View Full Version : smitfraud-c.generic
This is my parents pc, they are in their 80s, the computer is their lifeline. I am not that savvy with tech stuff so please bear with me . Hope you can help as I am a bit unsure of what I am doing. I ran a check with spybot and found that smitfraud-c.genric but I can tell you this computer is a mess. It is barely running. Norton was of no help and they even came in but just ended up giving us a case number. When they ran the norton tool it showed no problems.
I have the attached.txt but it is not allowing me to compress it. Please advise. Thanks so much in advance for your time.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_32
Run by member at 19:22:30 on 2013-02-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.2277 [GMT -8:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~2\MICROS~2\OFFICE11\OUTLOOK.EXE
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = www.google.com
uSearch Bar = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: eGames Toolbar: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\Program Files (x86)\eGames\egamestoolbar.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\IPS\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
TB: eGames Toolbar: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\Program Files (x86)\eGames\egamestoolbar.dll
TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\CoIEPlg.dll
uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R210JY05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
StartupFolder: C:\Users\member\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Windows\Speech\ERUNTcorrectone\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{EA537523-3F90-44BF-960A-440561B31138} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=16148
FF - prefs.js: keyword.URL - hxxp://urlseek10.vmn.net/search.php?type=dns&tbn=egames3_1dn&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 SMR311;Symantec SMR Utility Service 3.1.1;C:\Windows\System32\drivers\SMR311.SYS [2013-2-22 95392]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1401010.002\SymDS64.sys [2013-2-22 493216]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1401010.002\SymEFA64.sys [2013-2-22 1132192]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-8 1388120]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1401010.002\ccSetx64.sys [2013-2-22 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130223.001\IDSviA64.sys [2013-2-25 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1401010.002\Ironx64.sys [2013-2-22 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1401010.002\symnets.sys [2013-2-22 432800]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-5-6 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-5-6 55296]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-17 13336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe [2013-2-22 143928]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2012-5-6 291352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-23 138912]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-9-9 233472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-4-5 91304]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;C:\Windows\System32\drivers\wg111v3.sys [2010-5-16 446976]
S3 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-6 1255736]
.
=============== Created Last 30 ================
.
2013-02-23 04:16:04 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-02-23 02:57:45 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Symantec
2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2013-02-23 02:57:18 776352 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\srtsp64.sys
2013-02-23 02:57:18 493216 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\SymDS64.sys
2013-02-23 02:57:18 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\symnets.sys
2013-02-23 02:57:18 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\srtspx64.sys
2013-02-23 02:57:18 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\SymELAM.sys
2013-02-23 02:57:18 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\Ironx64.sys
2013-02-23 02:57:18 168096 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\ccSetx64.sys
2013-02-23 02:57:18 1132192 ----a-r- C:\Windows\System32\drivers\N360x64\1401010.002\SymEFA64.sys
2013-02-23 02:56:54 -------- d-----w- C:\Windows\System32\drivers\N360x64\1401010.002
2013-02-23 02:56:52 -------- d-----w- C:\Program Files (x86)\Norton 360
2013-02-23 02:56:46 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2013-02-23 01:46:47 95392 ----a-w- C:\Windows\System32\drivers\SMR311.SYS
2013-02-23 01:30:54 20480 ----a-w- C:\Windows\svchost.exe
2013-02-21 05:58:12 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\2E27.tmp
2013-02-21 05:58:12 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\2E17.tmp
2013-02-14 08:03:20 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:03:20 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:54:00 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-14 06:53:59 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:53:59 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-14 06:53:56 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-14 06:53:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-14 06:53:54 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-14 06:53:54 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-14 06:53:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-14 06:53:54 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-14 06:53:54 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-14 06:53:52 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-14 06:53:52 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2013-02-17 08:16:02 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-17 08:16:02 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-02-04 18:18:40 689552 ----a-w- C:\Program Files (x86)\2pUninstall Coupon Alert.dll
2012-02-04 18:18:40 161720 ----a-w- C:\Program Files (x86)\2pres.dll
2011-03-19 22:50:01 684032 ----a-w- C:\Program Files (x86)\Uninstall Coupon Alert.dll
.
============= FINISH: 19:23:14.72 ===============
Hello diane7 and :welcome:
My name is JonTom
Malware Logs can sometimes take a lot of time to research and interpret.
Please be patient while I try to assist with your problem. If at any time you do not understand what is required, please ask for further explanation.
Please note that there is no "Quick Fix" to modern malware infections and we may need to use several different approaches to get your system clean.
Read every reply you receive carefully and thoroughly before carrying out the instructions. You may also find it helpful to print out the instructions you receive, as in some instances you may have to disconnect your computer from the Internet.
PLEASE NOTE: If you do not reply after 3 days your thread will be closed.
I am not that savvy with tech stuff so please bear with me Thats no problem whatsoever. If there is anything you are not sure about just ask - its what I am here for :)
I can definitely see malware on this machine but before we begin any fixing I will need a little more information.
Please describe as best you can exactly what symptoms the machine is displaying. Is it just running slow? Are you being redirected when you connect to the net? Are there any error messages?
I have the attached.txt but it is not allowing me to compress it. Please advise. There is no need to attach any logs, just post them directly into your replies like you did with the dds.txt log.
As well as reviewing the log you tried to attach, I would also like to see the reports from the following tools:
aswMBR
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) to your desktop.
Double click the aswMBR.exe to run it.
When asked if you want to download Avast's virus definitions please select Yes.
Click the "Scan" button to start scan.
http://public.avast.com/~gmerek/aswMBR1.png
On completion of the scan click save log, save it to your desktop and post in your next reply.
http://public.avast.com/~gmerek/aswMBR2.png
The following tool may give you the option of deleting/curing anything that is detected. At this time please DO NOT allow the machine to cure or remove anything (I would like to review the report first before we do anything).
TDSS Killer
Please read carefully and follow these steps.
Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and Right click on TDSSKiller.exe and select "Run as Administrator" to run the application.
When the window opens, click on Change Parameters.
Under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”.
Click on Start Scan.
If an infected file is detected, the default action will be Cure, click on SKIP.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Please describe the machines main symptoms and post the DDS attach.txt log, the aswMBR log and the TDSSKiller log in your next reply. If you need to make more than one post to fit all of the information in go right ahead.
If you encounter any difficulties just come back here and let me know :)
Thank you Jon Tom for your assistance and patience. The computer has toolbars and unwanted stuff that just start downloading things like shopathome junk while I was preparing the logs for you. I knew this because Norton would present the stuff as safe. It is slow beyond belief and the font on one of the user accounts that my mom uses is completely gone or messed up to the point I cant even get any settings to change. Per your request here is the other log:
THANK YOU!!!!!
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2009 11:32:52 AM
System Uptime: 2/26/2013 1:00:52 PM (6 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | CPU 1 | 2600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 394.539 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.167 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SM/xD-Picture
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
Manufacturer: Generic-
Name: H:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Compact Flash
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
Manufacturer: Generic-
Name: G:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MS/MS-Pro
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
Manufacturer: Generic-
Name: I:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SD/MMC
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
Manufacturer: Generic-
Name: F:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP494: 2/12/2013 2:09:04 PM - Scheduled Checkpoint
RP495: 2/14/2013 12:01:17 AM - Windows Update
RP496: 2/14/2013 4:03:10 PM - Installed TurboTax 2012 wcaiper
RP497: 2/15/2013 11:59:15 PM - Norton 360 Registry Clean
RP498: 2/23/2013 3:18:11 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
3Dice Casino
Acrobat.com
Activate Norton Online Backup
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.5
Bejeweled 2 Deluxe
Bejeweled 3
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center
Best of Slots II
Big Fish Games: Game Manager
CCleaner
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
eGames GameButler
eGames Toolbar
ERUNT 1.1j
Facebook Video Calling 1.2.0.159
FreeCell Wonderland
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hallmark Card Studio 2
Hardware Diagnostic Tools
Hewlett-Packard ACLM.NET v1.2.1.1
Homepage Protection
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MAINSTREAM KEYBOARD
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP Odometer
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Officejet 4620 series Product Improvement Study
HP Photo Creations
HP Product Detection
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
I.R.I.S. OCR
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Internet Explorer (Enable DEP)
iSEEK AnswerWorks English Runtime
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 32
LabelPrint
LightScribe System Software
Mahjong Escape (TM) - Ancient Japan
Mahjong Escape: Ancient China 1.0.0.5
Mahjongg Dimensions
Mahjongg Dimensions Deluxe (tb) (remove only)
Mahjongg Master Egyptian Edition
Masque Slots
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NETGEAR WG111v3 wireless USB 2.0 adapter
Norton 360
Pando Media Booster
PC Matic 1.1.0.36
PictureMover
Playalot Games
Power2Go
PowerDirector
PowerRecover
Quicken 2001 Deluxe
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
ShopAtHome.com Helper
ShopAtHome.com Toolbar
Sierra Utilities
Skype Click to Call
Skype™ 5.10
Slots from Bally Gaming
SnapShot
Solitaire Master 4
Spybot - Search & Destroy
System Checkup 3.1
System Requirements Lab for Intel
The Weather Channel Desktop 6
TurboTax 2009
TurboTax 2009 wcaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 wcaiper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 wcaiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Video Mover
Web Publishing Wizard
.
==== Event Viewer Messages From Past Week ========
.
2/26/2013 12:02:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ca626b, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022613-33290-01.
2/26/2013 1:01:17 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: This driver has been blocked from loading
2/26/2013 1:01:17 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2/25/2013 11:58:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8007814bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022513-48703-01.
2/24/2013 10:32:51 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cfee45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022413-46956-01.
2/24/2013 10:30:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
2/24/2013 10:30:26 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/24/2013 10:29:39 PM, Error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.
2/23/2013 3:06:06 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cf6e45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022313-19936-01.
2/22/2013 7:30:24 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000600dd, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cbee45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-21980-01.
2/22/2013 7:24:31 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:18:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/22/2013 7:16:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 DfsC discache IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
2/22/2013 7:16:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2/22/2013 7:16:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:16:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:16:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:16:22 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:16:21 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:16:21 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/22/2013 7:16:21 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
2/22/2013 7:16:21 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/22/2013 7:16:21 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/22/2013 7:16:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8007843bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-25131-01.
2/22/2013 7:11:20 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/22/2013 7:11:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/22/2013 7:11:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/22/2013 7:11:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/22/2013 7:11:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/22/2013 7:10:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6
2/22/2013 7:10:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000002000027ef, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cf3e45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-25225-01.
2/22/2013 7:04:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa800796abb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-26020-01.
