184813AEBABDEC7C, 48551B1D9263F92FCAB3110ADDAE79D646391140281577E60175D3BF74CE7F24 ] CTSBLFX.DLL     C:\WINDOWS\system32\CTSBLFX.DLL
17:51:31.0796 0x02d4  CTSBLFX.DLL - ok
17:51:31.0843 0x02d4  [ 32098497CB4DFE9EA7660FA62DD91060, 4C5B942AE1EDB1444FDE074A8889074003D343B013BEE28D3AE450BAA4C89D65 ] ctsfm2k         C:\WINDOWS\system32\drivers\ctsfm2k.sys
17:51:31.0843 0x02d4  ctsfm2k - ok
17:51:31.0859 0x02d4  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:51:31.0859 0x02d4  dac2w2k - ok
17:51:31.0890 0x02d4  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:51:31.0890 0x02d4  dac960nt - ok
17:51:31.0921 0x02d4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:51:31.0937 0x02d4  DcomLaunch - ok
17:51:32.0000 0x02d4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:51:32.0000 0x02d4  Dhcp - ok
17:51:32.0031 0x02d4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:51:32.0031 0x02d4  Disk - ok
17:51:32.0046 0x02d4  dmadmin - ok
17:51:32.0093 0x02d4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:51:32.0140 0x02d4  dmboot - ok
17:51:32.0140 0x02d4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:51:32.0156 0x02d4  dmio - ok
17:51:32.0171 0x02d4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:51:32.0171 0x02d4  dmload - ok
17:51:32.0187 0x02d4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:51:32.0203 0x02d4  dmserver - ok
17:51:32.0234 0x02d4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:51:32.0234 0x02d4  DMusic - ok
17:51:32.0281 0x02d4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:51:32.0281 0x02d4  Dnscache - ok
17:51:32.0328 0x02d4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:51:32.0328 0x02d4  Dot3svc - ok
17:51:32.0343 0x02d4  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:51:32.0343 0x02d4  dpti2o - ok
17:51:32.0375 0x02d4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:51:32.0375 0x02d4  drmkaud - ok
17:51:32.0390 0x02d4  [ 96BC8F872F0270C10EDC3931F1C03776, B2F835ED8E029F3F5DCE9C5F95C7DCBD3CAB4EC6006794E6D14DB0D71F22EA05 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
17:51:32.0390 0x02d4  drvmcdb - ok
17:51:32.0406 0x02d4  [ 5AFBEC7A6AC61B211633DFDB1D9E0C89, 0259139695FC681A8E70178A58BD7833168B6C83BB3DD650F566A445AA528C2E ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
17:51:32.0406 0x02d4  drvnddm - ok
17:51:32.0437 0x02d4  [ 34FA4A31518E43FCB7AAD7995A8FF559, D032D15ABF7DA41616F97B2017273CA41E1D2CBA6E17E33346857D0DF51B139B ] DVDAccss        C:\WINDOWS\system32\drivers\DVDAccss.sys
17:51:32.0437 0x02d4  DVDAccss - ok
17:51:32.0484 0x02d4  [ D57A8FC800B501AC05B10D00F66D127A, 8C24A30710582EEA8CC984B8B5B865F32042496916718395973BA61A1C0E67F3 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:51:32.0484 0x02d4  E100B - ok
17:51:32.0515 0x02d4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:51:32.0531 0x02d4  EapHost - ok
17:51:32.0593 0x02d4  [ 95D859F8B4DA8E1871FF4381FF974AAD, 8C195D0C2510A2EF9C1B014C0C41E0CDC8794BE72432584FB76E4E469323A90F ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
17:51:32.0609 0x02d4  ehRecvr - ok
17:51:32.0640 0x02d4  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
17:51:32.0640 0x02d4  ehSched - ok
17:51:32.0703 0x02d4  [ 2885F72D2DAFFD0329272F12E16D6579, 2F847799C692419F2A4EBF97272ECB5F99FD5AB6172A2F4BE2655442CA6360B2 ] emupia          C:\WINDOWS\system32\drivers\emupia2k.sys
17:51:32.0703 0x02d4  emupia - ok
17:51:32.0750 0x02d4  [ FD9FC82F134B1C91004FFC76A5AE494B, 76CF65ED91D4719CD5620479E492259224715FC67E3CD9AA11E5DD0D7FB65A45 ] ENTECH          C:\WINDOWS\system32\DRIVERS\ENTECH.sys
17:51:32.0750 0x02d4  ENTECH - ok
17:51:32.0765 0x02d4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:51:32.0765 0x02d4  ERSvc - ok
17:51:32.0796 0x02d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
17:51:32.0812 0x02d4  Eventlog - ok
17:51:32.0875 0x02d4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
17:51:32.0890 0x02d4  EventSystem - ok
17:51:32.0937 0x02d4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:51:32.0937 0x02d4  Fastfat - ok
17:51:32.0968 0x02d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:51:32.0984 0x02d4  FastUserSwitchingCompatibility - ok
17:51:33.0031 0x02d4  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:51:33.0046 0x02d4  Fax - ok
17:51:33.0062 0x02d4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
17:51:33.0062 0x02d4  Fdc - ok
17:51:33.0093 0x02d4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:51:33.0093 0x02d4  Fips - ok
17:51:33.0171 0x02d4  [ 2D4D2F5D46AEAED2DD0176595BA507CA, 654D2CC9DEDCABE7C7A2CBDA4431DB221943DC4636C661B824C40963309C0891 ] Fitbit Connect  C:\Program Files\Fitbit Connect\FitbitConnectService.exe
17:51:33.0218 0x02d4  Fitbit Connect - ok
17:51:33.0250 0x02d4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:51:33.0250 0x02d4  Flpydisk - ok
17:51:33.0281 0x02d4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:51:33.0281 0x02d4  FltMgr - ok
17:51:33.0359 0x02d4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:51:33.0359 0x02d4  FontCache3.0.0.0 - ok
17:51:33.0375 0x02d4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:51:33.0375 0x02d4  Fs_Rec - ok
17:51:33.0406 0x02d4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:51:33.0421 0x02d4  Ftdisk - ok
17:51:33.0437 0x02d4  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:51:33.0453 0x02d4  gameenum - ok
17:51:33.0562 0x02d4  [ E49C66240C7043A805B5C83A6FD6BEB0, C3FA9B6D94B76AA6AF7A6F600E9FBC6BFC2851A88026CA27C225E59DB59B5294 ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
17:51:33.0578 0x02d4  Garmin Core Update Service - ok
17:51:33.0609 0x02d4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:51:33.0609 0x02d4  GEARAspiWDM - ok
17:51:33.0640 0x02d4  [ 3EE179E233EE2B87047570B233D3284F, EF82CDC0AFE3B94E6A7B760EA6230DEACFCD436FF1C5E29C1F1A20A92AB6746E ] getPlusHelper   C:\Program Files\NOS\bin\getPlus_Helper.dll
