Buy Malwarebytes antimalware











This site is hosted at Hostgator.com




Sponsored Adverts

Sponsored Ads

These adverts come direct from Google adsense



Recent Posts

Pages: 1 2 [3] 4 5 6 7 8 ... 10
21
Uploads / Re: Files Requested by eddie:
« Last post by Referee06 on July 04, 2014, 03:51:43 »
Second Qoobox submission
23
Malware removal and help / Re: adware/malware popups etc
« Last post by Derek on April 28, 2014, 23:05:59 »
the civic cookie is genuine for this site, I have to have that to comply with EU cookie laws. You will get that every time until you accept it 
What is the suspicious update message
24
Malware removal and help / Re: adware/malware popups etc
« Last post by manicmoms on April 28, 2014, 23:04:32 »
When I visit this page I get a "Civic Cookie" Message....and then I am still getting a suspicious update message that has a lot of pop up messages in it about navigating away from page etc...let me know if you need more detail about them and I will write it down next time they pop up.
25
Malware removal and help / Re: adware/malware popups etc
« Last post by Derek on April 27, 2014, 12:21:52 »
How is it mow and are you still having any problems
26
Malware removal and help / Re: adware/malware popups etc
« Last post by manicmoms on April 26, 2014, 23:18:59 »
had to reboot after the fix and then upon reboot had to locate the log file before pasting it below...but otherwise no other differences in your instructions.

All Processes Killed
[Registry - Safe List]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3DF5BF98-C5A8-4154-8B63-D07977DBA953}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DF5BF98-C5A8-4154-8B63-D07977DBA953}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{3DF5BF98-C5A8-4154-8B63-D07977DBA953}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ deleted successfully.
[Registry - Additional Scans - Safe List]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0375699A-9258-90D1-617D-89EB7B787A03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0375699A-9258-90D1-617D-89EB7B787A03}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0375699A-9258-90D1-617D-89EB7B787A03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0375699A-9258-90D1-617D-89EB7B787A03}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51DEF79C-4941-E5AF-086B-0BC003A792DD}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBBEDAC2-B124-494A-9D19-7C0D7741690C}\ not found.
[Files/Folders - Created Within 90 Days]
C:\Program Files (x86)\MyPC Backup\log folder moved successfully.
C:\Program Files (x86)\MyPC Backup folder moved successfully.
[Files/Folders - Modified Within 90 Days]
C:\Windows\Temp\20F8.tmp deleted successfully.
C:\Windows\Temp\APPX.6nkyon_5bg2mm5l5_fn9ngj3g.tmp deleted successfully.
C:\Windows\Temp\APPX.hpfgykeec9qmkcwc2l_rmldvd.tmp deleted successfully.
C:\Windows\Temp\APPX.myj4n48in70vgy3k19y47fqyg.tmp deleted successfully.
C:\Windows\Temp\APPX.n15xhg8sc6z13k2d5do7nsa7c.tmp deleted successfully.
C:\Windows\Temp\CR_3C4B6.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_3C4B6.tmp folder deleted successfully.
C:\Windows\Temp\DMI167C.tmp deleted successfully.
C:\Windows\Temp\DMI3A41.tmp deleted successfully.
C:\Windows\Temp\DMI3ED8.tmp deleted successfully.
C:\Windows\Temp\DMI70EF.tmp deleted successfully.
C:\Windows\Temp\DMIE1A7.tmp deleted successfully.
C:\Windows\Temp\DMIF4BA.tmp deleted successfully.
C:\Windows\Temp\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\Temp\nsa4D58.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsa4D58.tmp folder deleted successfully.
C:\Windows\Temp\nseE1B6.tmp\System.dll deleted successfully.
C:\Windows\Temp\nseE1B6.tmp folder deleted successfully.
C:\Windows\Temp\nsgAB8.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsgAB8.tmp folder deleted successfully.
C:\Windows\Temp\nsh2395.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsh2395.tmp folder deleted successfully.
C:\Windows\Temp\nsx68FD.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsx68FD.tmp folder deleted successfully.
C:\Windows\Temp\nsx7071.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsx7071.tmp folder deleted successfully.
C:\Windows\Temp\nsxDEF3.tmp\System.dll deleted successfully.
C:\Windows\Temp\nsxDEF3.tmp folder deleted successfully.
C:\Windows\Temp\tmp399A.tmp deleted successfully.
C:\Windows\Temp\tmp399B.tmp deleted successfully.
C:\Windows\Temp\tmp46D8.tmp deleted successfully.
C:\Windows\Temp\tmp46D9.tmp deleted successfully.
C:\Windows\Temp\tmp6700.tmp deleted successfully.
C:\Windows\Temp\tmp6730.tmp deleted successfully.
C:\Windows\Temp\TS_3468.tmp deleted successfully.
C:\Windows\Temp\TS_84F7.tmp deleted successfully.
C:\Windows\Temp\TS_CC91.tmp deleted successfully.
C:\Windows\Temp\TS_D9CB.tmp deleted successfully.
C:\Windows\Temp\UDD2A6C.tmp deleted successfully.
C:\Windows\Temp\UDD2A8E.tmp deleted successfully.
C:\Windows\Temp\avg_a00936\ProgFiles\AVG SafeGuard toolbar\FireFoxSearchXml.tmp deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCall.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla2.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla21.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla32.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla33.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla34.dll deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseData.ini deleted successfully.
C:\Users\Jalee6789\ACF5FE1B377240688B872D2A6EFD0A05.TMP folder deleted successfully.
[Empty Temp Folders]
 