2/22/2013 6:55:54 PM, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
2/22/2013 6:54:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
2/22/2013 6:54:17 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/22/2013 6:54:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/22/2013 6:52:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dd, 0x0000000000000002, 0x0000000000000001, 0xfffff80002d0de45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-28126-01.
2/22/2013 6:46:10 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002f8ccda, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-32479-01.
2/22/2013 6:02:45 PM, Error: Service Control Manager [7031] - The Norton 360 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/22/2013 5:31:14 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/22/2013 5:31:14 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
2/22/2013 4:56:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/22/2013 4:55:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
2/22/2013 4:44:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002fbacda, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-50294-01.
2/22/2013 4:31:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80001f0ce45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022213-79841-01.
2/21/2013 12:07:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80078b2bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022113-19375-01.
2/21/2013 1:21:29 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c8f1c8, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022113-22339-01.
2/21/2013 1:17:32 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000401cd010c, 0x0000000000000002, 0x0000000000000001, 0xfffff80002cefe45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022113-23212-01.
2/20/2013 10:07:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ca226b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022013-19141-01.
2/20/2013 10:02:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80078c4bb0, 0x0000000000000000, 0x000000007ef88000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022013-18033-01.
.
==== End Of File ===========================
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-26 19:56:27
-----------------------------
19:56:27.627 OS Version: Windows x64 6.1.7601 Service Pack 1
19:56:27.627 Number of processors: 2 586 0x170A
19:56:27.628 ComputerName: MEMBER-PC UserName: member
19:56:31.016 Initialize success
20:21:37.789 AVAST engine defs: 13022601
20:23:42.482 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:23:42.486 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 8
20:23:42.491 Device \Driver\iaStor -> MajorFunction fffffa80078715e8
20:23:42.495 Disk 0 MBR read successfully
20:23:42.500 Disk 0 MBR scan
20:23:42.507 Disk 0 unknown MBR code
20:23:42.513 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:23:42.530 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 464654 MB offset 206848
20:23:42.562 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12184 MB offset 951818240
20:23:42.601 Disk 0 scanning C:\Windows\system32\drivers
20:23:51.274 Service scanning
20:24:12.243 Modules scanning
20:24:12.256 Disk 0 trace - called modules:
20:24:12.263 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80078715e8]<<
20:24:12.271 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052fd530]
20:24:12.278 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fe7050]
20:24:12.284 \Driver\iaStor[0xfffffa80077dfb70] -> IRP_MJ_CREATE -> 0xfffffa80078715e8
20:24:14.621 AVAST engine scan C:\Windows
20:24:17.192 AVAST engine scan C:\Windows\system32
20:27:34.618 AVAST engine scan C:\Windows\system32\drivers
20:27:56.069 AVAST engine scan C:\Users\member
20:29:53.361 File: C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\arcadewebfirefox.dll **INFECTED** Win32:Adware-gen [Adw]
20:30:13.153 AVAST engine scan C:\ProgramData
20:31:13.751 File: C:\ProgramData\Microsoft\Windows\DRM\2E17.tmp **INFECTED** Win32:Malware-gen
20:31:13.803 File: C:\ProgramData\Microsoft\Windows\DRM\2E27.tmp **INFECTED** Win32:Malware-gen
20:33:56.627 Scan finished successfully
20:34:30.411 Disk 0 MBR has been saved successfully to "C:\Users\member\Documents\MBR.dat"
20:34:30.420 The log file has been saved successfully to "C:\Users\member\Documents\aswMBR.txt"
Here is the last log you requested.
20:01:33.0859 2940 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:01:33.0984 2940 ============================================================
20:01:33.0984 2940 Current date / time: 2013/02/27 20:01:33.0984
20:01:33.0984 2940 SystemInfo:
20:01:33.0984 2940
20:01:33.0984 2940 OS Version: 6.1.7601 ServicePack: 1.0
20:01:33.0984 2940 Product type: Workstation
20:01:33.0984 2940 ComputerName: MEMBER-PC
20:01:33.0984 2940 UserName: member
20:01:33.0984 2940 Windows directory: C:\Windows
20:01:33.0984 2940 System windows directory: C:\Windows
20:01:33.0984 2940 Running under WOW64
20:01:33.0984 2940 Processor architecture: Intel x64
20:01:33.0984 2940 Number of processors: 2
20:01:33.0984 2940 Page size: 0x1000
20:01:33.0984 2940 Boot type: Normal boot
20:01:33.0984 2940 ============================================================
20:01:34.0967 2940 BG loaded
20:01:35.0731 2940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:01:35.0747 2940 ============================================================
20:01:35.0747 2940 \Device\Harddisk0\DR0:
20:01:35.0747 2940 MBR partitions:
20:01:35.0747 2940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:01:35.0747 2940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38B87000
20:01:35.0747 2940 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BB9800, BlocksNum 0x17CC000
20:01:35.0747 2940 ============================================================
20:01:35.0778 2940 C: <-> \Device\Harddisk0\DR0\Partition2
20:01:36.0698 2940 D: <-> \Device\Harddisk0\DR0\Partition3
20:01:36.0698 2940 ============================================================
20:01:36.0698 2940 Initialize success
20:01:36.0698 2940 ============================================================
Hello diane7
Thank you for the attach.txt and for aswMBR.
Was that all the TDSSKiller scan produced? It looks as though the log may have been cut off. Please re-check to see if there is any more of it to post in your next reply.
If there is'nt anything else there, just come back and let me know.
I believe there was more to it as well. As it was scanning Norton jumped in and quarantined something but as of now I dont see that report.
Hello diane7
As it was scanning Norton jumped in and quarantined something but as of now I dont see that report. Thats okay, just temporarily disable your Norton product and re-run the TDSSKiller scan as described.
Information about how to disable N360 can be found here (http://www.ehow.com/how_5821205_turn-off-norton-360.html)
Once the scan has completed, save the log then re-engage Norton, then come back here and post the log for me to review.
If you run into any trouble just let me know :)
Im having a problem. I cant copy and paste as its way to big per your limits and wont allow it. I tried to upload it and I got the same result. Im sorry I need more direction as to how I can get this to you. Much appreciated, di
Hello diane7
Im sorry I need more direction as to how I can get this to you.No problem at all.
Simply copy and paste it piece by piece into multiple posts. If you need to make lots of posts thats fine.
If you need any further help just let me know :)
22:34:23.0181 6788 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:34:23.0714 6788 ============================================================
22:34:23.0714 6788 Current date / time: 2013/03/01 22:34:23.0714
22:34:23.0714 6788 SystemInfo:
22:34:23.0714 6788
22:34:23.0714 6788 OS Version: 6.1.7601 ServicePack: 1.0
22:34:23.0714 6788 Product type: Workstation
22:34:23.0714 6788 ComputerName: MEMBER-PC
22:34:23.0715 6788 UserName: member
22:34:23.0715 6788 Windows directory: C:\Windows
22:34:23.0715 6788 System windows directory: C:\Windows
22:34:23.0715 6788 Running under WOW64
22:34:23.0715 6788 Processor architecture: Intel x64
22:34:23.0715 6788 Number of processors: 2
22:34:23.0715 6788 Page size: 0x1000
22:34:23.0715 6788 Boot type: Normal boot
22:34:23.0715 6788 ============================================================
22:34:24.0090 6788 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:34:24.0106 6788 ============================================================
22:34:24.0106 6788 \Device\Harddisk0\DR0:
22:34:24.0106 6788 MBR partitions:
22:34:24.0106 6788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:34:24.0106 6788 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38B87000
22:34:24.0106 6788 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BB9800, BlocksNum 0x17CC000
22:34:24.0106 6788 ============================================================
22:34:24.0135 6788 C: <-> \Device\Harddisk0\DR0\Partition2
22:34:24.0172 6788 D: <-> \Device\Harddisk0\DR0\Partition3
22:34:24.0172 6788 ============================================================
22:34:24.0172 6788 Initialize success
22:34:24.0172 6788 ============================================================
22:34:31.0320 5884 ============================================================
22:34:31.0320 5884 Scan started
22:34:31.0320 5884 Mode: Manual; TDLFS;
22:34:31.0320 5884 ============================================================
22:34:31.0511 5884 ================ Scan system memory ========================
22:34:31.0511 5884 System memory - ok
22:34:31.0512 5884 ================ Scan services =============================
22:34:31.0657 5884 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:34:31.0661 5884 1394ohci - ok
22:34:31.0677 5884 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:34:31.0682 5884 ACPI - ok
22:34:31.0708 5884 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:34:31.0710 5884 AcpiPmi - ok
22:34:31.0823 5884 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:34:31.0825 5884 AdobeFlashPlayerUpdateSvc - ok
22:34:31.0861 5884 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:34:31.0869 5884 adp94xx - ok
22:34:31.0898 5884 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:34:31.0904 5884 adpahci - ok
22:34:31.0914 5884 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:34:31.0918 5884 adpu320 - ok
22:34:31.0943 5884 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:34:31.0944 5884 AeLookupSvc - ok
22:34:31.0995 5884 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:34:32.0003 5884 AFD - ok
22:34:32.0104 5884 [ 23E7CB4641B93CE8591D1057670A4F04 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
22:34:32.0134 5884 AffinegyService - ok
22:34:32.0175 5884 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:34:32.0176 5884 agp440 - ok
22:34:32.0191 5884 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:34:32.0193 5884 ALG - ok
22:34:32.0219 5884 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:34:32.0220 5884 aliide - ok
22:34:32.0232 5884 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:34:32.0234 5884 amdide - ok
22:34:32.0249 5884 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:34:32.0251 5884 AmdK8 - ok
22:34:32.0257 5884 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:34:32.0259 5884 AmdPPM - ok
22:34:32.0281 5884 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:34:32.0283 5884 amdsata - ok
22:34:32.0306 5884 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:34:32.0309 5884 amdsbs - ok
22:34:32.0330 5884 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:34:32.0331 5884 amdxata - ok
22:34:32.0373 5884 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:34:32.0375 5884 AppID - ok
22:34:32.0396 5884 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:34:32.0409 5884 AppIDSvc - ok
22:34:32.0434 5884 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:34:32.0436 5884 Appinfo - ok
22:34:32.0460 5884 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:34:32.0462 5884 arc - ok
22:34:32.0479 5884 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:34:32.0481 5884 arcsas - ok
22:34:32.0534 5884 aspnet_state - ok
22:34:32.0570 5884 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:34:32.0571 5884 AsyncMac - ok
22:34:32.0614 5884 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:34:32.0615 5884 atapi - ok
22:34:32.0666 5884 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:34:32.0675 5884 AudioEndpointBuilder - ok
22:34:32.0691 5884 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:34:32.0699 5884 AudioSrv - ok
22:34:32.0740 5884 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:34:32.0743 5884 AxInstSV - ok
22:34:32.0775 5884 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:34:32.0783 5884 b06bdrv - ok