17:51:33.0656 0x02d4  getPlusHelper - ok
17:51:33.0687 0x02d4  [ AA5E8C8C572D0E85467C783BAA2AFB6A, 60F28C8359B0D9DC34A753BF97586FEF16EE30D29BBBED706C6482FE7A8D4F8B ] GKUPRO2D        C:\WINDOWS\system32\DRIVERS\GKUPRO2D.sys
17:51:33.0687 0x02d4  GKUPRO2D - ok
17:51:33.0718 0x02d4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:51:33.0718 0x02d4  Gpc - ok
17:51:33.0796 0x02d4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:51:33.0796 0x02d4  gupdate - ok
17:51:33.0812 0x02d4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:51:33.0812 0x02d4  gupdatem - ok
17:51:33.0890 0x02d4  [ DA2C735B66D2E7B739F9A46146581A9D, 6687721ED7EB80092B165F3E4FD08425CE74BFC39F4AA0B2A6144007B8992AB1 ] ha10kx2k        C:\WINDOWS\system32\drivers\ha10kx2k.sys
17:51:33.0906 0x02d4  ha10kx2k - ok
17:51:33.0937 0x02d4  [ 5C7D6D68796E4621B4168C879908DAE0, EE2FE26A2FBA7CC6935DA08C5D212C08ABF48C6C6E06CFDF408B49589BA501F7 ] hap16v2k        C:\WINDOWS\system32\drivers\hap16v2k.sys
17:51:33.0953 0x02d4  hap16v2k - ok
17:51:33.0968 0x02d4  [ A595B88AD16D8B5693DDF08113CAF30E, B46ECF3C26065374593C87A3CE305FACEB5B5B4B0F994C7895F25332703E8FC2 ] hap17v2k        C:\WINDOWS\system32\drivers\hap17v2k.sys
17:51:33.0984 0x02d4  hap17v2k - ok
17:51:34.0000 0x02d4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:51:34.0015 0x02d4  HDAudBus - ok
17:51:34.0093 0x02d4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:51:34.0093 0x02d4  helpsvc - ok
17:51:34.0140 0x02d4  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
17:51:34.0140 0x02d4  HidServ - ok
17:51:34.0156 0x02d4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:51:34.0156 0x02d4  HidUsb - ok
17:51:34.0187 0x02d4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:51:34.0203 0x02d4  hkmsvc - ok
17:51:34.0218 0x02d4  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
17:51:34.0218 0x02d4  hpn - ok
17:51:34.0328 0x02d4  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:51:34.0328 0x02d4  hpqcxs08 - ok
17:51:34.0375 0x02d4  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:51:34.0375 0x02d4  hpqddsvc - ok
17:51:34.0421 0x02d4  [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
17:51:34.0453 0x02d4  HPSLPSVC - ok
17:51:34.0562 0x02d4  [ 4DB356DF142BAD89A5F9E798B2A01E01, F6D43410524ACB391FAA37D7B913775CA33E08F7B75C4621607BB62B812D99C5 ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
17:51:34.0562 0x02d4  HPSupportSolutionsFrameworkService - ok
17:51:34.0625 0x02d4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:51:34.0640 0x02d4  HTTP - ok
17:51:34.0687 0x02d4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:51:34.0703 0x02d4  HTTPFilter - ok
17:51:34.0750 0x02d4  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
17:51:34.0750 0x02d4  i2omgmt - ok
17:51:34.0781 0x02d4  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:51:34.0781 0x02d4  i2omp - ok
17:51:34.0796 0x02d4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:51:34.0796 0x02d4  i8042prt - ok
17:51:34.0843 0x02d4  [ 5400C14134E7D6A0069C46FEBCB2DDDF, 769A305DC3F29295EBE8B8E6A08F4B8DE72683037BE79D539B3A768F2251D69F ] IAANTMon        C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
17:51:34.0843 0x02d4  IAANTMon - ok
17:51:34.0921 0x02d4  [ D593517879E65167DF35F6015814AC59, 26A61B7CB147DC817AC8601E531036A536016700A5560FC45B68F1DF672F9CF2 ] iastor          C:\WINDOWS\system32\drivers\iastor.sys
17:51:34.0953 0x02d4  iastor - ok
17:51:35.0046 0x02d4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:51:35.0062 0x02d4  IDriverT - ok
17:51:35.0203 0x02d4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:51:35.0234 0x02d4  idsvc - ok
17:51:35.0250 0x02d4  [ 0A7C49B48C772591A2D362DAA00246C8, 0A6404D14C9DF95BBCBAEB7304F188BB6968E5E8E6A678D6D766EC6C6275FB1C ] imagedrv        C:\WINDOWS\system32\Drivers\imagedrv.sys
17:51:35.0265 0x02d4  imagedrv - ok
17:51:35.0281 0x02d4  [ 549BA4F539E7B8D8129500B96DD7B27A, F474C33919282CBE565E4E0D8568D919F5AAD5801B40A1AC557288E0CFE59BA1 ] imagesrv        C:\WINDOWS\system32\DRIVERS\imagesrv.sys
17:51:35.0281 0x02d4  imagesrv - ok
17:51:35.0312 0x02d4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:51:35.0328 0x02d4  Imapi - ok
17:51:35.0375 0x02d4  [ 1ACAD13923E467E473C3EC503223F983, 2620AFA5B7EF20E8AAFE4B8788CC22583C220A3F09E48772B1001C508050DAC2 ] Imapi Helper    C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
17:51:35.0375 0x02d4  Imapi Helper - ok
17:51:35.0406 0x02d4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:51:35.0421 0x02d4  ImapiService - ok
17:51:35.0484 0x02d4  [ 17AA2583BD7408E3A162CF68206143DE, 0666B83ABB4FD179625A4102826A5D2361B6C80A0522380C89A2F98817D05800 ] InCDfs          C:\WINDOWS\system32\drivers\InCDfs.sys
17:51:35.0484 0x02d4  InCDfs - ok
17:51:35.0500 0x02d4  [ 53E05BDD206698DBCB46F413996B224C, 5DEDA8C77CA8E4BDDA3F9C4CE9367D6777E63C40D52AC3575839D5319A5AA5D8 ] InCDPass        C:\WINDOWS\system32\DRIVERS\InCDPass.sys
17:51:35.0500 0x02d4  InCDPass - ok
17:51:35.0515 0x02d4  [ F92E322DC5B6F1B009763791026BB2E2, 4F6492F285B08F097E55233CCAB88FDB756C4BEEE7EBEE572942BA20E62DB85A ] InCDrec         C:\WINDOWS\system32\drivers\InCDrec.sys
17:51:35.0515 0x02d4  InCDrec - ok
17:51:35.0546 0x02d4  [ 3A47DF588A3E3701D85B3C3C021FA8C1, 28A294C5323C361E305458109867BAA8CAFE9218C167B40C51A3F44F486B8426 ] incdrm          C:\WINDOWS\system32\drivers\incdrm.sys
17:51:35.0546 0x02d4  incdrm - ok
17:51:35.0562 0x02d4  InCDsrvR - ok
17:51:35.0609 0x02d4  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:51:35.0609 0x02d4  ini910u - ok
17:51:35.0718 0x02d4  [ FCAB28FFD3A8964581E16455EFAF81C8, 8A9BC70A782735F18B0DA0C32FB47AAF28300EB2A764D7E037DF23756D7A357B ] IntelC51        C:\WINDOWS\system32\DRIVERS\IntelC51.sys
17:51:35.0781 0x02d4  IntelC51 - ok