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Jaime
->Temp folder emptied: 2441996 bytes
->Temporary Internet Files folder emptied: 128 bytes
 
User: Jalee6789
->Temp folder emptied: 1180493400 bytes
->Temporary Internet Files folder emptied: 85439226 bytes
->Google Chrome cache emptied: 378642909 bytes
->Flash cache emptied: 15818 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70814113 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 450991 bytes
RecycleBin emptied: 54120940 bytes
 
Total Files Cleaned = 1,690.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Jaime
 
User: Jalee6789
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Jaime
 
User: Jalee6789
 
User: Public
 
Total Java Files Cleaned = 0.00 mb
 
< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 04262014_164438

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
27
Malware removal and help / Re: adware/malware popups etc
« Last post by Derek on April 26, 2014, 07:31:53 »
Start OTS. Copy/Paste the information in the Code box below into the pane where it says "Paste fix here" and then click the Run Fix button.


Code: [Select]
[Unregister Dlls]
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {3DF5BF98-C5A8-4154-8B63-D07977DBA953} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {BBBEDAC2-B124-494A-9D19-7C0D7741690C} [HKLM] -> [GetSavin 5.0]
[Registry - Additional Scans - Safe List]
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
YN -> {51DEF79C-4941-E5AF-086B-0BC003A792DD} [HKLM] -> [Safeurweb]
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\
YN -> {0375699A-9258-90D1-617D-89EB7B787A03} [HKLM] -> [REalddeAl]
YN -> {51DEF79C-4941-E5AF-086B-0BC003A792DD} [HKLM] -> [Safeurweb]
YN -> {BBBEDAC2-B124-494A-9D19-7C0D7741690C} [HKLM] -> [GetSavin 5.0]
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\
YN -> {0375699A-9258-90D1-617D-89EB7B787A03} [HKLM] -> [REalddeAl]
YN -> {51DEF79C-4941-E5AF-086B-0BC003A792DD} [HKLM] -> [Safeurweb]
YN -> {BBBEDAC2-B124-494A-9D19-7C0D7741690C} [HKLM] -> [GetSavin 5.0]
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
YN -> {730C1F02-ABB6-7601-60ED-659A59700742} -> REalddeAl
[Files/Folders - Created Within 90 Days]
NY ->  MyPC Backup -> C:\Program Files (x86)\MyPC Backup
[Files/Folders - Modified Within 90 Days]
NY ->  32 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp
NY ->  32 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp
NY ->  1 C:\Windows\Temp\avg_a00936\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\Temp\avg_a00936\ProgFiles\AVG SafeGuard toolbar\*.tmp
NY ->  1 C:\Users\Jalee6789\*.tmp files -> C:\Users\Jalee6789\*.tmp
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here .

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.
28
Malware removal and help / Re: adware/malware popups etc
« Last post by manicmoms on April 25, 2014, 23:50:57 »
Sorry....OTS log attached
29
Malware removal and help / Re: adware/malware popups etc
« Last post by Derek on April 25, 2014, 22:26:24 »
that is only part of the OTS log
can you attach the whole log please so I can see what needs fixing
30
Malware removal and help / Re: adware/malware popups etc
« Last post by manicmoms on April 25, 2014, 21:26:25 »
OTS Report as requested:

[code]
OTS logfile created on: 4/25/2014 3:00:01 PM - Run 1
OTS by OldTimer - Version 3.1.47.2     Folder = C:\Users\Jalee6789\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16843)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 45.00% Memory free
10.00 Gb Paging File | 8.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 570.51 Gb Total Space | 467.84 Gb Free Space | 82.00% Space Free | Partition Type: NTFS
Drive D: | 24.89 Gb Total Space | 3.00 Gb Free Space | 12.04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JAIME_LAPTOP
Current User Name: Jalee6789
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
 
[Processes - Safe List]
ots (2).exe -> C:\Users\Jalee6789\Downloads\OTS (2).exe -> [2014/04/25 14:56:19 | 000,646,656 | ---- | M] (OldTimer Tools)
avgui.exe -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe -> [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -> [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.)
chrome.exe -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -> [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
gamesappintegrationservice.exe -> C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -> [2013/11/14 09:28:52 | 000,227,936 | ---- | M] (WildTangent)
coolsense.exe -> C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -> [2012/11/05 19:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.)
ycmmirage.exe -> C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe -> [2012/10/12 17:16:50 | 000,136,488 | ---- | M] (CyberLink)
hpmsgsvc.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe -> [2012/09/07 19:33:08 | 000,581,024 | ---- | M] (Hewlett-Packard Development Company, L.P.)
hpwmisvc.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -> [2012/09/07 19:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.)
clmlsvc_p2g8.exe -> C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe -> [2012/06/07 22:34:06 | 000,111,120 | ---- | M] (CyberLink)
pdvd10serv.exe -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe -> [2012/03/28 21:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.)
 