22:34:32.0823 5884 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:34:32.0826 5884 b57nd60a - ok
22:34:32.0859 5884 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:34:32.0861 5884 BDESVC - ok
22:34:32.0877 5884 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:34:32.0878 5884 Beep - ok
22:34:32.0964 5884 [ 9BB84C554D7429F0A2CDF4EA1836F233 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
22:34:32.0966 5884 Belkin Local Backup Service - ok
22:34:32.0998 5884 [ E62A04D615A8CAC83601E1F07C010D3C ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
22:34:32.0999 5884 Belkin Network USB Helper - ok
22:34:33.0055 5884 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:34:33.0065 5884 BFE - ok
22:34:33.0226 5884 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
22:34:33.0240 5884 BHDrvx64 - ok
22:34:33.0301 5884 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:34:33.0316 5884 BITS - ok
22:34:33.0348 5884 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:34:33.0350 5884 blbdrive - ok
22:34:33.0375 5884 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:34:33.0377 5884 bowser - ok
22:34:33.0397 5884 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:34:33.0399 5884 BrFiltLo - ok
22:34:33.0412 5884 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:34:33.0413 5884 BrFiltUp - ok
22:34:33.0451 5884 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:34:33.0454 5884 Browser - ok
22:34:33.0480 5884 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:34:33.0485 5884 Brserid - ok
22:34:33.0493 5884 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:34:33.0495 5884 BrSerWdm - ok
22:34:33.0528 5884 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:34:33.0529 5884 BrUsbMdm - ok
22:34:33.0534 5884 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:34:33.0535 5884 BrUsbSer - ok
22:34:33.0545 5884 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:34:33.0547 5884 BTHMODEM - ok
22:34:33.0567 5884 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:34:33.0569 5884 bthserv - ok
22:34:33.0628 5884 [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys
22:34:33.0630 5884 ccSet_N360 - ok
22:34:33.0658 5884 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:34:33.0660 5884 cdfs - ok
22:34:33.0692 5884 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:34:33.0695 5884 cdrom - ok
22:34:33.0733 5884 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:34:33.0735 5884 CertPropSvc - ok
22:34:33.0745 5884 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:34:33.0746 5884 circlass - ok
22:34:33.0779 5884 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:34:33.0784 5884 CLFS - ok
22:34:33.0807 5884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:34:33.0809 5884 clr_optimization_v2.0.50727_32 - ok
22:34:33.0853 5884 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:34:33.0855 5884 clr_optimization_v2.0.50727_64 - ok
22:34:33.0919 5884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:34:33.0921 5884 clr_optimization_v4.0.30319_32 - ok
22:34:33.0947 5884 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:34:33.0949 5884 clr_optimization_v4.0.30319_64 - ok
22:34:33.0966 5884 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:34:33.0968 5884 CmBatt - ok
22:34:33.0996 5884 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:34:33.0997 5884 cmdide - ok
22:34:34.0025 5884 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:34:34.0032 5884 CNG - ok
22:34:34.0040 5884 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:34:34.0042 5884 Compbatt - ok
22:34:34.0071 5884 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:34:34.0072 5884 CompositeBus - ok
22:34:34.0082 5884 COMSysApp - ok
22:34:34.0113 5884 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:34:34.0114 5884 crcdisk - ok
22:34:34.0160 5884 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:34:34.0162 5884 CryptSvc - ok
22:34:34.0201 5884 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:34:34.0210 5884 DcomLaunch - ok
22:34:34.0233 5884 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:34:34.0237 5884 defragsvc - ok
22:34:34.0276 5884 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:34:34.0277 5884 DfsC - ok
22:34:34.0322 5884 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:34:34.0327 5884 Dhcp - ok
22:34:34.0352 5884 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:34:34.0353 5884 discache - ok
22:34:34.0376 5884 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:34:34.0378 5884 Disk - ok
22:34:34.0407 5884 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:34:34.0411 5884 Dnscache - ok
22:34:34.0439 5884 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:34:34.0444 5884 dot3svc - ok
22:34:34.0473 5884 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:34:34.0476 5884 DPS - ok
22:34:34.0508 5884 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:34:34.0509 5884 drmkaud - ok
22:34:34.0548 5884 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:34:34.0557 5884 DXGKrnl - ok
22:34:34.0579 5884 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:34:34.0581 5884 EapHost - ok
22:34:34.0656 5884 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:34:34.0744 5884 ebdrv - ok
22:34:34.0814 5884 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
22:34:34.0819 5884 eeCtrl - ok
22:34:34.0845 5884 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:34:34.0847 5884 EFS - ok
22:34:34.0895 5884 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:34:34.0905 5884 ehRecvr - ok
22:34:34.0942 5884 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:34:34.0944 5884 ehSched - ok
22:34:34.0988 5884 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:34:34.0996 5884 elxstor - ok
22:34:35.0042 5884 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:34:35.0044 5884 EraserUtilRebootDrv - ok
22:34:35.0074 5884 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:34:35.0075 5884 ErrDev - ok
22:34:35.0112 5884 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:34:35.0115 5884 EventSystem - ok
22:34:35.0140 5884 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:34:35.0142 5884 exfat - ok
22:34:35.0149 5884 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:34:35.0152 5884 fastfat - ok
22:34:35.0188 5884 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:34:35.0199 5884 Fax - ok
22:34:35.0228 5884 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:34:35.0230 5884 fdc - ok
22:34:35.0243 5884 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:34:35.0245 5884 fdPHost - ok
22:34:35.0259 5884 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:34:35.0261 5884 FDResPub - ok
22:34:35.0271 5884 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:34:35.0272 5884 FileInfo - ok
22:34:35.0282 5884 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:34:35.0283 5884 Filetrace - ok
22:34:35.0295 5884 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:34:35.0296 5884 flpydisk - ok
22:34:35.0326 5884 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:34:35.0329 5884 FltMgr - ok
22:34:35.0385 5884 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:34:35.0399 5884 FontCache - ok
22:34:35.0472 5884 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:34:35.0473 5884 FontCache3.0.0.0 - ok
22:34:35.0481 5884 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:34:35.0483 5884 FsDepends - ok
22:34:35.0512 5884 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:34:35.0513 5884 Fs_Rec - ok
22:34:35.0551 5884 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:34:35.0555 5884 fvevol - ok
22:34:35.0575 5884 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:34:35.0577 5884 gagp30kx - ok
22:34:35.0624 5884 [ 81C1EB203DD3F0C111FE2086BADA2D67 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
22:34:35.0628 5884 GameConsoleService - ok
22:34:35.0665 5884 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:34:35.0676 5884 gpsvc - ok
22:34:35.0763 5884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:34:35.0764 5884 gupdate - ok
22:34:35.0775 5884 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:34:35.0777 5884 gupdatem - ok
22:34:35.0826 5884 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:34:35.0830 5884 gusvc - ok
22:34:35.0853 5884 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:34:35.0854 5884 hcw85cir - ok
22:34:35.0881 5884 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:34:35.0883 5884 HDAudBus - ok
22:34:35.0890 5884 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:34:35.0892 5884 HidBatt - ok
22:34:35.0917 5884 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:34:35.0919 5884 HidBth - ok
22:34:35.0925 5884 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:34:35.0926 5884 HidIr - ok
22:34:35.0954 5884 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:34:35.0955 5884 hidserv - ok
22:34:35.0981 5884 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:34:35.0983 5884 HidUsb - ok
22:34:36.0013 5884 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:34:36.0016 5884 hkmsvc - ok
22:34:36.0049 5884 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:34:36.0054 5884 HomeGroupListener - ok
22:34:36.0081 5884 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:34:36.0085 5884 HomeGroupProvider - ok
22:34:36.0159 5884 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:34:36.0160 5884 HP Support Assistant Service - ok
22:34:36.0222 5884 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:34:36.0251 5884 hpqwmiex - ok
22:34:36.0266 5884 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:34:36.0268 5884 HpSAMD - ok
22:34:36.0324 5884 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:34:36.0335 5884 HTTP - ok
22:34:36.0365 5884 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:34:36.0366 5884 hwpolicy - ok
22:34:36.0393 5884 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:34:36.0395 5884 i8042prt - ok
22:34:36.0429 5884 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:34:36.0432 5884 iaStor - ok
22:34:36.0464 5884 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:34:36.0465 5884 IAStorDataMgrSvc - ok
22:34:36.0512 5884 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:34:36.0516 5884 iaStorV - ok
22:34:36.0550 5884 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:34:36.0559 5884 idsvc - ok
22:34:36.0647 5884 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys
22:34:36.0652 5884 IDSVia64 - ok
22:34:36.0781 5884 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:34:36.0901 5884 igfx - ok
22:34:36.0930 5884 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:34:36.0932 5884 iirsp - ok
22:34:36.0968 5884 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:34:36.0977 5884 IKEEXT - ok
22:34:37.0031 5884 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:34:37.0042 5884 IntcAzAudAddService - ok
22:34:37.0060 5884 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:34:37.0061 5884 intelide - ok
22:34:37.0086 5884 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:34:37.0087 5884 intelppm - ok
22:34:37.0145 5884 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:34:37.0146 5884 IntuitUpdateService - ok
22:34:37.0204 5884 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
22:34:37.0205 5884 IntuitUpdateServiceV4 - ok
22:34:37.0225 5884 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:34:37.0230 5884 IPBusEnum - ok
22:34:37.0258 5884 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:34:37.0260 5884 IpFilterDriver - ok
22:34:37.0300 5884 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:34:37.0310 5884 iphlpsvc - ok
22:34:37.0343 5884 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:34:37.0346 5884 IPMIDRV - ok
22:34:37.0376 5884 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:34:37.0379 5884 IPNAT - ok
22:34:37.0395 5884 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:34:37.0397 5884 IRENUM - ok
22:34:37.0414 5884 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:34:37.0416 5884 isapnp - ok
22:34:37.0446 5884 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:34:37.0451 5884 iScsiPrt - ok
22:34:37.0477 5884 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:34:37.0479 5884 kbdclass - ok
22:34:37.0509 5884 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:34:37.0511 5884 kbdhid - ok
22:34:37.0528 5884 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:34:37.0531 5884 KeyIso - ok
22:34:37.0562 5884 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:34:37.0565 5884 KSecDD - ok
22:34:37.0600 5884 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:34:37.0603 5884 KSecPkg - ok
22:34:37.0610 5884 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:34:37.0611 5884 ksthunk - ok
22:34:37.0647 5884 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:34:37.0655 5884 KtmRm - ok
22:34:37.0689 5884 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:34:37.0695 5884 LanmanServer - ok