17:51:35.0828 0x02d4  [ A288E7E3A6255255B9066686D860FBC5, 350AE67DF68958039A329F92F6437850C722F2F714F84222BE9447C9ABBC1B74 ] IntelC52        C:\WINDOWS\system32\DRIVERS\IntelC52.sys
17:51:35.0859 0x02d4  IntelC52 - ok
17:51:35.0890 0x02d4  [ D5E5A1ABF6BDBA7CA49941A044F04598, 61BF5B04D7E9DED7895BCD9DA126DB57E8045D2914D7E6326DDE1E3D4C976BC1 ] IntelC53        C:\WINDOWS\system32\DRIVERS\IntelC53.sys
17:51:35.0890 0x02d4  IntelC53 - ok
17:51:35.0921 0x02d4  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
17:51:35.0921 0x02d4  IntelIde - ok
17:51:35.0968 0x02d4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:51:35.0968 0x02d4  intelppm - ok
17:51:36.0000 0x02d4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
17:51:36.0000 0x02d4  Ip6Fw - ok
17:51:36.0046 0x02d4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:51:36.0046 0x02d4  IpFilterDriver - ok
17:51:36.0078 0x02d4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:51:36.0078 0x02d4  IpInIp - ok
17:51:36.0125 0x02d4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:51:36.0140 0x02d4  IpNat - ok
17:51:36.0203 0x02d4  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:51:36.0234 0x02d4  iPod Service - ok
17:51:36.0250 0x02d4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:51:36.0250 0x02d4  IPSec - ok
17:51:36.0281 0x02d4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:51:36.0281 0x02d4  IRENUM - ok
17:51:36.0296 0x02d4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:51:36.0296 0x02d4  isapnp - ok
17:51:36.0343 0x02d4  [ C4D1E49A7D853A6FDFE8EC2906AE5AAA, 61B1CA204080134AB94C81A1ED6C0B2DC47BC31767DAB1BE106F11D8776DC7D3 ] Jukebox3        C:\WINDOWS\system32\DRIVERS\ctpdusb.sys
17:51:36.0343 0x02d4  Jukebox3 - ok
17:51:36.0375 0x02d4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:51:36.0375 0x02d4  Kbdclass - ok
17:51:36.0375 0x02d4  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:51:36.0390 0x02d4  kbdhid - ok
17:51:36.0406 0x02d4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:51:36.0421 0x02d4  kmixer - ok
17:51:36.0437 0x02d4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:51:36.0453 0x02d4  KSecDD - ok
17:51:36.0484 0x02d4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:51:36.0515 0x02d4  lanmanserver - ok
17:51:36.0531 0x02d4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:51:36.0562 0x02d4  lanmanworkstation - ok
17:51:36.0578 0x02d4  [ 8ABFD7FB22CBE8D6066EEE2CF352B0BB, 5821C5F1B32538783F798E0766EF0EB3E00CCB70E118A3779F0DAD3839E5880F ] LBeepKE         C:\WINDOWS\system32\Drivers\LBeepKE.sys
17:51:36.0578 0x02d4  LBeepKE - ok
17:51:36.0593 0x02d4  lbrtfdc - ok
17:51:36.0640 0x02d4  [ 5CF3787D3109D8B7C0A68BDDE0F351E2, 6E942199C4B74E910B706876493E16D1C3487102CC480E8639401A34FB941D88 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:51:36.0656 0x02d4  LBTServ - ok
17:51:36.0703 0x02d4  [ FB5E7A5C86C0B58AA155487B141B8457, EA215398C77AEC351CF141ADD6DC93B7E9FC2A3D5FAB22DBC39ECA720B2FFA45 ] LCcfltr         C:\WINDOWS\system32\Drivers\LCcFltr.Sys
17:51:36.0703 0x02d4  LCcfltr - ok
17:51:36.0734 0x02d4  [ 6FD6EE66E95A6539B35E42A3938FFB41, DCC9B6D6C5EE43B9875386FECB2BADF34899EBDC4B180E3C02FD3F075628814E ] LEqdUsb         C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
17:51:36.0765 0x02d4  LEqdUsb - ok
17:51:36.0781 0x02d4  [ 06E86870F3370B1D64882D950FC00B1A, 19E96F05748FE69EA40DF5286733B15BDEA3F2C04812D8853D70AB08DAB97BFA ] LHidEqd         C:\WINDOWS\system32\Drivers\LHidEqd.Sys
17:51:36.0781 0x02d4  LHidEqd - ok
17:51:36.0828 0x02d4  [ B9E077D03FCCD05A8829DC5E0653E60B, 4752C4D77D2E9FFE82F1151289A78EB238F434795655F392BC1B749A7B695B33 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:51:36.0828 0x02d4  LHidFilt - ok
17:51:36.0875 0x02d4  [ A8742865E15A57B426EFCC5FF744D6D3, CE080A9B492F312CFFBB87E27F565ED89419A14ACA512029F6A8803DB03E83D1 ] LHidUsb         C:\WINDOWS\system32\Drivers\LHidUsb.Sys
17:51:36.0875 0x02d4  LHidUsb - ok
17:51:36.0906 0x02d4  [ CB5D13966F74D7F000724A907F614193, 720374DE3C3E930B3C679DEF41A7073477F0C9C3156A0400F2F23672CCFCC981 ] libusb0         C:\WINDOWS\system32\DRIVERS\libusb0.sys
17:51:36.0921 0x02d4  libusb0 - ok
17:51:37.0031 0x02d4  [ FA149A9A6DDDCC222865077D07DD1C51, 4E70A024E4A2D5862425DD8A227EF0AE9B562099CDDC40FA7E15E19AA6CC8E47 ] LiveUpdateSvc   C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
17:51:37.0093 0x02d4  LiveUpdateSvc - ok
17:51:37.0125 0x02d4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:51:37.0140 0x02d4  LmHosts - ok
17:51:37.0203 0x02d4  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:51:37.0203 0x02d4  lmimirr - ok
17:51:37.0234 0x02d4  [ FBB88DD2236B263FF412AA7067BDFEE6, 8F6347B8CE4C5175208D45B60B04878886D955F90B37AFD33E414E795D68D8CC ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:51:37.0250 0x02d4  LMouFilt - ok
17:51:37.0265 0x02d4  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:51:37.0281 0x02d4  MBAMProtector - ok
17:51:37.0359 0x02d4  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
17:51:37.0421 0x02d4  MBAMScheduler - ok
17:51:37.0468 0x02d4  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
17:51:37.0500 0x02d4  MBAMService - ok
17:51:37.0562 0x02d4  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
17:51:37.0562 0x02d4  McrdSvc - ok
17:51:37.0562 0x02d4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:51:37.0578 0x02d4  Messenger - ok
17:51:37.0640 0x02d4  MFE_RR - ok
17:51:37.0656 0x02d4  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
17:51:37.0687 0x02d4  MHN - ok
17:51:37.0734 0x02d4  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
17:51:37.0734 0x02d4  MHNDRV - ok
17:51:37.0781 0x02d4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:51:37.0781 0x02d4  mnmdd - ok
17:51:37.0812 0x02d4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:51:37.0828 0x02d4  mnmsrvc - ok