[Modules - No Company Name]
ppgooglenaclpluginchrome.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll -> [2013/12/03 21:48:04 | 000,399,312 | ---- | M] ()
pepflashplayer.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll -> [2013/12/03 21:48:03 | 013,586,896 | ---- | M] ()
pdf.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll -> [2013/12/03 21:48:02 | 004,055,504 | ---- | M] ()
libglesv2.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll -> [2013/12/03 21:47:11 | 000,702,416 | ---- | M] ()
libegl.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll -> [2013/12/03 21:47:11 | 000,099,792 | ---- | M] ()
ffmpegsumo.dll -> C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll -> [2013/12/03 21:47:08 | 001,619,408 | ---- | M] ()
clmlsvcps.dll -> C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll -> [2012/06/08 14:34:06 | 000,016,400 | ---- | M] ()
clmedialibrary.dll -> C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll -> [2012/06/07 22:34:06 | 000,627,216 | ---- | M] ()
 
[Win32 Services - Safe List]
64bit-(WinDefend)  [Unknown | Stopped] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2013/10/25 02:34:55 | 000,016,048 | ---- | M] (Microsoft Corporation)
64bit-(WSService)  [Unknown | Stopped] -> C:\Windows\SysNative\WSService.dll -> [2013/08/16 00:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation)
64bit-(Wcmsvc)  [Auto | Running] -> C:\Windows\SysNative\wcmsvc.dll -> [2013/06/24 17:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation)
64bit-(DsmSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\DeviceSetupManager.dll -> [2013/06/01 04:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation)
64bit-(netprofm)  [On_Demand | Running] -> C:\Windows\SysNative\netprofmsvc.dll -> [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation)
64bit-(BrokerInfrastructure)  [Unknown | Running] -> C:\Windows\SysNative\bisrv.dll -> [2013/05/04 01:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation)
64bit-(AudioEndpointBuilder)  [Auto | Running] -> C:\Windows\SysNative\AudioEndpointBuilder.dll -> [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation)
64bit-(TimeBroker)  [Unknown | Running] -> C:\Windows\SysNative\TimeBrokerServer.dll -> [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation)
64bit-(SystemEventsBroker)  [Unknown | Running] -> C:\Windows\SysNative\SystemEventsBrokerServer.dll -> [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation)
64bit-(wlidsvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wlidsvc.dll -> [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation)
64bit-(LSM)  [Unknown | Running] -> C:\Windows\SysNative\lsm.dll -> [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation)
64bit-(PrintNotify)  [On_Demand | Stopped] -> C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -> [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation)
64bit-(fhsvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\fhsvc.dll -> [2012/10/20 00:44:11 | 000,116,736 | ---- | M] (Microsoft Corporation)
64bit-(hpsrv)  [Auto | Running] -> C:\Windows\SysNative\hpservice.exe -> [2012/09/24 14:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company)
64bit-(AMD FUEL Service)  [Auto | Running] -> C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -> [2012/09/18 06:11:46 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.)
64bit-(AMD External Events Utility)  [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2012/09/18 05:38:00 | 000,239,616 | ---- | M] (AMD)
64bit-(STacSV)  [Auto | Running] -> C:\Program Files\IDT\WDM\stacsv64.exe -> [2012/08/20 00:45:20 | 000,323,072 | ---- | M] (IDT, Inc.)
64bit-(WiaRpc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wiarpc.dll -> [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation)
64bit-(svsvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\svsvc.dll -> [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation)
64bit-(NcaSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\NcaSvc.dll -> [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation)
64bit-(NcdAutoSetup)  [On_Demand | Stopped] -> C:\Windows\SysNative\NcdAutoSetup.dll -> [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-(EFS)  [Unknown | Stopped] -> C:\Windows\SysNative\efssvc.dll -> [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation)
64bit-(DeviceAssociationService)  [Auto | Running] -> C:\Windows\SysNative\das.dll -> [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation)
64bit-(AllUserInstallAgent)  [On_Demand | Stopped] -> C:\Windows\SysNative\AUInstallAgent.dll -> [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation)
64bit-(vmicvss)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
64bit-(vmictimesync)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
64bit-(vmicshutdown)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
64bit-(vmicrdv)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
64bit-(vmickvpexchange)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
64bit-(vmicheartbeat)  [On_Demand | Stopped] -> C:\Windows\SysNative\icsvc.dll -> [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation)
(AVGIDSAgent) AVGIDSAgent [Auto | Stopped] -> C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -> [2014/04/18 15:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -> [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.)
(GamesAppIntegrationService) GamesAppIntegrationService [Auto | Running] -> C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -> [2013/11/14 09:28:52 | 000,227,936 | ---- | M] (WildTangent)
(HP Support Assistant Service) HP Support Assistant Service [Auto | Running] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -> [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company)
(HPConnectedRemote) HP Connected Remote Service [Auto | Running] -> C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -> [2012/10/12 19:22:08 | 000,035,744 | ---- | M] (Hewlett-Packard)
(HPWMISVC) HPWMISVC [Auto | Running] -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -> [2012/09/07 19:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(StorSvc) Storage Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\StorSvc.dll -> [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation)
(WAS) Windows Process Activation Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -> [2012/07/25 22:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation)
(AppHostSvc) Application Host Helper Service [Auto | Running] -> C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -> [2012/07/25 22:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation)
(IconMan_R) IconMan_R [Disabled | Stopped] -> C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -> [2012/07/13 20:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.)
(GamesAppService) GamesAppService [On_Demand | Stopped] -> C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -> [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.)
 