22:34:37.0729 5884 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:34:37.0735 5884 LanmanWorkstation - ok
22:34:37.0779 5884 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:34:37.0780 5884 LightScribeService - ok
22:34:37.0807 5884 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:34:37.0809 5884 lltdio - ok
22:34:37.0841 5884 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:34:37.0846 5884 lltdsvc - ok
22:34:37.0864 5884 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:34:37.0866 5884 lmhosts - ok
22:34:37.0891 5884 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:34:37.0893 5884 LSI_FC - ok
22:34:37.0915 5884 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:34:37.0917 5884 LSI_SAS - ok
22:34:37.0925 5884 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:34:37.0927 5884 LSI_SAS2 - ok
22:34:37.0945 5884 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:34:37.0947 5884 LSI_SCSI - ok
22:34:37.0974 5884 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:34:37.0976 5884 luafv - ok
22:34:38.0004 5884 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:34:38.0007 5884 Mcx2Svc - ok
22:34:38.0030 5884 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:34:38.0031 5884 megasas - ok
22:34:38.0051 5884 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:34:38.0055 5884 MegaSR - ok
22:34:38.0072 5884 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:34:38.0074 5884 MMCSS - ok
22:34:38.0084 5884 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:34:38.0086 5884 Modem - ok
22:34:38.0116 5884 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:34:38.0117 5884 monitor - ok
22:34:38.0135 5884 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:34:38.0136 5884 mouclass - ok
22:34:38.0166 5884 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:34:38.0167 5884 mouhid - ok
22:34:38.0198 5884 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:34:38.0200 5884 mountmgr - ok
22:34:38.0281 5884 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:34:38.0283 5884 MozillaMaintenance - ok
22:34:38.0298 5884 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:34:38.0301 5884 mpio - ok
22:34:38.0315 5884 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:34:38.0317 5884 mpsdrv - ok
22:34:38.0354 5884 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:34:38.0367 5884 MpsSvc - ok
22:34:38.0389 5884 mrtRate - ok
22:34:38.0418 5884 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:34:38.0420 5884 MRxDAV - ok
22:34:38.0449 5884 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:34:38.0452 5884 mrxsmb - ok
22:34:38.0480 5884 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:34:38.0485 5884 mrxsmb10 - ok
22:34:38.0494 5884 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:34:38.0496 5884 mrxsmb20 - ok
22:34:38.0509 5884 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:34:38.0510 5884 msahci - ok
22:34:38.0536 5884 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:34:38.0538 5884 msdsm - ok
22:34:38.0553 5884 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:34:38.0556 5884 MSDTC - ok
22:34:38.0576 5884 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:34:38.0577 5884 Msfs - ok
22:34:38.0588 5884 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:34:38.0589 5884 mshidkmdf - ok
22:34:38.0610 5884 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:34:38.0611 5884 msisadrv - ok
22:34:38.0635 5884 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:34:38.0638 5884 MSiSCSI - ok
22:34:38.0643 5884 msiserver - ok
22:34:38.0659 5884 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:34:38.0660 5884 MSKSSRV - ok
22:34:38.0685 5884 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:34:38.0686 5884 MSPCLOCK - ok
22:34:38.0701 5884 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:34:38.0702 5884 MSPQM - ok
22:34:38.0733 5884 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:34:38.0737 5884 MsRPC - ok
22:34:38.0752 5884 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:34:38.0752 5884 mssmbios - ok
22:34:38.0768 5884 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:34:38.0769 5884 MSTEE - ok
22:34:38.0790 5884 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:34:38.0792 5884 MTConfig - ok
22:34:38.0810 5884 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:34:38.0811 5884 Mup - ok
22:34:38.0893 5884 [ DFD8873E4DC08E621A8366C6CD98AB28 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe
22:34:38.0895 5884 N360 - ok
22:34:38.0931 5884 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:34:38.0955 5884 napagent - ok
22:34:38.0989 5884 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:34:38.0994 5884 NativeWifiP - ok
22:34:39.0072 5884 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\ENG64.SYS
22:34:39.0074 5884 NAVENG - ok
22:34:39.0126 5884 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\EX64.SYS
22:34:39.0146 5884 NAVEX15 - ok
22:34:39.0194 5884 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:34:39.0203 5884 NDIS - ok
22:34:39.0223 5884 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:34:39.0224 5884 NdisCap - ok
22:34:39.0246 5884 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:34:39.0247 5884 NdisTapi - ok
22:34:39.0267 5884 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:34:39.0268 5884 Ndisuio - ok
22:34:39.0291 5884 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:34:39.0294 5884 NdisWan - ok
22:34:39.0318 5884 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:34:39.0319 5884 NDProxy - ok
22:34:39.0331 5884 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:34:39.0332 5884 NetBIOS - ok
22:34:39.0362 5884 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:34:39.0365 5884 NetBT - ok
22:34:39.0377 5884 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:34:39.0379 5884 Netlogon - ok
22:34:39.0408 5884 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:34:39.0413 5884 Netman - ok
22:34:39.0432 5884 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:34:39.0437 5884 netprofm - ok
22:34:39.0459 5884 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:34:39.0460 5884 NetTcpPortSharing - ok
22:34:39.0491 5884 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:34:39.0492 5884 nfrd960 - ok
22:34:39.0522 5884 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:34:39.0528 5884 NlaSvc - ok
22:34:39.0543 5884 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:34:39.0545 5884 Npfs - ok
22:34:39.0568 5884 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:34:39.0571 5884 nsi - ok
22:34:39.0578 5884 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:34:39.0579 5884 nsiproxy - ok
22:34:39.0646 5884 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:34:39.0698 5884 Ntfs - ok
22:34:39.0713 5884 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:34:39.0714 5884 Null - ok
22:34:39.0741 5884 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:34:39.0744 5884 nvraid - ok
22:34:39.0759 5884 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:34:39.0762 5884 nvstor - ok
22:34:39.0777 5884 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:34:39.0779 5884 nv_agp - ok
22:34:39.0805 5884 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:34:39.0807 5884 ohci1394 - ok
22:34:39.0853 5884 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:34:39.0855 5884 ose - ok
22:34:39.0884 5884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:34:39.0891 5884 p2pimsvc - ok
22:34:39.0915 5884 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:34:39.0925 5884 p2psvc - ok
22:34:39.0945 5884 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:34:39.0947 5884 Parport - ok
22:34:39.0972 5884 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:34:39.0974 5884 partmgr - ok
22:34:39.0991 5884 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:34:39.0994 5884 PcaSvc - ok
22:34:40.0068 5884 PcdrNdisuio - ok
22:34:40.0086 5884 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:34:40.0088 5884 pci - ok
22:34:40.0102 5884 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:34:40.0103 5884 pciide - ok
22:34:40.0124 5884 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:34:40.0127 5884 pcmcia - ok
22:34:40.0158 5884 [ EA762CEA5B7012381EF75F4A55C7BB62 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
22:34:40.0160 5884 PCPitstop Scheduling - ok
22:34:40.0194 5884 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:34:40.0195 5884 pcw - ok
22:34:40.0215 5884 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:34:40.0225 5884 PEAUTH - ok
22:34:40.0250 5884 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:34:40.0251 5884 PerfHost - ok
22:34:40.0306 5884 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:34:40.0322 5884 pla - ok
22:34:40.0351 5884 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:34:40.0356 5884 PlugPlay - ok
22:34:40.0368 5884 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:34:40.0370 5884 PNRPAutoReg - ok
22:34:40.0391 5884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:34:40.0394 5884 PNRPsvc - ok
22:34:40.0411 5884 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:34:40.0416 5884 PolicyAgent - ok
22:34:40.0434 5884 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:34:40.0436 5884 Power - ok
22:34:40.0469 5884 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:34:40.0471 5884 PptpMiniport - ok
22:34:40.0476 5884 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:34:40.0478 5884 Processor - ok
22:34:40.0521 5884 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:34:40.0524 5884 ProfSvc - ok
22:34:40.0536 5884 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:34:40.0537 5884 ProtectedStorage - ok
22:34:40.0574 5884 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:34:40.0575 5884 Psched - ok
22:34:40.0616 5884 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:34:40.0631 5884 ql2300 - ok
22:34:40.0639 5884 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:34:40.0641 5884 ql40xx - ok
22:34:40.0654 5884 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:34:40.0658 5884 QWAVE - ok
22:34:40.0682 5884 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:34:40.0683 5884 QWAVEdrv - ok
22:34:40.0694 5884 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:34:40.0694 5884 RasAcd - ok
22:34:40.0706 5884 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:34:40.0707 5884 RasAgileVpn - ok
22:34:40.0716 5884 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:34:40.0719 5884 RasAuto - ok
22:34:40.0745 5884 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:34:40.0747 5884 Rasl2tp - ok
22:34:40.0780 5884 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:34:40.0785 5884 RasMan - ok
22:34:40.0796 5884 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:34:40.0798 5884 RasPppoe - ok
22:34:40.0805 5884 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:34:40.0807 5884 RasSstp - ok
22:34:40.0847 5884 [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys
22:34:40.0848 5884 rcmirror - ok
22:34:40.0877 5884 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:34:40.0880 5884 rdbss - ok
22:34:40.0898 5884 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:34:40.0899 5884 rdpbus - ok
22:34:40.0922 5884 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:34:40.0923 5884 RDPCDD - ok
22:34:40.0930 5884 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:34:40.0931 5884 RDPENCDD - ok
22:34:40.0947 5884 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:34:40.0948 5884 RDPREFMP - ok
22:34:40.0980 5884 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:34:40.0983 5884 RDPWD - ok
22:34:41.0008 5884 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:34:41.0010 5884 rdyboost - ok
22:34:41.0034 5884 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:34:41.0037 5884 RemoteAccess - ok
22:34:41.0053 5884 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:34:41.0056 5884 RemoteRegistry - ok
22:34:41.0069 5884 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:34:41.0071 5884 RpcEptMapper - ok
22:34:41.0100 5884 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:34:41.0102 5884 RpcLocator - ok
22:34:41.0132 5884 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:34:41.0136 5884 RpcSs - ok
22:34:41.0147 5884 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:34:41.0148 5884 rspndr - ok
22:34:41.0179 5884 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:34:41.0181 5884 RTL8167 - ok
22:34:41.0214 5884 [ 4A06585C8673F4458E9FBBC9DDDB4D28 ] RTL8187B C:\Windows\system32\DRIVERS\wg111v3.sys
22:34:41.0219 5884 RTL8187B - ok
22:34:41.0236 5884 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:34:41.0237 5884 SamSs - ok
22:34:41.0268 5884 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:34:41.0270 5884 sbp2port - ok
22:34:41.0285 5884 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:34:41.0289 5884 SCardSvr - ok