17:51:37.0875 0x02d4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:51:37.0875 0x02d4  Modem - ok
17:51:37.0921 0x02d4  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:51:37.0921 0x02d4  MODEMCSA - ok
17:51:37.0984 0x02d4  [ C6A08C4F34B3048A73BBB2951150F98D, 1224299C9CBFAA9F7A4969890D32255E5C520415FA56B810B5A77D03FD16484F ] mohfilt         C:\WINDOWS\system32\DRIVERS\mohfilt.sys
17:51:37.0984 0x02d4  mohfilt - ok
17:51:38.0015 0x02d4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:51:38.0015 0x02d4  Mouclass - ok
17:51:38.0062 0x02d4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:51:38.0062 0x02d4  mouhid - ok
17:51:38.0078 0x02d4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:51:38.0093 0x02d4  MountMgr - ok
17:51:38.0203 0x02d4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:51:38.0203 0x02d4  MozillaMaintenance - ok
17:51:38.0218 0x02d4  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:51:38.0218 0x02d4  mraid35x - ok
17:51:38.0281 0x02d4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:51:38.0296 0x02d4  MRxDAV - ok
17:51:38.0343 0x02d4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:51:38.0359 0x02d4  MRxSmb - ok
17:51:38.0375 0x02d4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:51:38.0390 0x02d4  MSDTC - ok
17:51:38.0421 0x02d4  [ 1477849772712BAC69C144DCF2C9CE81, A74C2FF6F7EE5564E783C689534A5EC3D626F0277E9707A21E36980908836922 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
17:51:38.0437 0x02d4  MSDV - ok
17:51:38.0437 0x02d4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:51:38.0453 0x02d4  Msfs - ok
17:51:38.0453 0x02d4  MSIServer - ok
17:51:38.0468 0x02d4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:51:38.0468 0x02d4  MSKSSRV - ok
17:51:38.0500 0x02d4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:51:38.0515 0x02d4  MSPCLOCK - ok
17:51:38.0546 0x02d4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:51:38.0546 0x02d4  MSPQM - ok
17:51:38.0546 0x02d4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:51:38.0562 0x02d4  mssmbios - ok
17:51:38.0625 0x02d4  [ CB7524C21727404BD3140DCA32DEB7DE, 5B1F111FADC31CD1E6F0345E2F9F989D9E63D64C9F20EFEFAC7A86BD82B8484C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
17:51:38.0625 0x02d4  MSSQLServerADHelper - ok
17:51:38.0656 0x02d4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:51:38.0656 0x02d4  MSTEE - ok
17:51:38.0671 0x02d4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:51:38.0687 0x02d4  Mup - ok
17:51:38.0718 0x02d4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:51:38.0718 0x02d4  NABTSFEC - ok
17:51:38.0750 0x02d4  [ 9121D8FFFF773C66BBF4955E4F7AAC23, A852E41F27540CAD6C04BBDC749335ACF03A21D66645EA3E152317D91A306101 ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
17:51:38.0765 0x02d4  NAL - ok
17:51:38.0875 0x02d4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:51:38.0890 0x02d4  napagent - ok
17:51:38.0906 0x02d4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:51:38.0921 0x02d4  NDIS - ok
17:51:38.0937 0x02d4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:51:38.0953 0x02d4  NdisIP - ok
17:51:39.0000 0x02d4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:51:39.0015 0x02d4  NdisTapi - ok
17:51:39.0046 0x02d4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:51:39.0046 0x02d4  Ndisuio - ok
17:51:39.0078 0x02d4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:51:39.0093 0x02d4  NdisWan - ok
17:51:39.0109 0x02d4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:51:39.0109 0x02d4  NDProxy - ok
17:51:39.0140 0x02d4  [ 69C503C004F49AEE8B8E3067CC047BA7, 0E7A2FB0CC7669E6400EDA4D2220BBB1A85CF3D3529739DA5AE2C073FFA08313 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
17:51:39.0156 0x02d4  Net Driver HPZ12 - ok
17:51:39.0156 0x02d4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:51:39.0187 0x02d4  NetBIOS - ok
17:51:39.0218 0x02d4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:51:39.0234 0x02d4  NetBT - ok
17:51:39.0250 0x02d4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:51:39.0281 0x02d4  NetDDE - ok
17:51:39.0296 0x02d4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:51:39.0312 0x02d4  NetDDEdsdm - ok
17:51:39.0390 0x02d4  [ 9EDE64D82D222A1D7DCD109AC34C64D4, C6A3EA1A6DD48AEBEDB260CD976EF15E5319BD48C8099784CA0DA29CA002BFD2 ] NETGEARGenieDaemon C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
17:51:39.0390 0x02d4  NETGEARGenieDaemon - ok
17:51:39.0421 0x02d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:51:39.0437 0x02d4  Netlogon - ok
17:51:39.0453 0x02d4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
17:51:39.0468 0x02d4  Netman - ok
17:51:39.0546 0x02d4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:51:39.0578 0x02d4  NetTcpPortSharing - ok
17:51:39.0609 0x02d4  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:51:39.0609 0x02d4  NIC1394 - ok
17:51:39.0656 0x02d4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:51:39.0687 0x02d4  Nla - ok
17:51:39.0750 0x02d4  [ 431ADA51E9D032F533548688CE5A2A24, E2EDA7251C120CE198854F488C7F0A79F64C8CFB891A97EE1EBA9442D1F2914B ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
17:51:39.0750 0x02d4  nosGetPlusHelper - ok
17:51:39.0781 0x02d4  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
17:51:39.0781 0x02d4  NPF - ok
17:51:39.0781 0x02d4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:51:39.0796 0x02d4  Npfs - ok
17:51:39.0812 0x02d4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:51:39.0843 0x02d4  Ntfs - ok
17:51:39.0843 0x02d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:51:39.0859 0x02d4  NtLmSsp - ok
17:51:39.0890 0x02d4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:51:39.0921 0x02d4  NtmsSvc - ok
17:51:39.0953 0x02d4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:51:39.0953 0x02d4  Null - ok