[Driver Services - Safe List]
64bit-(AVGIDSDriver) AVGIDSDriver [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgidsdrivera.sys -> [2014/04/18 15:01:56 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgwfpa) AVG Firewall Driver [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgwfpa.sys -> [2014/03/31 16:06:48 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgmfx64) AVG Mini-Filter Resident Anti-Virus Shield [File_System | Boot | Running] -> C:\Windows\SysNative\Drivers\avgmfx64.sys -> [2014/03/31 16:06:26 | 000,130,840 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(AVGIDSHA) AVGIDSHA [File_System | Boot | Running] -> C:\Windows\SysNative\Drivers\avgidsha.sys -> [2014/03/27 22:14:26 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgdiska) AVG Disk Driver [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgdiska.sys -> [2014/03/27 22:14:24 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgldx64) AVG AVI Loader Driver [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgldx64.sys -> [2014/03/27 22:07:10 | 000,236,824 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgloga) AVG Logging Driver [File_System | Boot | Running] -> C:\Windows\SysNative\Drivers\avgloga.sys -> [2014/03/27 22:05:02 | 000,324,376 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgrkx64) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\SysNative\Drivers\avgrkx64.sys -> [2014/03/27 22:03:16 | 000,032,536 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(wStLib64) wStLib64 [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\wStLib64.sys -> [2014/03/23 11:03:42 | 000,061,112 | ---- | M] (StdLib)
64bit-(ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\ssudmdm.sys -> [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr))
64bit-(dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\ssudbus.sys -> [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr))
64bit-(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SynTP.sys -> [2013/12/03 12:51:53 | 000,495,856 | ---- | M] (Synaptics Incorporated)
64bit-(WdBoot) Windows Defender Boot Driver [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\Drivers\WdBoot.sys -> [2013/10/25 02:34:52 | 000,035,856 | ---- | M] (Microsoft Corporation)
64bit-(WdFilter) Windows Defender Mini-Filter Driver [File_System | Unknown | Stopped] -> C:\Windows\SysNative\Drivers\WdFilter.sys -> [2013/10/24 17:34:32 | 000,248,240 | ---- | M] (Microsoft Corporation)
64bit-(WFPLWFS) Microsoft Windows Filtering Platform [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\wfplwfs.sys -> [2013/10/10 06:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation)
64bit-(spaceport) Storage Spaces Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\spaceport.sys -> [2013/10/05 01:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation)
64bit-(USBHUB3) SuperSpeed Hub [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\USBHUB3.SYS -> [2013/10/01 21:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation)
64bit-(Avgboota) AVG Early Launch Anti-Malware Driver [Kernel | Boot | Stopped] -> C:\Windows\SysNative\Drivers\avgboota.sys -> [2013/09/04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(dam) Desktop Activity Moderator Driver [Kernel | System | Stopped] -> C:\Windows\SysNative\Drivers\dam.sys -> [2013/08/16 00:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation)
64bit-(TPM) TPM [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\tpm.sys -> [2013/08/10 01:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation)
64bit-(GPIOClx0101) Microsoft GPIO Class Extension Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\msgpioclx.sys -> [2013/07/09 03:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation)
64bit-(USBXHCI) USB xHCI Compliant Host Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\USBXHCI.SYS -> [2013/07/01 20:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation)
64bit-(UCX01000) USB Controller Extension [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\UCX01000.SYS -> [2013/07/01 20:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation)
64bit-(sdbus) sdbus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\sdbus.sys -> [2013/06/29 01:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation)
64bit-(BthAvrcpTg) Bluetooth Audio/Video Remote Control HID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -> [2013/05/31 22:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation)
64bit-(storahci) Microsoft Standard SATA AHCI Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\storahci.sys -> [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation)
64bit-(pdc) pdc [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\pdc.sys -> [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation)
64bit-(usb_rndisx) USB RNDIS Adapter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\usb8023x.sys -> [2013/02/11 19:17:50 | 000,020,992 | ---- | M] (Microsoft Corporation)
64bit-(msgpiowin32) GPIO Buttons Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\msgpiowin32.sys -> [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation)
64bit-(athr) Qualcomm Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\athw8x.sys -> [2012/12/16 19:21:30 | 003,735,040 | ---- | M] (Qualcomm Atheros Communications, Inc.)
64bit-(bthhfhid) Bluetooth Hands-Free Call Control HID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\BthhfHid.sys -> [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation)
64bit-(hidi2c) Microsoft I2C HID Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\hidi2c.sys -> [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation)
64bit-(FxPPM) Power Framework Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\fxppm.sys -> [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\evbda.sys -> [2012/10/20 00:43:37 | 003,265,256 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\bxvbda.sys -> [2012/10/20 00:43:37 | 000,533,224 | ---- | M] (Broadcom Corporation)
64bit-(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\rdpvideominiport.sys -> [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation)
64bit-(sdstor) SD Storage Port Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\sdstor.sys -> [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation)
64bit-(iaStorA) iaStorA [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\iaStorA.sys -> [2012/09/28 13:37:04 | 000,650,808 | ---- | M] (Intel Corporation)
64bit-(Accelerometer) HP Mobile Data Protection Sensor [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\Accelerometer.sys -> [2012/09/24 14:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company)
64bit-(hpdskflt) HP Filter [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\hpdskflt.sys -> [2012/09/24 14:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company)
64bit-(amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\atikmdag.sys -> [2012/09/18 07:15:48 | 010,316,800 | ---- | M] (Advanced Micro Devices, Inc.)
64bit-(amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\atikmpag.sys -> [2012/09/18 05:12:42 | 000,370,688 | ---- | M] (Advanced Micro Devices, Inc.)
64bit-(amd_xata) amd_xata [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\amd_xata.sys -> [2012/09/02 12:16:38 | 000,026,280 | ---- | M] (Advanced Micro Devices)
64bit-(amd_sata) amd_sata [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\amd_sata.sys -> [2012/09/02 12:16:36 | 000,079,528 | ---- | M] (Advanced Micro Devices)
64bit-(WirelessButtonDriver) HP Wireless Button Driver Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -> [2012/08/31 12:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.)