22:34:41.0313 5884 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:34:41.0315 5884 scfilter - ok
22:34:41.0354 5884 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:34:41.0365 5884 Schedule - ok
22:34:41.0390 5884 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:34:41.0391 5884 SCPolicySvc - ok
22:34:41.0423 5884 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:34:41.0426 5884 SDRSVC - ok
22:34:41.0543 5884 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:34:41.0554 5884 SDScannerService - ok
22:34:41.0595 5884 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:34:41.0609 5884 SDUpdateService - ok
22:34:41.0641 5884 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:34:41.0643 5884 SDWSCService - ok
22:34:41.0676 5884 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:34:41.0677 5884 secdrv - ok
22:34:41.0702 5884 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:34:41.0705 5884 seclogon - ok
22:34:41.0717 5884 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:34:41.0721 5884 SENS - ok
22:34:41.0739 5884 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:34:41.0743 5884 SensrSvc - ok
22:34:41.0762 5884 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:34:41.0763 5884 Serenum - ok
22:34:41.0771 5884 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:34:41.0774 5884 Serial - ok
22:34:41.0797 5884 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:34:41.0798 5884 sermouse - ok
22:34:41.0834 5884 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:34:41.0836 5884 SessionEnv - ok
22:34:41.0866 5884 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:34:41.0867 5884 sffdisk - ok
22:34:41.0874 5884 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:34:41.0875 5884 sffp_mmc - ok
22:34:41.0880 5884 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:34:41.0881 5884 sffp_sd - ok
22:34:41.0894 5884 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:34:41.0895 5884 sfloppy - ok
22:34:41.0919 5884 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:34:41.0924 5884 SharedAccess - ok
22:34:41.0953 5884 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:34:41.0958 5884 ShellHWDetection - ok
22:34:41.0989 5884 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:34:41.0990 5884 SiSRaid2 - ok
22:34:42.0004 5884 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:34:42.0006 5884 SiSRaid4 - ok
22:34:42.0126 5884 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:34:42.0191 5884 Skype C2C Service - ok
22:34:42.0256 5884 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:34:42.0258 5884 SkypeUpdate - ok
22:34:42.0296 5884 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:34:42.0298 5884 Smb - ok
22:34:42.0339 5884 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
22:34:42.0340 5884 SMR311 - ok
22:34:42.0384 5884 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:34:42.0387 5884 SNMPTRAP - ok
22:34:42.0395 5884 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:34:42.0396 5884 spldr - ok
22:34:42.0432 5884 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:34:42.0438 5884 Spooler - ok
22:34:42.0526 5884 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:34:42.0623 5884 sppsvc - ok
22:34:42.0639 5884 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:34:42.0642 5884 sppuinotify - ok
22:34:42.0732 5884 [ B2FE88C5E621C8345CC9BAC5CFD366B0 ] SRTSP C:\Windows\system32\drivers\N360x64\1401010.002\SRTSP64.SYS
22:34:42.0739 5884 SRTSP - ok
22:34:42.0755 5884 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1401010.002\SRTSPX64.SYS
22:34:42.0756 5884 SRTSPX - ok
22:34:42.0787 5884 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:34:42.0795 5884 srv - ok
22:34:42.0833 5884 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:34:42.0839 5884 srv2 - ok
22:34:42.0858 5884 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:34:42.0861 5884 srvnet - ok
22:34:42.0890 5884 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
22:34:42.0892 5884 sscdbus - ok
22:34:42.0928 5884 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:34:42.0929 5884 sscdmdfl - ok
22:34:42.0949 5884 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
22:34:42.0951 5884 sscdmdm - ok
22:34:42.0985 5884 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
22:34:42.0987 5884 sscdserd - ok
22:34:43.0009 5884 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:34:43.0012 5884 SSDPSRV - ok
22:34:43.0023 5884 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:34:43.0025 5884 SstpSvc - ok
22:34:43.0046 5884 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:34:43.0047 5884 stexstor - ok
22:34:43.0084 5884 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
22:34:43.0085 5884 StillCam - ok
22:34:43.0124 5884 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:34:43.0131 5884 stisvc - ok
22:34:43.0155 5884 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:34:43.0155 5884 swenum - ok
22:34:43.0181 5884 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:34:43.0187 5884 swprv - ok
22:34:43.0223 5884 [ 52EB25BD8AB4E331028C48B178441B36 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
22:34:43.0225 5884 sxuptp - ok
22:34:43.0274 5884 [ 688BBE78970E639BC1D66AE733394DCF ] SymDS C:\Windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS
22:34:43.0279 5884 SymDS - ok
22:34:43.0365 5884 [ A17EE0D0D762CC9B56FB9218D7089AFB ] SymEFA C:\Windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS
22:34:43.0380 5884 SymEFA - ok
22:34:43.0416 5884 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
22:34:43.0417 5884 SymEvent - ok
22:34:43.0452 5884 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS
22:34:43.0453 5884 SymIRON - ok
22:34:43.0491 5884 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS
22:34:43.0494 5884 SymNetS - ok
22:34:43.0547 5884 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:34:43.0583 5884 SysMain - ok
22:34:43.0608 5884 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:34:43.0613 5884 TabletInputService - ok
22:34:43.0642 5884 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:34:43.0650 5884 TapiSrv - ok
22:34:43.0663 5884 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:34:43.0667 5884 TBS - ok
22:34:43.0727 5884 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:34:43.0769 5884 Tcpip - ok
22:34:43.0798 5884 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:34:43.0811 5884 TCPIP6 - ok
22:34:43.0839 5884 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:34:43.0840 5884 tcpipreg - ok
22:34:43.0862 5884 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:34:43.0863 5884 TDPIPE - ok
22:34:43.0882 5884 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:34:43.0884 5884 TDTCP - ok
22:34:43.0915 5884 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:34:43.0917 5884 tdx - ok
22:34:43.0936 5884 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:34:43.0937 5884 TermDD - ok
22:34:43.0981 5884 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:34:43.0993 5884 TermService - ok
22:34:44.0010 5884 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:34:44.0012 5884 Themes - ok
22:34:44.0041 5884 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:34:44.0043 5884 THREADORDER - ok
22:34:44.0049 5884 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:34:44.0053 5884 TrkWks - ok
22:34:44.0095 5884 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:34:44.0099 5884 TrustedInstaller - ok
22:34:44.0131 5884 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:34:44.0133 5884 tssecsrv - ok
22:34:44.0167 5884 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:34:44.0169 5884 TsUsbFlt - ok
22:34:44.0199 5884 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:34:44.0201 5884 tunnel - ok
22:34:44.0233 5884 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:34:44.0235 5884 uagp35 - ok
22:34:44.0270 5884 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:34:44.0275 5884 udfs - ok
22:34:44.0302 5884 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:34:44.0306 5884 UI0Detect - ok
22:34:44.0321 5884 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:34:44.0323 5884 uliagpkx - ok
22:34:44.0349 5884 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:34:44.0350 5884 umbus - ok
22:34:44.0372 5884 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:34:44.0373 5884 UmPass - ok
22:34:44.0390 5884 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:34:44.0395 5884 upnphost - ok
22:34:44.0408 5884 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:34:44.0410 5884 usbccgp - ok
22:34:44.0439 5884 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:34:44.0441 5884 usbcir - ok
22:34:44.0446 5884 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:34:44.0448 5884 usbehci - ok
22:34:44.0467 5884 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:34:44.0472 5884 usbhub - ok
22:34:44.0484 5884 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:34:44.0485 5884 usbohci - ok
22:34:44.0513 5884 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:34:44.0514 5884 usbprint - ok
22:34:44.0544 5884 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:34:44.0545 5884 usbscan - ok
22:34:44.0557 5884 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
22:34:44.0559 5884 USBSTOR - ok
22:34:44.0572 5884 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:34:44.0574 5884 usbuhci - ok
22:34:44.0590 5884 [ D0FE8CB5F84303E73FF0754437FAD3D1 ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys
22:34:44.0591 5884 USB_RNDIS - ok
22:34:44.0613 5884 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:34:44.0615 5884 UxSms - ok
22:34:44.0627 5884 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:34:44.0628 5884 VaultSvc - ok
22:34:44.0654 5884 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:34:44.0655 5884 vdrvroot - ok
22:34:44.0685 5884 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:34:44.0692 5884 vds - ok
22:34:44.0709 5884 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:34:44.0710 5884 vga - ok
22:34:44.0716 5884 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:34:44.0717 5884 VgaSave - ok
22:34:44.0733 5884 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:34:44.0736 5884 vhdmp - ok
22:34:44.0754 5884 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:34:44.0755 5884 viaide - ok
22:34:44.0770 5884 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:34:44.0771 5884 volmgr - ok
22:34:44.0806 5884 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:34:44.0809 5884 volmgrx - ok
22:34:44.0826 5884 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:34:44.0830 5884 volsnap - ok
22:34:44.0864 5884 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:34:44.0866 5884 vsmraid - ok
22:34:44.0922 5884 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:34:44.0963 5884 VSS - ok
22:34:44.0977 5884 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:34:44.0978 5884 vwifibus - ok
22:34:44.0994 5884 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:34:44.0996 5884 vwififlt - ok
22:34:45.0014 5884 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:34:45.0021 5884 W32Time - ok
22:34:45.0047 5884 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:34:45.0048 5884 WacomPen - ok
22:34:45.0067 5884 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:34:45.0068 5884 WANARP - ok
22:34:45.0072 5884 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:34:45.0074 5884 Wanarpv6 - ok
22:34:45.0119 5884 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:34:45.0140 5884 WatAdminSvc - ok
22:34:45.0188 5884 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:34:45.0205 5884 wbengine - ok
22:34:45.0229 5884 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:34:45.0233 5884 WbioSrvc - ok
22:34:45.0268 5884 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:34:45.0273 5884 wcncsvc - ok
22:34:45.0285 5884 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:34:45.0288 5884 WcsPlugInService - ok
22:34:45.0307 5884 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:34:45.0308 5884 Wd - ok
22:34:45.0346 5884 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:34:45.0354 5884 Wdf01000 - ok
22:34:45.0372 5884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:34:45.0375 5884 WdiServiceHost - ok
22:34:45.0380 5884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:34:45.0384 5884 WdiSystemHost - ok
22:34:45.0406 5884 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:34:45.0411 5884 WebClient - ok
22:34:45.0427 5884 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:34:45.0432 5884 Wecsvc - ok
22:34:45.0442 5884 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:34:45.0445 5884 wercplsupport - ok
22:34:45.0466 5884 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:34:45.0469 5884 WerSvc - ok
22:34:45.0488 5884 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:34:45.0489 5884 WfpLwf - ok