17:51:40.0046 0x02d4  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:51:40.0109 0x02d4  nv - ok
17:51:40.0140 0x02d4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:51:40.0140 0x02d4  NwlnkFlt - ok
17:51:40.0156 0x02d4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:51:40.0171 0x02d4  NwlnkFwd - ok
17:51:40.0187 0x02d4  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:51:40.0187 0x02d4  ohci1394 - ok
17:51:40.0203 0x02d4  [ 53D5F1278D9EDB21689BBBCECC09108D, 561E1662B13E6F4DFE151267E351552CE340AC0D4BF74E31C4CACAD44BB2EBFA ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
17:51:40.0203 0x02d4  omci - ok
17:51:40.0250 0x02d4  [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF, 5593350B3856FAB6895388BDD6CF280C3DA4528EE31AC2A01FEDF236A8B7ED41 ] ossrv           C:\WINDOWS\system32\drivers\ctoss2k.sys
17:51:40.0250 0x02d4  ossrv - ok
17:51:40.0265 0x02d4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:51:40.0281 0x02d4  Parport - ok
17:51:40.0296 0x02d4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:51:40.0296 0x02d4  PartMgr - ok
17:51:40.0312 0x02d4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:51:40.0328 0x02d4  ParVdm - ok
17:51:40.0328 0x02d4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:51:40.0343 0x02d4  PCI - ok
17:51:40.0343 0x02d4  PCIDump - ok
17:51:40.0359 0x02d4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:51:40.0359 0x02d4  PCIIde - ok
17:51:40.0375 0x02d4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:51:40.0390 0x02d4  Pcmcia - ok
17:51:40.0390 0x02d4  PDCOMP - ok
17:51:40.0406 0x02d4  PDFRAME - ok
17:51:40.0406 0x02d4  PDRELI - ok
17:51:40.0421 0x02d4  PDRFRAME - ok
17:51:40.0437 0x02d4  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
17:51:40.0437 0x02d4  perc2 - ok
17:51:40.0468 0x02d4  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:51:40.0468 0x02d4  perc2hib - ok
17:51:40.0515 0x02d4  [ 6C1618A07B49E3873582B6449E744088, 4C56C042830E0E3A7EE15E6C074D788AE2D6EF2D0901DC1497DA8C4E5D867839 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
17:51:40.0515 0x02d4  pfc - ok
17:51:40.0531 0x02d4  [ 6DABB70783EF470492ADB7B9A6E60BF3, D68E4B23DD82D830E85F76B6744CC7CF13C6CBF596F0A597FE7FD6621FB9D932 ] PfModNT         C:\WINDOWS\system32\drivers\PfModNT.sys
17:51:40.0546 0x02d4  PfModNT - ok
17:51:40.0562 0x02d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:51:40.0578 0x02d4  PlugPlay - ok
17:51:40.0625 0x02d4  [ 12B4549D515CB26BB8D375038017CA65, B09ED2BED994D2B04862BBF62EF56F110235D3489D3B1762432F22A3A8F97BB8 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
17:51:40.0625 0x02d4  Pml Driver HPZ12 - ok
17:51:40.0640 0x02d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:51:40.0640 0x02d4  PolicyAgent - ok
17:51:40.0671 0x02d4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:51:40.0687 0x02d4  PptpMiniport - ok
17:51:40.0687 0x02d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:51:40.0703 0x02d4  ProtectedStorage - ok
17:51:40.0703 0x02d4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:51:40.0718 0x02d4  PSched - ok
17:51:40.0718 0x02d4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:51:40.0718 0x02d4  Ptilink - ok
17:51:40.0734 0x02d4  [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1, 3AC8A3AD4DD23B57B1CF12CD692003B4C8F76358F26246C565DDADDD88B1D39A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:51:40.0734 0x02d4  PxHelp20 - ok
17:51:40.0765 0x02d4  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:51:40.0765 0x02d4  ql1080 - ok
17:51:40.0781 0x02d4  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:51:40.0796 0x02d4  Ql10wnt - ok
17:51:40.0796 0x02d4  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:51:40.0812 0x02d4  ql12160 - ok
17:51:40.0828 0x02d4  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:51:40.0828 0x02d4  ql1240 - ok
17:51:40.0843 0x02d4  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:51:40.0843 0x02d4  ql1280 - ok
17:51:40.0859 0x02d4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:51:40.0859 0x02d4  RasAcd - ok
17:51:40.0890 0x02d4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:51:40.0906 0x02d4  RasAuto - ok
17:51:40.0921 0x02d4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:51:40.0921 0x02d4  Rasl2tp - ok
17:51:40.0953 0x02d4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:51:40.0984 0x02d4  RasMan - ok
17:51:41.0000 0x02d4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:51:41.0000 0x02d4  RasPppoe - ok
17:51:41.0000 0x02d4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:51:41.0015 0x02d4  Raspti - ok
17:51:41.0015 0x02d4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:51:41.0031 0x02d4  Rdbss - ok
17:51:41.0031 0x02d4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:51:41.0046 0x02d4  RDPCDD - ok
17:51:41.0062 0x02d4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:51:41.0062 0x02d4  rdpdr - ok
17:51:41.0109 0x02d4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:51:41.0125 0x02d4  RDPWD - ok
17:51:41.0156 0x02d4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:51:41.0187 0x02d4  RDSessMgr - ok
17:51:41.0203 0x02d4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:51:41.0203 0x02d4  redbook - ok
17:51:41.0234 0x02d4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:51:41.0250 0x02d4  RemoteAccess - ok
17:51:41.0265 0x02d4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:51:41.0281 0x02d4  RemoteRegistry - ok
17:51:41.0296 0x02d4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:51:41.0312 0x02d4  RpcLocator - ok
17:51:41.0343 0x02d4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:51:41.0359 0x02d4  RpcSs - ok
17:51:41.0390 0x02d4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:51:41.0421 0x02d4  RSVP - ok
17:51:41.0437 0x02d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:51:41.0437 0x02d4  SamSs - ok