64bit-(SmbDrvI) SmbDrvI [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -> [2012/08/24 20:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated)
64bit-(SmbDrv) SmbDrv [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -> [2012/08/24 20:38:26 | 000,041,272 | ---- | M] (Synaptics Incorporated)
64bit-(AtiHDAudioService) AMD Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\AtihdW86.sys -> [2012/08/21 15:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices)
64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\stwrt64.sys -> [2012/08/20 00:45:20 | 000,542,208 | ---- | M] (IDT, Inc.)
64bit-(RTL8168) Realtek 8168 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\Rt630x64.sys -> [2012/07/31 03:04:12 | 000,690,832 | ---- | M] (Realtek                                            )
64bit-(condrv) Console Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\condrv.sys -> [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation)
64bit-(VSTXRAID) VIA StorX Storage Controller Windows Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\VSTXRAID.SYS -> [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation)
64bit-(VerifierExt) VerifierExt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\VerifierExt.sys -> [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation)
64bit-(UASPStor) USB Attached SCSI (UAS) Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\uaspstor.sys -> [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation)
64bit-(acpiex) Microsoft ACPIEx Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\acpiex.sys -> [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation)
64bit-(mvumis) mvumis [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\mvumis.sys -> [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\stexstor.sys -> [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\lsi_sas2.sys -> [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation)
64bit-(LSI_SSS) LSI_SSS [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\lsi_sss.sys -> [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\HpSAMD.sys -> [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company)
64bit-(EhStorTcgDrv) Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -> [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation)
64bit-(EhStorClass) Enhanced Storage Filter Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\EhStorClass.sys -> [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\amdsbs.sys -> [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.)
64bit-(3ware) 3ware [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\3ware.sys -> [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\amdsata.sys -> [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\amdxata.sys -> [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices)
64bit-(CLFS) Common Log (CLFS) [Kernel | Unknown | Running] -> C:\Windows\SysNative\Drivers\clfs.sys -> [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation)
64bit-(vpci) Microsoft Hyper-V Virtual PCI Bus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\vpci.sys -> [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation)
64bit-(terminpt) Microsoft Remote Desktop Input Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\terminpt.sys -> [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation)
64bit-(mshidumdf) Pass-through HID to UMDF Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\mshidumdf.sys -> [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation)
64bit-(BasicDisplay) BasicDisplay [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\BasicDisplay.sys -> [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation)
64bit-(HyperVideo) HyperVideo [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\HyperVideo.sys -> [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation)
64bit-(BasicRender) BasicRender [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\BasicRender.sys -> [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation)
64bit-(gencounter) Microsoft Hyper-V Generation Counter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\vmgencounter.sys -> [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation)
64bit-(kdnic) Microsoft Kernel Debug Network Miniport (NDIS 6.20) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\kdnic.sys -> [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation)
64bit-(acpitime) ACPI Wake Alarm Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\acpitime.sys -> [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation)
64bit-(npsvctrig) Named pipe service trigger provider [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\npsvctrig.sys -> [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation)
64bit-(WpdUpFltr) WPD Upper Class Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\WpdUpFltr.sys -> [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation)
64bit-(acpipagr) ACPI Processor Aggregator Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\acpipagr.sys -> [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation)
64bit-(hyperkbd) hyperkbd [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\hyperkbd.sys -> [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation)
64bit-(SerCx) Serial UART Support Library [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\SerCx.sys -> [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation)
64bit-(SpbCx) Simple Peripheral Bus Support Library [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\SpbCx.sys -> [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\TsUsbGD.sys -> [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation)
64bit-(BthHFEnum) Bluetooth Hands-Free Audio and Call Control HID Enumerator [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\bthhfenum.sys -> [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation)
64bit-(dmvsc) dmvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\dmvsc.sys -> [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\TsUsbFlt.sys -> [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation)
64bit-(wpcfltr) Family Safety Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\wpcfltr.sys -> [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation)
64bit-(NdisImPlatform) Microsoft Network Adapter Multiplexor Protocol [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\NdisImPlatform.sys -> [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation)
64bit-(MsLldp) Microsoft Link-Layer Discovery Protocol [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\Drivers\mslldp.sys -> [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation)
64bit-(Ndu) Windows Network Data Usage Monitoring Driver [Kernel | Auto | Running] -> C:\Windows\SysNative\Drivers\Ndu.sys -> [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation)
64bit-(RSP2STOR) Realtek PCIE CardReader Driver - P2 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\RtsP2Stor.sys -> [2012/07/03 17:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.)
64bit-(CLVirtualDrive) CLVirtualDrive [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -> [2012/06/25 13:24:50 | 000,092,536 | ---- | M] (CyberLink)
64bit-(usbfilter) AMD USB Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\usbfilter.sys -> [2012/06/18 21:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices)
64bit-(igfx) igfx [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\igdkmd64.sys -> [2012/06/02 09:32:26 | 010,627,744 | ---- | M] (Intel Corporation)
64bit-(RimUsb) BlackBerry Smartphone [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -> [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited)