22:34:45.0505 5884 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:34:45.0507 5884 WIMMount - ok
22:34:45.0517 5884 WinDefend - ok
22:34:45.0523 5884 WinHttpAutoProxySvc - ok
22:34:45.0573 5884 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:34:45.0576 5884 Winmgmt - ok
22:34:45.0632 5884 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:34:45.0684 5884 WinRM - ok
22:34:45.0719 5884 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:34:45.0729 5884 Wlansvc - ok
22:34:45.0758 5884 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:34:45.0759 5884 WmiAcpi - ok
22:34:45.0781 5884 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:34:45.0785 5884 wmiApSrv - ok
22:34:45.0807 5884 WMPNetworkSvc - ok
22:34:45.0825 5884 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:34:45.0827 5884 WPCSvc - ok
22:34:45.0842 5884 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:34:45.0844 5884 WPDBusEnum - ok
22:34:45.0860 5884 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:34:45.0861 5884 ws2ifsl - ok
22:34:45.0876 5884 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:34:45.0879 5884 wscsvc - ok
22:34:45.0885 5884 WSearch - ok
22:34:45.0950 5884 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:34:45.0982 5884 wuauserv - ok
22:34:46.0012 5884 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:34:46.0014 5884 WudfPf - ok
22:34:46.0042 5884 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:34:46.0045 5884 wudfsvc - ok
22:34:46.0058 5884 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:34:46.0063 5884 WwanSvc - ok
22:34:46.0083 5884 ================ Scan global ===============================
22:34:46.0104 5884 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:34:46.0129 5884 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:34:46.0138 5884 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:34:46.0160 5884 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:34:46.0193 5884 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:34:46.0196 5884 [Global] - ok
22:34:46.0196 5884 ================ Scan MBR ==================================
22:34:46.0208 5884 [ 89750024E83C5387C5B5F649AFB20429 ] \Device\Harddisk0\DR0
22:34:46.0457 5884 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:34:46.0457 5884 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:34:46.0458 5884 ================ Scan VBR ==================================
22:34:46.0464 5884 [ 0CB555645E88FB9D32D324EDD502BEAA ] \Device\Harddisk0\DR0\Partition1
22:34:46.0466 5884 \Device\Harddisk0\DR0\Partition1 - ok
22:34:46.0502 5884 [ C88532FE8C261DC926E34F2EEDC1F880 ] \Device\Harddisk0\DR0\Partition2
22:34:46.0504 5884 \Device\Harddisk0\DR0\Partition2 - ok
22:34:46.0534 5884 [ 3A96162BAA79A5A8E0F50DA9AB06DE36 ] \Device\Harddisk0\DR0\Partition3
22:34:46.0536 5884 \Device\Harddisk0\DR0\Partition3 - ok
22:34:46.0537 5884 ============================================================
22:34:46.0537 5884 Scan finished
22:34:46.0537 5884 ============================================================
22:34:46.0556 5388 Detected object count: 1
22:34:46.0556 5388 Actual detected object count: 1
22:34:53.0367 5388 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:34:53.0367 5388 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Hello diane7
Thank you for the log :)
If this machine is used to perform any kind of financial transactions please use an uninfected machine to change your passwords as soon as you can.
Please disable your Norton product and run TDSSKiller again.
When the following item is detected:
Detected object count: 1
22:34:46.0556 5388 Actual detected object count: 1
22:34:53.0367 5388 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:34:53.0367 5388 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip Select Delete.
Once you have done that, save the log produced by TDSSKiller then download and run the following tool:
Combofix
Download ComboFix from one of the following locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here (http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html&pid=494216#entry494216).
Right click on ComboFix.exe and select "Run as Administrator" to run the program. Follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RC1.png
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/RC2-1.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes: Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
Should there be issues with internet afterward:
In IE: Tools Menu -> Internet Options -> Connections Tab -> Lan Settings -> uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
In Firefox: Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.
Please post the TDSSKiller log and the Combofix log in your next reply.
If you run into any problems just let me know :)
12:26:42.0037 2392 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:26:42.0551 2392 ============================================================
12:26:42.0551 2392 Current date / time: 2013/03/02 12:26:42.0551
12:26:42.0551 2392 SystemInfo:
12:26:42.0551 2392
12:26:42.0551 2392 OS Version: 6.1.7601 ServicePack: 1.0
12:26:42.0551 2392 Product type: Workstation
12:26:42.0551 2392 ComputerName: MEMBER-PC
12:26:42.0551 2392 UserName: member
12:26:42.0552 2392 Windows directory: C:\Windows
12:26:42.0552 2392 System windows directory: C:\Windows
12:26:42.0552 2392 Running under WOW64
12:26:42.0552 2392 Processor architecture: Intel x64
12:26:42.0552 2392 Number of processors: 2
12:26:42.0552 2392 Page size: 0x1000
12:26:42.0552 2392 Boot type: Normal boot
12:26:42.0552 2392 ============================================================
12:26:42.0921 2392 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:42.0937 2392 ============================================================
12:26:42.0937 2392 \Device\Harddisk0\DR0:
12:26:42.0552 2392 ============================================================
12:26:42.0921 2392 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:42.0937 2392 ============================================================
12:26:42.0937 2392 \Device\Harddisk0\DR0:
12:26:42.0937 2392 MBR partitions:
12:26:42.0937 2392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:26:42.0937 2392 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38B87000
12:26:42.0937 2392 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BB9800, BlocksNum 0x17CC000
12:26:42.0937 2392 ============================================================
12:26:42.0960 2392 C: <-> \Device\Harddisk0\DR0\Partition2
12:26:42.0995 2392 D: <-> \Device\Harddisk0\DR0\Partition3
12:26:42.0995 2392 ============================================================
12:26:42.0995 2392 Initialize success
12:26:42.0995 2392 ============================================================
12:26:45.0911 3840 ============================================================
12:26:45.0911 3840 Scan started
12:26:45.0911 3840 Mode: Manual;
12:26:45.0911 3840 ============================================================
12:26:46.0138 3840 ================ Scan system memory ========================
12:26:46.0138 3840 System memory - ok
12:26:46.0139 3840 ================ Scan services
12:26:46.0281 3840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:26:46.0285 3840 1394ohci - ok
12:26:46.0318 3840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:26:46.0323 3840 ACPI - ok
12:26:46.0357 3840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:26:46.0358 3840 AcpiPmi - ok
12:26:46.0470 3840 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:46.0472 3840 AdobeFlashPlayerUpdateSvc - ok
12:26:46.0509 3840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:26:46.0516 3840 adp94xx - ok
12:26:46.0563 3840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:26:46.0568 3840 adpahci - ok
12:26:46.0583 3840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:26:46.0586 3840 adpu320 - ok
12:26:46.0633 3840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:26:46.0633 3840 AeLookupSvc - ok
12:26:46.0833 3840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:26:46.0838 3840 AFD - ok
12:26:46.0960 3840 [ 23E7CB4641B93CE8591D1057670A4F04 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
12:26:46.0966 3840 AffinegyService - ok
12:26:46.0998 3840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:26:46.0999 3840 agp440 - ok
12:26:47.0032 3840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:26:47.0034 3840 ALG - ok
12:26:47.0059 3840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:26:47.0060 3840 aliide - ok
12:26:47.0089 3840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:26:47.0090 3840 amdide - ok
12:26:47.0114 3840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:26:47.0116 3840 AmdK8 - ok
12:26:47.0124 3840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:26:47.0126 3840 AmdPPM - ok
12:26:47.0162 3840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:26:47.0164 3840 amdsata - ok
12:26:47.0188 3840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:26:47.0190 3840 amdsbs - ok
12:26:47.0211 3840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:26:47.0212 3840 amdxata - ok
12:26:47.0246 3840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:26:47.0247 3840 AppID - ok
12:26:47.0269 3840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:26:47.0270 3840 AppIDSvc - ok
12:26:47.0299 3840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:26:47.0300 3840 Appinfo - ok
12:26:47.0316 3840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:26:47.0317 3840 arc - ok
12:26:47.0325 3840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:26:47.0326 3840 arcsas - ok
12:26:47.0382 3840 aspnet_state - ok
12:26:47.0410 3840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:47.0411 3840 AsyncMac - ok
12:26:47.0454 3840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:26:47.0455 3840 atapi - ok
12:26:47.0504 3840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:26:47.0508 3840 AudioEndpointBuilder - ok
12:26:47.0529 3840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:26:47.0534 3840 AudioSrv - ok
12:26:47.0571 3840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:26:47.0573 3840 AxInstSV - ok
12:26:47.0597 3840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:26:47.0602 3840 b06bdrv - ok
12:26:47.0629 3840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:26:47.0633 3840 b57nd60a - ok
12:26:47.0674 3840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:26:47.0676 3840 BDESVC - ok
12:26:47.0692 3840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:26:47.0693 3840 Beep - ok
12:26:47.0787 3840 [ 9BB84C554D7429F0A2CDF4EA1836F233 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
12:26:47.0789 3840 Belkin Local Backup Service - ok
12:26:47.0821 3840 [ E62A04D615A8CAC83601E1F07C010D3C ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
12:26:47.0822 3840 Belkin Network USB Helper - ok
12:26:47.0878 3840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:26:47.0885 3840 BFE - ok
12:26:48.0041 3840 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
12:26:48.0054 3840 BHDrvx64 - ok
12:26:48.0099 3840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:26:48.0109 3840 BITS - ok
12:26:48.0130 3840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:26:48.0131 3840 blbdrive - ok
12:26:48.0156 3840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:26:48.0158 3840 bowser - ok
12:26:48.0179 3840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:26:48.0180 3840 BrFiltLo - ok
12:26:48.0194 3840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:26:48.0194 3840 BrFiltUp - ok
12:26:48.0232 3840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:26:48.0234 3840 Browser - ok
12:26:48.0261 3840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:26:48.0264 3840 Brserid - ok
12:26:48.0284 3840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:26:48.0285 3840 BrSerWdm - ok
12:26:48.0310 3840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:26:48.0310 3840 BrUsbMdm - ok
12:26:48.0316 3840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:26:48.0317 3840 BrUsbSer - ok
12:26:48.0335 3840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:26:48.0336 3840 BTHMODEM - ok
12:26:48.0365 3840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:26:48.0367 3840 bthserv - ok
12:26:48.0426 3840 [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys
12:26:48.0427 3840 ccSet_N360 - ok
12:26:48.0456 3840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:26:48.0457 3840 cdfs - ok
12:26:48.0490 3840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:26:48.0492 3840 cdrom - ok
12:26:48.0531 3840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:26:48.0532 3840 CertPropSvc - ok
12:26:48.0542 3840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:26:48.0543 3840 circlass - ok
12:26:48.0568 3840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:26:48.0572 3840 CLFS - ok