17:51:41.0500 0x02d4  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:51:41.0500 0x02d4  SASDIFSV - ok
17:51:41.0515 0x02d4  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:51:41.0515 0x02d4  SASKUTIL - ok
17:51:41.0531 0x02d4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:51:41.0546 0x02d4  SCardSvr - ok
17:51:41.0593 0x02d4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:51:41.0609 0x02d4  Schedule - ok
17:51:41.0734 0x02d4  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
17:51:41.0765 0x02d4  SDScannerService - ok
17:51:41.0859 0x02d4  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:51:41.0906 0x02d4  SDUpdateService - ok
17:51:41.0937 0x02d4  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:51:41.0937 0x02d4  SDWSCService - ok
17:51:41.0968 0x02d4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:51:41.0968 0x02d4  Secdrv - ok
17:51:42.0000 0x02d4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:51:42.0015 0x02d4  seclogon - ok
17:51:42.0062 0x02d4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
17:51:42.0078 0x02d4  SENS - ok
17:51:42.0109 0x02d4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:51:42.0125 0x02d4  serenum - ok
17:51:42.0125 0x02d4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:51:42.0140 0x02d4  Serial - ok
17:51:42.0171 0x02d4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:51:42.0171 0x02d4  Sfloppy - ok
17:51:42.0234 0x02d4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:51:42.0250 0x02d4  SharedAccess - ok
17:51:42.0296 0x02d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:51:42.0312 0x02d4  ShellHWDetection - ok
17:51:42.0312 0x02d4  Simbad - ok
17:51:42.0343 0x02d4  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:51:42.0343 0x02d4  sisagp - ok
17:51:42.0375 0x02d4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:51:42.0375 0x02d4  SLIP - ok
17:51:42.0421 0x02d4  [ 98B44C15B4EED76AA8DCCB64A4CA11AF, 5E42725C849FD0BBA6BAFD008F7DB9093505C5EF7584BBBD6240B3777FEC4D93 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
17:51:42.0421 0x02d4  snapman - ok
17:51:42.0468 0x02d4  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:51:42.0468 0x02d4  Sparrow - ok
17:51:42.0484 0x02d4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:51:42.0484 0x02d4  splitter - ok
17:51:42.0500 0x02d4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:51:42.0515 0x02d4  Spooler - ok
17:51:42.0531 0x02d4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:51:42.0531 0x02d4  sr - ok
17:51:42.0546 0x02d4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:51:42.0562 0x02d4  srservice - ok
17:51:42.0578 0x02d4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:51:42.0593 0x02d4  Srv - ok
17:51:42.0609 0x02d4  [ 98625722AD52B40305E74AAA83C93086, 1A022CE84C1F3522C15A23885B3154CB0477512F4E4C95C89BEDB61B3F76B9DF ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:51:42.0609 0x02d4  sscdbhk5 - ok
17:51:42.0625 0x02d4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:51:42.0640 0x02d4  SSDPSRV - ok
17:51:42.0656 0x02d4  [ D79412E3942C8A257253487536D5A994, 09A5AB33E4EB49006FD22CCC2535BB8052E8FB617DB842B1F6A0F0B4D520FAF2 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
17:51:42.0656 0x02d4  ssrtln - ok
17:51:42.0687 0x02d4  [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
17:51:42.0687 0x02d4  StillCam - ok
17:51:42.0718 0x02d4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:51:42.0750 0x02d4  stisvc - ok
17:51:42.0781 0x02d4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:51:42.0781 0x02d4  streamip - ok
17:51:42.0812 0x02d4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:51:42.0812 0x02d4  swenum - ok
17:51:42.0843 0x02d4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:51:42.0843 0x02d4  swmidi - ok
17:51:42.0859 0x02d4  SwPrv - ok
17:51:42.0875 0x02d4  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
17:51:42.0875 0x02d4  symc810 - ok
17:51:42.0890 0x02d4  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:51:42.0890 0x02d4  symc8xx - ok
17:51:42.0906 0x02d4  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:51:42.0906 0x02d4  sym_hi - ok
17:51:42.0921 0x02d4  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:51:42.0937 0x02d4  sym_u3 - ok
17:51:42.0937 0x02d4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:51:42.0953 0x02d4  sysaudio - ok
17:51:42.0968 0x02d4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:51:42.0984 0x02d4  SysmonLog - ok
17:51:43.0015 0x02d4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:51:43.0031 0x02d4  TapiSrv - ok
17:51:43.0078 0x02d4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:51:43.0093 0x02d4  Tcpip - ok
17:51:43.0125 0x02d4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:51:43.0140 0x02d4  TDPIPE - ok
17:51:43.0156 0x02d4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:51:43.0156 0x02d4  TDTCP - ok
17:51:43.0187 0x02d4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:51:43.0203 0x02d4  TermDD - ok
17:51:43.0218 0x02d4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:51:43.0234 0x02d4  TermService - ok
17:51:43.0281 0x02d4  [ D0177776E11B0B3F272EEBD262A69661, E826ADC7381AD5891C6DD514ED48E8F74A804A9C4BE6E6555CDCCF60286BE898 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
17:51:43.0281 0x02d4  tfsnboio - ok
17:51:43.0296 0x02d4  [ 599804BC938B8305A5422319774DA871, C0B450D71A0FD36A9358C241D6CDA2CB3392F2A8182401B4DC44BF5CF93847C8 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
17:51:43.0296 0x02d4  tfsncofs - ok
17:51:43.0312 0x02d4  [ A1902C00ADC11C4D83F8E3ED947A6A32, 5B05B8BF4C0EF5E86ABEE4C7EACD976427699061520A6CCB04EEEDDA3F6FFF56 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
17:51:43.0312 0x02d4  tfsndrct - ok