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPNOT13/1 ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPNOT13/1 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPNOT13/1 ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPNOT13/1 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\] > -> ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\: Main\\"Default_Page_URL" -> http://g.msn.com/HPNOT13/1 ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\: Main\\"Start Page" -> http://www.google.com ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\: "ProxyOverride" -> <-loopback> ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2012/07/26 00:26:49 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [HP Network Check Helper] -> [2013/08/28 02:30:32 | 000,303,416 | ---- | M] (Hewlett-Packard)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{3DF5BF98-C5A8-4154-8B63-D07977DBA953} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BBBEDAC2-B124-494A-9D19-7C0D7741690C} [HKLM] ->  [GetSavin 5.0] -> File not found
{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [HP Network Check Helper] -> [2013/08/28 02:28:26 | 000,286,520 | ---- | M] (Hewlett-Packard)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"SysTrayApp" -> C:\Program Files\IDT\WDM\sttray64.exe [C:\Program Files\IDT\WDM\sttray64.exe] -> [2012/08/20 00:45:20 | 001,664,000 | ---- | M] (IDT, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG_UI" -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe ["C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY] -> [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
"CLVirtualDrive" -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe ["C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R] -> [2012/09/10 07:36:01 | 000,491,632 | ---- | M] (CyberLink Corp.)
"HP Quick Launch" -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe] -> [2012/09/07 19:33:08 | 000,581,024 | ---- | M] (Hewlett-Packard Development Company, L.P.)
"RemoteControl10" -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe ["C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"] -> [2012/03/28 21:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.)
"StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2012/09/18 07:16:32 | 000,642,216 | ---- | M] (Advanced Micro Devices, Inc.)
< 64bit-RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"NCPluginUpdater" -> C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe ["C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update] -> [2014/04/08 20:25:46 | 000,021,720 | ---- | M] (Hewlett-Packard)
< Run [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG-Secure-Search-Update_0214c" ->  [C:\Users\Jalee6789\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=a260db80d6ed47d39d33e9a3e10f50c4-00bbba3a2b0f9712013edb1526ab09e4154c29ae /CMPID=0214c] -> File not found
"EA Core" ->  ["C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent] -> File not found
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Activities
\Activities\\"NoActivities" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktopChanges" ->  [1] -> File not found
\\"NoActiveDesktop" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"EnableCursorSuppression" ->  [1] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{25510184-5A38-4A99-B273-DCA8EEF6CD08}:Exec [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103] -> [2012/07/09 16:46:12 | 000,023,456 | ---- | M] (Hewlett-Packard)
{25510184-5A38-4A99-B273-DCA8EEF6CD08}:Exec [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [Menu: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102] -> [2012/07/09 16:46:12 | 000,023,456 | ---- | M] (Hewlett-Packard)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{25510184-5A38-4A99-B273-DCA8EEF6CD08}:Exec [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103] -> [2012/07/09 16:46:12 | 000,023,456 | ---- | M] (Hewlett-Packard)
{25510184-5A38-4A99-B273-DCA8EEF6CD08}:Exec [HKLM] -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [Menu: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102] -> [2012/07/09 16:46:12 | 000,023,456 | ---- | M] (Hewlett-Packard)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\] > -> HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-3092959741-2750419387-2048950003-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{5F6BDDC5-3B34-4167-BAA3-E37B242E2B87}\\DhcpNameServer -> 192.168.1.1   (Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter) ->
{AFA7BACA-0B1D-49F1-B76A-AC7846CA6A85}\\DhcpNameServer -> 192.168.42.129   (Remote NDIS based Internet Sharing Device) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2013/06/01 06:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2012/07/25 22:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2012/07/25 22:08:48 | 000,082,944 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2013/06/01 05:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2012/07/25 22:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
/pagefile ->  -> File not found
*MultiFile Done* -> ->
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
livessp ->  -> File not found
*MultiFile Done* -> ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{0E4E5F83-5B45-4943-B86A-87EE7566F5C0} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{1AF68751-8E9A-4728-8DB6-13E2C52C4B6B} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{261CC6D1-D397-4350-8A90-618715D13D7F} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{2F4C3A55-36CA-49BC-A6CB-939EDA5E3843} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{38B54686-C731-4DCB-A292-159B3E6D2AC0} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{41B65303-0C8E-40C4-B906-1CEC4DFDD281} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{438B4CDB-9EBE-42DF-92DF-E1E2D3F30304} -> lport=52000 | protocol=6 | dir=in | action=allow | name=hpconnectedremoteuser.exe |
{46B06961-297B-43AD-AAD2-769C95541C9A} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{4F3A91D1-6F23-4BF6-9C13-EBA84F5643A3} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{52ECBD88-57BD-4493-A30B-EFB80FA0CE1B} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{5D27EFD3-B7CC-490E-A667-15F4466CD8BB} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) |
{9079D976-6A37-4A00-B924-673C7BD1BAF7} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{965FEE63-165A-46B3-A592-0ED0AAEDCCDB} -> lport=53000 | protocol=6 | dir=in | action=allow | name=hpconnectedremoteservice.exe |
{9C92F43F-BB3F-4BC7-B69D-DB489BD8D398} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) |
{B0ABD79E-F326-49F6-A4BA-022B2B80DCE9} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
{CA01DC06-1743-46DC-9619-4B46A27764AC} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{CA27C4EE-0ADD-47D5-A377-3AF32E6CB44D} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{D2A2C3FD-2E03-443F-AE0F-7CB7128A282B} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{DA491A6E-1549-4100-A4E9-998A8D64AA91} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{E4B84701-E664-4D36-9DDB-229FD4CC245C} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{EA35D5A9-9EA5-43CD-8280-F1D6E50DBF06} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{EAC07991-3FFC-4973-95C2-EC1F7B397D3E} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{F36E3E4C-0794-4CCD-AC9F-1BCCAD795005} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{FD6143AF-6FCA-49B1-B260-FB9E804704BC} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{FFFAFDFC-C56B-484D-8235-D6C31209E4CE} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{03D0401D-C425-479F-AD45-1AF5A98D338D} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{058FC8F0-AE01-4736-B909-ABF3E4329018} -> dir=in | action=allow | name=microsoft skydrive | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