12:26:48.0596 3840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:48.0598 3840 clr_optimization_v2.0.50727_32 - ok
12:26:48.0643 3840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:26:48.0644 3840 clr_optimization_v2.0.50727_64 - ok
12:26:48.0717 3840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:48.0719 3840 clr_optimization_v4.0.30319_32 - ok
12:26:48.0737 3840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:26:48.0739 3840 clr_optimization_v4.0.30319_64 - ok
12:26:48.0756 3840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:26:48.0758 3840 CmBatt - ok
12:26:48.0786 3840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:26:48.0787 3840 cmdide - ok
12:26:48.0814 3840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:26:48.0819 3840 CNG - ok
12:26:48.0826 3840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:26:48.0827 3840 Compbatt - ok
12:26:48.0852 3840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:26:48.0854 3840 CompositeBus - ok
12:26:48.0867 3840 COMSysApp - ok
12:26:48.0895 3840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:26:48.0896 3840 crcdisk - ok
12:26:48.0934 3840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:26:48.0935 3840 CryptSvc - ok
12:26:48.0973 3840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:26:48.0977 3840 DcomLaunch - ok
12:26:48.0999 3840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:26:49.0002 3840 defragsvc - ok
12:26:49.0041 3840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:26:49.0043 3840 DfsC - ok
12:26:49.0078 3840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:26:49.0082 3840 Dhcp - ok
12:26:49.0109 3840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:26:49.0110 3840 discache - ok
12:26:49.0132 3840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:26:49.0134 3840 Disk - ok
12:26:49.0164 3840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:26:49.0166 3840 Dnscache - ok
12:26:49.0195 3840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:26:49.0200 3840 dot3svc - ok
12:26:49.0229 3840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:26:49.0231 3840 DPS - ok
12:26:49.0265 3840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:26:49.0265 3840 drmkaud - ok
12:26:49.0302 3840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:26:49.0308 3840 DXGKrnl - ok
12:26:49.0325 3840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:26:49.0327 3840 EapHost - ok
12:26:49.0396 3840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:26:49.0476 3840 ebdrv - ok
12:26:49.0537 3840 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:26:49.0542 3840 eeCtrl - ok
12:26:49.0568 3840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:26:49.0570 3840 EFS - ok
12:26:49.0618 3840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:26:49.0628 3840 ehRecvr - ok
12:26:49.0673 3840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:26:49.0676 3840 ehSched - ok
12:26:49.0720 3840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:26:49.0728 3840 elxstor - ok
12:26:49.0765 3840 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:26:49.0766 3840 EraserUtilRebootDrv - ok
12:26:49.0797 3840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:26:49.0798 3840 ErrDev - ok
12:26:49.0844 3840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:26:49.0848 3840 EventSystem - ok
12:26:49.0888 3840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:26:49.0892 3840 exfat - ok
12:26:49.0902 3840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:26:49.0906 3840 fastfat - ok
12:26:49.0946 3840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:26:49.0956 3840 Fax - ok
12:26:49.0985 3840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:26:49.0986 3840 fdc - ok
12:26:49.0999 3840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:26:50.0001 3840 fdPHost - ok
12:26:50.0016 3840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:26:50.0018 3840 FDResPub - ok
12:26:50.0028 3840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:26:50.0029 3840 FileInfo - ok
12:26:50.0038 3840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:26:50.0039 3840 Filetrace - ok
12:26:50.0051 3840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:26:50.0052 3840 flpydisk - ok
12:26:50.0095 3840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:26:50.0098 3840 FltMgr - ok
12:26:50.0141 3840 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
12:26:50.0148 3840 FontCache - ok
12:26:50.0228 3840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:26:50.0244 3840 FontCache3.0.0.0 - ok
12:26:50.0253 3840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:26:50.0255 3840 FsDepends - ok
12:26:50.0285 3840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:26:50.0286 3840 Fs_Rec - ok
12:26:50.0324 3840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:26:50.0326 3840 fvevol - ok
12:26:50.0357 3840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:26:50.0377 3840 gagp30kx - ok
12:26:50.0446 3840 [ 81C1EB203DD3F0C111FE2086BADA2D67 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:26:50.0450 3840 GameConsoleService - ok
12:26:50.0485 3840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:26:50.0490 3840 gpsvc - ok
12:26:50.0586 3840 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:50.0587 3840 gupdate - ok
12:26:50.0595 3840 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:50.0597 3840 gupdatem - ok
12:26:50.0649 3840 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:26:50.0653 3840 gusvc - ok
12:26:50.0676 3840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:26:50.0679 3840 hcw85cir - ok
12:26:50.0712 3840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:26:50.0713 3840 HDAudBus - ok
12:26:50.0731 3840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:26:50.0744 3840 HidBatt - ok
12:26:50.0765 3840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:26:50.0767 3840 HidBth - ok
12:26:50.0778 3840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:26:50.0779 3840 HidIr - ok
12:26:50.0802 3840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:26:50.0803 3840 hidserv - ok
12:26:50.0829 3840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:26:50.0830 3840 HidUsb - ok
12:26:50.0861 3840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:26:50.0862 3840 hkmsvc - ok
12:26:50.0897 3840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:26:50.0900 3840 HomeGroupListener - ok
12:26:50.0929 3840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:26:50.0931 3840 HomeGroupProvider - ok
12:26:51.0007 3840 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:26:51.0009 3840 HP Support Assistant Service - ok
12:26:51.0067 3840 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:26:51.0082 3840 hpqwmiex - ok
12:26:51.0106 3840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:26:51.0108 3840 HpSAMD - ok
12:26:51.0156 3840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:26:51.0166 3840 HTTP - ok
12:26:51.0197 3840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:26:51.0197 3840 hwpolicy - ok
12:26:51.0233 3840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:26:51.0235 3840 i8042prt - ok
12:26:51.0270 3840 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:26:51.0276 3840 iaStor - ok
12:26:51.0304 3840 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:26:51.0305 3840 IAStorDataMgrSvc - ok
12:26:51.0326 3840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:26:51.0331 3840 iaStorV - ok
12:26:51.0383 3840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:26:51.0396 3840 idsvc - ok
12:26:51.0495 3840 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys
12:26:51.0500 3840 IDSVia64 - ok
12:26:51.0633 3840 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:26:51.0753 3840 igfx - ok
12:26:51.0787 3840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:26:51.0788 3840 iirsp - ok
12:26:51.0825 3840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:26:51.0830 3840 IKEEXT - ok
12:26:51.0887 3840 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:26:51.0897 3840 IntcAzAudAddService - ok
12:26:51.0916 3840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:26:51.0917 3840 intelide - ok
12:26:51.0951 3840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:26:51.0952 3840 intelppm - ok
12:26:52.0001 3840 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
12:26:52.0002 3840 IntuitUpdateService - ok
12:26:52.0052 3840 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
12:26:52.0053 3840 IntuitUpdateServiceV4 - ok
12:26:52.0073 3840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:26:52.0076 3840 IPBusEnum - ok
12:26:52.0097 3840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
i have to go from bottom up.I cant figure out where the heck i was..
12:27:14.0838 1772 mouhid - ok
12:27:14.0870 1772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:27:14.0871 1772 mountmgr - ok
12:27:14.0910 1772 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:27:14.0911 1772 MozillaMaintenance - ok
12:27:14.0928 1772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:27:14.0929 1772 mpio - ok
12:27:14.0945 1772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:27:14.0945 1772 mpsdrv - ok
12:27:14.0982 1772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:27:14.0987 1772 MpsSvc - ok
12:27:14.0993 1772 mrtRate - ok
12:27:15.0014 1772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:27:15.0015 1772 MRxDAV - ok
12:27:15.0046 1772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:27:15.0047 1772 mrxsmb - ok
12:27:15.0076 1772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:27:15.0078 1772 mrxsmb10 - ok
12:27:15.0085 1772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:27:15.0086 1772 mrxsmb20 - ok
12:27:15.0097 1772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:27:15.0098 1772 msahci - ok
12:27:15.0116 1772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:27:15.0117 1772 msdsm - ok
12:27:15.0133 1772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:27:15.0135 1772 MSDTC - ok
12:27:15.0147 1772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:27:15.0148 1772 Msfs - ok
12:27:15.0160 1772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:27:15.0160 1772 mshidkmdf - ok
12:27:15.0191 1772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:27:15.0191 1772 msisadrv - ok
12:27:15.0215 1772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:27:15.0217 1772 MSiSCSI - ok
12:27:15.0224 1772 msiserver - ok
12:27:15.0240 1772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:27:15.0240 1772 MSKSSRV - ok
12:27:15.0248 1772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:27:15.0249 1772 MSPCLOCK - ok
12:27:15.0265 1772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:27:15.0265 1772 MSPQM - ok
12:27:15.0296 1772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:27:15.0298 1772 MsRPC - ok
12:27:15.0315 1772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:27:15.0316 1772 mssmbios - ok
12:27:15.0332 1772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:27:15.0332 1772 MSTEE - ok
12:27:15.0346 1772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:27:15.0346 1772 MTConfig - ok
12:27:15.0357 1772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:27:15.0358 1772 Mup - ok
12:27:15.0414 1772 [ DFD8873E4DC08E621A8366C6CD98AB28 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe
12:27:15.0415 1772 N360 - ok
12:27:15.0433 1772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:27:15.0437 1772 napagent - ok
12:27:15.0460 1772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:27:15.0462 1772 NativeWifiP - ok
12:27:15.0527 1772 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\ENG64.SYS
12:27:15.0530 1772 NAVENG - ok
12:27:15.0576 1772 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130301.025\EX64.SYS
12:27:15.0589 1772 NAVEX15 - ok
12:27:15.0642 1772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:27:15.0648 1772 NDIS - ok
12:27:15.0662 1772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:27:15.0663 1772 NdisCap - ok
12:27:15.0677 1772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:27:15.0677 1772 NdisTapi - ok
12:27:15.0697 1772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:27:15.0698 1772 Ndisuio - ok
12:27:15.0722 1772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:27:15.0723 1772 NdisWan - ok
12:27:15.0748 1772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:27:15.0749 1772 NDProxy - ok
12:27:15.0761 1772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:27:15.0762 1772 NetBIOS - ok
12:27:15.0793 1772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:27:15.0795 1772 NetBT - ok
12:27:15.0808 1772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:27:15.0809 1772 Netlogon - ok
12:27:15.0830 1772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:27:15.0833 1772 Netman - ok