17:51:43.0312 0x02d4  [ D8DDB3F2B1BEF15CFF6728D89C042C61, 61E1EE3CEB5B1B2234E1187086CDAD7450E6B69058264F3C30F73F65E05C0F05 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
17:51:43.0312 0x02d4  tfsndres - ok
17:51:43.0328 0x02d4  [ C4F2DEA75300971CDAEE311007DE138D, 9B1DE826445672C2F4CC73E99843CCC53918B9622C2709ED611086A817958B10 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
17:51:43.0328 0x02d4  tfsnifs - ok
17:51:43.0343 0x02d4  [ 272925BE0EA919F08286D2EE6F102B0F, EE4B7AB9061C6202166C9B947AE1431DB12B9A898C1F20C7E05A0E3531BBA65F ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
17:51:43.0343 0x02d4  tfsnopio - ok
17:51:43.0359 0x02d4  [ 7B7D955E5CEBC2FB88B03EF875D52A2F, 53E1595BAC6C508B389AB695CC954FE739EA4014C8EF2FD6C2ABC1492732BB25 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
17:51:43.0359 0x02d4  tfsnpool - ok
17:51:43.0359 0x02d4  [ E3D01263109D800C1967C12C10A0B018, 96FBD863C1EC1C603203EA425B5891D7CE1D0D04BBA29B68E8654CD40AD70B09 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
17:51:43.0375 0x02d4  tfsnudf - ok
17:51:43.0375 0x02d4  [ B9E9C377906E3A65BC74598FFF7F7458, F2B175EB5FCF8F19E765A01B5289F158E07F8698F8A35171E7767F084C503512 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
17:51:43.0390 0x02d4  tfsnudfa - ok
17:51:43.0406 0x02d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:51:43.0421 0x02d4  Themes - ok
17:51:43.0437 0x02d4  [ D8A96D0E25D43FDAC3BED09ADF39FDE9, 194060AA411026891A9D30351CBF53957AEE4CD05472695B3FACBD8F55C55DD3 ] timounter       C:\WINDOWS\system32\DRIVERS\timntr.sys
17:51:43.0468 0x02d4  timounter - ok
17:51:43.0500 0x02d4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:51:43.0515 0x02d4  TlntSvr - ok
17:51:43.0531 0x02d4  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
17:51:43.0531 0x02d4  TosIde - ok
17:51:43.0546 0x02d4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:51:43.0578 0x02d4  TrkWks - ok
17:51:43.0593 0x02d4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:51:43.0593 0x02d4  Udfs - ok
17:51:43.0625 0x02d4  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
17:51:43.0625 0x02d4  ultra - ok
17:51:43.0640 0x02d4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:51:43.0656 0x02d4  Update - ok
17:51:43.0671 0x02d4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:51:43.0703 0x02d4  upnphost - ok
17:51:43.0703 0x02d4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
17:51:43.0718 0x02d4  UPS - ok
17:51:43.0750 0x02d4  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
17:51:43.0750 0x02d4  USBAAPL - ok
17:51:43.0796 0x02d4  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
17:51:43.0812 0x02d4  usbaudio - ok
17:51:43.0859 0x02d4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:51:43.0875 0x02d4  usbccgp - ok
17:51:43.0890 0x02d4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:51:43.0890 0x02d4  usbehci - ok
17:51:43.0921 0x02d4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:51:43.0921 0x02d4  usbhub - ok
17:51:43.0937 0x02d4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:51:43.0937 0x02d4  usbprint - ok
17:51:43.0968 0x02d4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:51:44.0000 0x02d4  usbscan - ok
17:51:44.0031 0x02d4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:51:44.0046 0x02d4  USBSTOR - ok
17:51:44.0046 0x02d4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:51:44.0046 0x02d4  usbuhci - ok
17:51:44.0078 0x02d4  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
17:51:44.0078 0x02d4  usbvideo - ok
17:51:44.0093 0x02d4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:51:44.0109 0x02d4  VgaSave - ok
17:51:44.0125 0x02d4  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:51:44.0125 0x02d4  viaagp - ok
17:51:44.0156 0x02d4  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
17:51:44.0156 0x02d4  ViaIde - ok
17:51:44.0171 0x02d4  [ 149EC3E217F9D11E9CA6C54CE3D70C73, FB90E3EE501FB7EFFC8ABE3D7D6C1936C7B82D44C3229ED83B671863F82E205E ] vididr          C:\WINDOWS\system32\DRIVERS\vididr.sys
17:51:44.0171 0x02d4  vididr - ok
17:51:44.0187 0x02d4  [ E31E9CD40677B84B3ADAA7A0D80DC439, 6EF83C15A3FE1EF4B84D7D92393E44FC0B20C30DFF0D9E8293CE9554373C36BC ] vidsflt53       C:\WINDOWS\system32\DRIVERS\vsflt53.sys
17:51:44.0203 0x02d4  vidsflt53 - ok
17:51:44.0218 0x02d4  [ AE01E1ED5A81E0D268B91B4A6DE5A872, D613C24FA39CF3890B82DE1520C4F1772A6EEAAFC999B9A70F30B0AF3B8C96C6 ] VNUSB           C:\WINDOWS\system32\DRIVERS\VNUSB.sys
17:51:44.0218 0x02d4  VNUSB - ok
17:51:44.0234 0x02d4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:51:44.0234 0x02d4  VolSnap - ok
17:51:44.0250 0x02d4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:51:44.0281 0x02d4  VSS - ok
17:51:44.0296 0x02d4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
17:51:44.0328 0x02d4  w32time - ok
17:51:44.0343 0x02d4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:51:44.0359 0x02d4  Wanarp - ok
17:51:44.0375 0x02d4  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\WINDOWS\system32\DRIVERS\wdcsam.sys
17:51:44.0390 0x02d4  WDC_SAM - ok
17:51:44.0406 0x02d4  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
17:51:44.0421 0x02d4  Wdf01000 - ok
17:51:44.0437 0x02d4  WDICA - ok
17:51:44.0468 0x02d4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:51:44.0468 0x02d4  wdmaud - ok
17:51:44.0500 0x02d4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:51:44.0515 0x02d4  WebClient - ok
17:51:44.0578 0x02d4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:51:44.0593 0x02d4  winmgmt - ok
17:51:44.0640 0x02d4  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:51:44.0703 0x02d4  WinRM - ok
17:51:44.0750 0x02d4  [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:51:44.0765 0x02d4  WmdmPmSN - ok
17:51:44.0828 0x02d4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:51:44.0843 0x02d4  Wmi - ok
17:51:44.0875 0x02d4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:51:44.0875 0x02d4  WmiApSrv - ok