{062F3AFA-E979-4FAA-A66D-1CD30199CA01} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{064B91CF-DE6D-46FF-AF00-6357321AEAAC} -> profile=public | protocol=6 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
{06E9083B-4187-4607-9E85-ABF23104BDFB} -> profile=domain | dir=in | action=allow | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
{0D413066-1C95-47C3-89F0-CB0A66959FAB} -> profile=public | protocol=17 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
{10DA51C9-9E19-4731-8C9A-2CB48248F9BC} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{11448610-07F9-415F-AE8E-2449BDD96CDB} -> profile=public | protocol=17 | dir=in | action=allow | name=avg diagnostics 2014 | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
{1632D466-9C94-4B3C-95CA-90D0E748A507} -> profile=domain | dir=out | action=allow | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
{172B7D6E-E28B-4107-8994-0BCEBD9D8D14} -> profile=domain | dir=out | action=allow | name=hp+ |
{1B86D376-2114-4743-936E-9DAE63301117} -> profile=domain | dir=out | action=allow | name=windows_ie_ac_001 |
{2572C9EA-AC44-4AA0-BF34-6182C5B7DCE1} -> profile=domain | dir=in | action=allow | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
{2624259F-5CF4-4781-A3E9-2A824C490CB6} -> profile=domain | dir=out | action=allow | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
{26A2863A-14A1-49C3-923F-D3999B0FF75A} -> profile=domain | dir=out | action=allow | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
{2A17D909-F872-42CD-8090-E68C6266537C} -> profile=domain | dir=out | action=allow | name=@{microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
{2C95B420-D303-4BF6-86DC-4D1E9D18D4FB} -> profile=public | protocol=17 | dir=in | action=allow | name=norton removal tool | app=c:\users\jalee6789\appdata\local\temp\7zs7020.tmp\symnrt.exe |
{2F563B26-E35A-4986-B6B1-66E5FFF26ADD} -> profile=public | protocol=6 | dir=in | action=allow | name=norton removal tool | app=c:\users\jalee6789\appdata\local\temp\7zs7020.tmp\symnrt.exe |
{320F6821-D149-45A6-957A-A27D74B2CD51} -> dir=in | action=allow | name=hp connected music | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
{3A522693-274C-4C35-A156-102510201EDD} -> profile=domain | dir=out | action=allow | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
{3B032430-5918-4687-BCD9-82FE05536D85} -> profile=domain | dir=out | action=allow | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
{3BF9129E-AAD4-415E-8B6E-2D3E0EE2813E} -> profile=domain | dir=in | action=allow | name=ebay |
{3C0BEF81-DFCB-40A5-A218-8B51696D5B8F} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{3CA236DC-2FC0-4306-9AFF-6CD37EE529E5} -> profile=domain | dir=out | action=allow | name=hp games |
{3E3CB52B-7188-42A1-B0B1-693379B1C0C1} -> profile=domain | dir=out | action=allow | name=toolbox for windows 8 |
{43C4895B-C1E2-4581-A164-FB350D15DB12} -> profile=domain | dir=out | action=allow | name=kindle |
{450A4DA6-7435-403B-8D3E-A58D783E3B83} -> profile=domain | dir=out | action=allow | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
{4BAC097A-B3E7-4ADE-B3D9-748037592319} -> profile=domain | dir=out | action=allow | name=skype |
{4C759F1F-53E5-452D-873A-19C3617E2F21} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{4D927244-BF45-4BE9-9D96-0A69974CD88D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{4EC2B207-6023-4140-8FFF-2584552B593B} -> profile=domain | dir=in | action=allow | name=savings center featured offers |
{5340662F-345F-4593-BC8C-600FD1564D82} -> profile=domain | dir=out | action=allow | name=hp registration |
{53F413A6-AF52-43BF-AE9C-59DB4E6B1250} -> profile=domain | dir=out | action=allow | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
{548F7FF0-F684-42F0-A3D9-D58C6A07E25E} -> profile=domain | dir=in | action=allow | name=microsoft mahjong |
{54F6DA42-D45A-4BE9-B03D-6FA311B5D3BE} -> profile=domain | dir=out | action=allow | name=norton studio |
{555CEE4F-7E5C-47A6-812A-645DBBA4EFAC} -> profile=domain | dir=out | action=allow | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
{5620071D-0D27-4E9E-B277-1B235E39F763} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{58EBB88E-2C4C-4CD1-A3BE-E22F53A86683} -> profile=domain | dir=out | action=allow | name=savings center featured offers |
{5B06873E-3487-491A-BBA4-290B675FC415} -> profile=domain | dir=out | action=allow | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
{5D0C930D-557E-4C68-93BD-73D454E54535} -> profile=domain | dir=out | action=allow | name=hp games |
{5E03412A-4BBA-4DEF-B963-3ABF246AD90B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{664F095F-DF66-43DD-A319-6049C9BB571D} -> profile=domain | dir=out | action=allow | name=@{microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
{6B116C4D-3840-468A-91B7-788C3AD0C5BD} -> profile=domain | dir=in | action=allow | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
{6BBB3C04-81DB-4153-B5C2-2BEF1837C93F} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
{6DB2E310-CDFE-4285-B6B3-CE56096B7049} -> profile=domain | dir=in | action=allow | name=skype |
{6F04D477-DA3A-45E3-95ED-9E74EB2BB18E} -> dir=out | action=allow | name=hp connected music | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
{6FB13BF8-B0BA-4A6B-8661-6BFB8E67B474} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{6FDACF8A-CDC1-4177-BF8D-DF54278DE88E} -> profile=domain | dir=out | action=allow | name=hp connected photo powered by snapfish |
{701DB704-3423-46FD-9731-F1B3F24B9562} -> profile=domain | dir=out | action=allow | name=hp+ |
{70215DC0-D703-47E3-8BB3-D389D6126A4C} -> profile=public | protocol=17 | dir=in | action=allow | name=personal email scanner | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
{704058CE-DE6C-4AC0-BF15-63B5385CF600} -> profile=domain | dir=out | action=allow | name=microsoft solitaire collection |
{71AF63B1-5FFF-4363-8B2A-42C84D0B6C06} -> profile=public | protocol=6 | dir=in | action=allow | name=avg diagnostics 2014 | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
{71BBA938-32A7-40F2-9031-C8C5DCB43889} -> profile=domain | dir=in | action=allow | name=hp connected photo powered by snapfish |
{73BC88F3-1F80-41D3-BE13-5B01D4B903E1} -> profile=domain | dir=out | action=allow | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
{73C3EC2F-0533-4EC7-8359-77D4B2F55C09} -> dir=out | action=allow | name=hp connected music installer | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
{75113FF6-3139-4B63-8588-B0A94BBAAFEA} -> profile=domain | dir=in | action=allow | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
{7624A464-6BAA-42AF-A43F-4F0B87D2C3E5} -> profile=public | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
{765A099A-4B16-4057-81CA-6A6FF836C0FC} -> profile=domain | dir=out | action=allow | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
{766E275F-DD2D-4AB9-9367-D7B7829CD7E3} -> profile=domain | dir=in | action=allow | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
{766EFFB9-3C83-483B-89D2-F49363D1A685} -> profile=domain | dir=out | action=allow | name=norton studio |
{76AF1C06-C056-4745-B465-08D015CE9AE2} -> profile=domain | dir=out | action=allow | name=hp registration |
{79AE6B5E-ED49-4D09-83AE-8ACD98607D73} -> profile=domain | dir=in | action=allow | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
{7A884EDE-CB37-4492-A05B-6A398062F29A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{7ABEAD10-7BFE-444E-BAF9-53024FBFEA5B} -> profile=domain | dir=out | action=allow | name=@
Pages: 1 2 [3] 4 5 6 7 8 ... 10