17:51:44.0968 0x02d4  [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
17:51:45.0000 0x02d4  WMPNetworkSvc - ok
17:51:45.0031 0x02d4  [ C60DC16D4E406810FAD54B98DC92D5EC, 43E7DF323BBD7C889CAD078176E239319A40EE4BEBC7BD753012B94CF5E48551 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
17:51:45.0031 0x02d4  WpdUsb - ok
17:51:45.0078 0x02d4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:51:45.0109 0x02d4  WPFFontCache_v0400 - ok
17:51:45.0125 0x02d4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:51:45.0140 0x02d4  wscsvc - ok
17:51:45.0156 0x02d4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:51:45.0171 0x02d4  WSTCODEC - ok
17:51:45.0187 0x02d4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:51:45.0218 0x02d4  wuauserv - ok
17:51:45.0265 0x02d4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:51:45.0265 0x02d4  WudfPf - ok
17:51:45.0281 0x02d4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:51:45.0281 0x02d4  WudfRd - ok
17:51:45.0328 0x02d4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:51:45.0343 0x02d4  WudfSvc - ok
17:51:45.0390 0x02d4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:51:45.0468 0x02d4  WZCSVC - ok
17:51:45.0484 0x02d4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:51:45.0515 0x02d4  xmlprov - ok
17:51:45.0531 0x02d4  ================ Scan global ===============================
17:51:45.0562 0x02d4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
17:51:45.0593 0x02d4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
17:51:45.0625 0x02d4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
17:51:45.0671 0x02d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
17:51:45.0687 0x02d4  [ Global ] - ok
17:51:45.0687 0x02d4  ================ Scan MBR ==================================
17:51:45.0734 0x02d4  [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
17:51:45.0937 0x02d4  \Device\Harddisk0\DR0 - ok
17:51:45.0953 0x02d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:51:45.0953 0x02d4  \Device\Harddisk1\DR1 - ok
17:51:45.0968 0x02d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR6
17:51:45.0968 0x02d4  \Device\Harddisk2\DR6 - ok
17:51:45.0968 0x02d4  ================ Scan VBR ==================================
17:51:45.0984 0x02d4  [ C4D447B3049A80CC8AEEBD408530282E ] \Device\Harddisk0\DR0\Partition1
17:51:46.0015 0x02d4  \Device\Harddisk0\DR0\Partition1 - ok
17:51:46.0015 0x02d4  [ 91994307F85F4FE13220630B1D057847 ] \Device\Harddisk1\DR1\Partition1
17:51:46.0046 0x02d4  \Device\Harddisk1\DR1\Partition1 - ok
17:51:46.0046 0x02d4  [ 12465CB012D0FF36E8A8E89B655EF92A ] \Device\Harddisk2\DR6\Partition1
17:51:46.0109 0x02d4  \Device\Harddisk2\DR6\Partition1 - ok
17:51:46.0109 0x02d4  ================ Scan generic autorun ======================
17:51:46.0171 0x02d4  [ 2704F7DBF55C9238DB73290176285F6C, EA683327846AF593247D747D421725C38E7D8677ACB47D9A1DFC61917DE3F11A ] c:\program files\billp studios\winpatrol\winpatrol.exe
17:51:46.0171 0x02d4  WinPatrol - ok
17:51:46.0265 0x02d4  [ FB9E5C251CF6C37749F296BACB34A69B, D6FAD9C7406071291095811D0FECEA8940365C8E345D7C099853FCE2D1FE4412 ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
17:51:46.0281 0x02d4  ISUSPM Startup - ok
17:51:46.0328 0x02d4  [ B04E826B086568DCBE80DBC2841BE2B2, D8418B4EE3A9CA43A7D81A4E55E3D534F216E170ABB95BE2059ABE656A2DD429 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
17:51:46.0328 0x02d4  IAAnotif - ok
17:51:46.0437 0x02d4  [ E7D1D8179FE03E2BC569A92B56509414, 32BCD98F5CFF93825F9563E737AA2F927FB6D26EC25F4CB78D52C6F6D290F0A0 ] c:\program files\creative\sbaudigy2zs\surround mixer\ctsysvol.exe
17:51:46.0437 0x02d4  CTSysVol - ok
17:51:46.0468 0x02d4  [ A00A2D93BADF2EC04FEF674738512D02, C6F06DDFDBC2C5AEAFDC717E693F572680D1E0C316FE6DD77E6F13DA586759F9 ] C:\WINDOWS\system32\cthelper.exe
17:51:46.0468 0x02d4  CTHelper - ok
17:51:46.0515 0x02d4  [ DB20FCE248D269E1C396E70A91E587C8, 0C4CC3AA6FF85514E2E686955FF588AACC779849E0329735023F4643CD2A3775 ] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
17:51:46.0515 0x02d4  CTDVDDET - ok
17:51:46.0531 0x02d4  ATIPTA - ok
17:51:46.0562 0x02d4  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:51:46.0562 0x02d4  APSDaemon - ok
17:51:46.0750 0x02d4  [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:51:46.0921 0x02d4  AvastUI.exe - ok
17:51:47.0000 0x02d4  [ 4F83E6A5D34751D6426155FB091B2BE6, 3AC695240F7F332D346817540622A78CD69328470AE0981632B7C3E2D7B080F3 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:51:47.0062 0x02d4  StartCCC - ok
17:51:47.0093 0x02d4  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
17:51:47.0109 0x02d4  iTunesHelper - ok
17:51:47.0125 0x02d4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
17:51:47.0125 0x02d4  ctfmon.exe - ok
17:51:47.0125 0x02d4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
17:51:47.0140 0x02d4  ctfmon.exe - ok
17:51:47.0140 0x02d4  Waiting for KSN requests completion. In queue: 336
17:51:48.0140 0x02d4  Waiting for KSN requests completion. In queue: 28
17:51:49.0140 0x02d4  Waiting for KSN requests completion. In queue: 28
17:51:50.0203 0x02d4  AV detected via SS1: Bitdefender Antivirus Free Edition, 1.0.14.889, enabled, updated
17:51:50.0203 0x02d4  AV detected via SS1: avast! Antivirus, 5.0.167774368, enabled, updated
17:51:50.0203 0x02d4  FW detected via SS1: , 1.0.14.889, enabled
17:51:50.0203 0x02d4  FW detected via SS1: avast! Antivirus, 5.0.167774368, enabled
17:51:52.0796 0x02d4  ============================================================
17:51:52.0796 0x02d4  Scan finished
17:51:52.0796 0x02d4  ============================================================
17:51:52.0796 0x0660  Detected object count: 0
17:51:52.0796 0x0660  Actual detected object count: 0
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users