Donations

You have come to The Spykiller for help because your Antivirus or Antispyware hasn't been able to fix your problem.

Modern Malware has become so involved and difficult to fix that it takes a very long time and a lot of hard work to read all the logs posted here and research and prepare the fixes for you. In many cases each part of the fix takes about 30 minutes to prepare, so a large part of my time is spent helping you

Would you do all this for nothing?

The reason I run this site is to raise funds for Hedgehog Rescue

Please donate if I have helped you or you have found this site useful.

You can donate safely and securely by using the paypal service, just click on one of the buttons below.

To donate in UK £

To donate in US$

To donate in Euro €

Any amount no matter how small is gratefully accepted and needed to ensure we keep the Rescue Centre running

To donate via paypal when the button doesn't appear or the link doesn't work: just go to www.paypal.com or your country's paypal log in page and chose send money and use help@thehedgehog.co.uk as recipient email address and select other service as the option. then follow prompts


Useful Advice and Programs

Stop killing hedgehogs with strimmers
Welcome, Guest. Please login or register.
Did you miss your activation email?
October 20, 2014, 18:53:06

Login with username, password and session length

secunia Software inspector


RoboForm: Learn more...

You have come to The Spykiller for help because your Antivirus or Antispyware hasn't been able to fix your problem.

Modern Malware is so involved and difficult to fix that it takes a very long time and a lot of hard work to read all the logs posted here and research and prepare the fixes for you.
In many cases each part of the fix takes about 30 minutes to prepare, so a large part of my time is spent helping you

Would you do all this for nothing?

I run this site to help raise funds for Hedgehog Rescue

Please donate if I have helped you or you have found this site useful.

You can donate safely and securely by using the PayPal service, just click on one of the buttons below.

To donate in UK £

To donate in US$

To donate in Euro €

Any amount no matter how small is gratefully accepted and needed to ensure we keep the Rescue Centre running