12:27:15.0854 1772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:27:15.0858 1772 netprofm - ok
12:27:15.0889 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:27:15.0890 1772 NetTcpPortSharing - ok
12:27:15.0912 1772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:27:15.0913 1772 nfrd960 - ok
12:27:15.0934 1772 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:27:15.0936 1772 NlaSvc - ok
12:27:15.0948 1772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:27:15.0949 1772 Npfs - ok
12:27:15.0973 1772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:27:15.0975 1772 nsi - ok
12:27:15.0980 1772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:27:15.0980 1772 nsiproxy - ok
12:27:16.0037 1772 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:27:16.0046 1772 Ntfs - ok
12:27:16.0060 1772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:27:16.0060 1772 Null - ok
12:27:16.0088 1772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:27:16.0089 1772 nvraid - ok
12:27:16.0105 1772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:27:16.0107 1772 nvstor - ok
12:27:16.0123 1772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:27:16.0124 1772 nv_agp - ok
12:27:16.0152 1772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:27:16.0153 1772 ohci1394 - ok
12:27:16.0183 1772 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:27:16.0184 1772 ose - ok
12:27:16.0204 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:27:16.0207 1772 p2pimsvc - ok
12:27:16.0227 1772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:27:16.0231 1772 p2psvc - ok
12:27:16.0250 1772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:27:16.0251 1772 Parport - ok
12:27:16.0278 1772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:27:16.0279 1772 partmgr - ok
12:27:16.0296 1772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:27:16.0297 1772 PcaSvc - ok
12:27:16.0365 1772 PcdrNdisuio - ok
12:27:16.0384 1772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:27:16.0386 1772 pci - ok
12:27:16.0407 1772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:27:16.0408 1772 pciide - ok
12:27:16.0429 1772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:27:16.0431 1772 pcmcia - ok
12:27:16.0455 1772 [ EA762CEA5B7012381EF75F4A55C7BB62 ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
12:27:16.0456 1772 PCPitstop Scheduling - ok
12:27:16.0491 1772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:27:16.0491 1772 pcw - ok
12:27:16.0511 1772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:27:16.0515 1772 PEAUTH - ok
12:27:16.0538 1772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:27:16.0540 1772 PerfHost - ok
12:27:16.0595 1772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:27:16.0603 1772 pla - ok
12:27:16.0631 1772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:27:16.0635 1772 PlugPlay - ok
12:27:16.0648 1772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:27:16.0649 1772 PNRPAutoReg - ok
12:27:16.0671 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:27:16.0674 1772 PNRPsvc - ok
12:27:16.0691 1772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:27:16.0694 1772 PolicyAgent - ok
12:27:16.0714 1772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:27:16.0716 1772 Power - ok
12:27:16.0741 1772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:27:16.0742 1772 PptpMiniport - ok
12:27:16.0748 1772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:27:16.0749 1772 Processor - ok
12:27:16.0777 1772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:27:16.0779 1772 ProfSvc - ok
12:27:16.0791 1772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:27:16.0792 1772 ProtectedStorage - ok
12:27:16.0821 1772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:27:16.0822 1772 Psched - ok
12:27:16.0863 1772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:27:16.0871 1772 ql2300 - ok
12:27:16.0878 1772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:27:16.0879 1772 ql40xx - ok
12:27:16.0910 1772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:27:16.0912 1772 QWAVE - ok
12:27:16.0937 1772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:27:16.0938 1772 QWAVEdrv - ok
12:27:16.0949 1772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:27:16.0949 1772 RasAcd - ok
12:27:16.0961 1772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:27:16.0962 1772 RasAgileVpn - ok
12:27:16.0971 1772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:27:16.0973 1772 RasAuto - ok
12:27:17.0001 1772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:27:17.0002 1772 Rasl2tp - ok
12:27:17.0035 1772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:27:17.0038 1772 RasMan - ok
12:27:17.0052 1772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:27:17.0052 1772 RasPppoe - ok
12:27:17.0061 1772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:27:17.0062 1772 RasSstp - ok
12:27:17.0094 1772 [ 96597C96D5ACF4A3EF0B24D396853879 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys
12:27:17.0094 1772 rcmirror - ok
12:27:17.0124 1772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:27:17.0125 1772 rdbss - ok
12:27:17.0136 1772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:27:17.0137 1772 rdpbus - ok
12:27:17.0152 1772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:27:17.0153 1772 RDPCDD - ok
12:27:17.0162 1772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:27:17.0163 1772 RDPENCDD - ok
12:27:17.0178 1772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:27:17.0178 1772 RDPREFMP - ok
12:27:17.0210 1772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:27:17.0212 1772 RDPWD - ok
12:27:17.0238 1772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:27:17.0239 1772 rdyboost - ok
12:27:17.0264 1772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:27:17.0266 1772 RemoteAccess - ok
12:27:17.0283 1772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:27:17.0285 1772 RemoteRegistry - ok
12:27:17.0300 1772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:27:17.0301 1772 RpcEptMapper - ok
12:27:17.0330 1772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:27:17.0331 1772 RpcLocator - ok
12:27:17.0362 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:27:17.0366 1772 RpcSs - ok
12:27:17.0377 1772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:27:17.0378 1772 rspndr - ok
12:27:17.0409 1772 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:27:17.0410 1772 RTL8167 - ok
12:27:17.0445 1772 [ 4A06585C8673F4458E9FBBC9DDDB4D28 ] RTL8187B C:\Windows\system32\DRIVERS\wg111v3.sys
12:27:17.0447 1772 RTL8187B - ok
12:27:17.0466 1772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:27:17.0467 1772 SamSs - ok
12:27:17.0498 1772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:27:17.0499 1772 sbp2port - ok
12:27:17.0515 1772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:27:17.0517 1772 SCardSvr - ok
12:27:17.0544 1772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:27:17.0544 1772 scfilter - ok
12:27:17.0575 1772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:27:17.0582 1772 Schedule - ok
12:27:17.0604 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:27:17.0604 1772 SCPolicySvc - ok
12:27:17.0637 1772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:27:17.0639 1772 SDRSVC - ok
12:27:17.0748 1772 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:27:17.0759 1772 SDScannerService - ok
12:27:17.0804 1772 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:27:17.0812 1772 SDUpdateService - ok
12:27:17.0837 1772 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:27:17.0839 1772 SDWSCService - ok
12:27:17.0864 1772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:27:17.0865 1772 secdrv - ok
12:27:17.0890 1772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:27:17.0892 1772 seclogon - ok
12:27:17.0905 1772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:27:17.0907 1772 SENS - ok
12:27:17.0919 1772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:27:17.0920 1772 SensrSvc - ok
12:27:17.0934 1772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:27:17.0934 1772 Serenum - ok
12:27:17.0940 1772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:27:17.0941 1772 Serial - ok
12:27:17.0969 1772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:27:17.0970 1772 sermouse - ok
12:27:18.0006 1772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:27:18.0007 1772 SessionEnv - ok
12:27:18.0038 1772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:27:18.0039 1772 sffdisk - ok
12:27:18.0046 1772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:27:18.0047 1772 sffp_mmc - ok
12:27:18.0052 1772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:27:18.0053 1772 sffp_sd - ok
12:27:18.0066 1772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:27:18.0066 1772 sfloppy - ok
12:27:18.0100 1772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:27:18.0102 1772 SharedAccess - ok
12:27:18.0133 1772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:27:18.0136 1772 ShellHWDetection - ok
12:27:18.0153 1772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:27:18.0153 1772 SiSRaid2 - ok
12:27:18.0168 1772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:27:18.0169 1772 SiSRaid4 - ok
12:27:18.0283 1772 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:27:18.0302 1772 Skype C2C Service - ok
12:27:18.0346 1772 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:27:18.0348 1772 SkypeUpdate - ok
12:27:18.0368 1772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:27:18.0369 1772 Smb - ok
12:27:18.0394 1772 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
12:27:18.0395 1772 SMR311 - ok
12:27:18.0424 1772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:27:18.0426 1772 SNMPTRAP - ok
12:27:18.0435 1772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:27:18.0436 1772 spldr - ok
12:27:18.0471 1772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:27:18.0476 1772 Spooler - ok
12:27:18.0561 1772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:27:18.0580 1772 sppsvc - ok
12:27:18.0595 1772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:27:18.0597 1772 sppuinotify - ok
12:27:18.0688 1772 [ B2FE88C5E621C8345CC9BAC5CFD366B0 ] SRTSP C:\Windows\system32\drivers\N360x64\1401010.002\SRTSP64.SYS
12:27:18.0696 1772 SRTSP - ok
12:27:18.0711 1772 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1401010.002\SRTSPX64.SYS
12:27:18.0711 1772 SRTSPX - ok
12:27:18.0742 1772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:27:18.0744 1772 srv - ok
12:27:18.0771 1772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:27:18.0773 1772 srv2 - ok
12:27:18.0790 1772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:27:18.0791 1772 srvnet - ok
12:27:18.0813 1772 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
12:27:18.0814 1772 sscdbus - ok
12:27:18.0835 1772 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
12:27:18.0835 1772 sscdmdfl - ok
12:27:18.0855 1772 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
12:27:18.0856 1772 sscdmdm - ok
12:27:18.0883 1772 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
12:27:18.0884 1772 sscdserd - ok
12:27:18.0899 1772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:27:18.0901 1772 SSDPSRV - ok
12:27:18.0912 1772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:27:18.0914 1772 SstpSvc - ok
12:27:18.0935 1772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:27:18.0936 1772 stexstor - ok
12:27:18.0957 1772 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:27:18.0958 1772 StillCam - ok
12:27:18.0988 1772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:27:18.0992 1772 stisvc - ok
12:27:19.0019 1772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:27:19.0020 1772 swenum - ok
12:27:19.0045 1772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:27:19.0049 1772 swprv - ok
12:27:19.0079 1772 [ 52EB25BD8AB4E331028C48B178441B36 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
12:27:19.0081 1772 sxuptp - ok
12:27:19.0114 1772 [ 688BBE78970E639BC1D66AE733394DCF ] SymDS C:\Windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS
12:27:19.0116 1772 SymDS - ok
12:27:19.0180 1772 [ A17EE0D0D762CC9B56FB9218D7089AFB ] SymEFA C:\Windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS
12:27:19.0191 1772 SymEFA - ok
12:27:19.0222 1772 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:27:19.0223 1772 SymEvent - ok
12:27:19.0258 1772 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS
12:27:19.0259 1772 SymIRON - ok
12:27:19.0289 1772 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS
12:27:19.0292 1772 SymNetS - ok
12:27:19.0339 1772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:27:19.0349 1772 SysMain - ok
12:27:19.0372 1772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:27:19.0374 1772 TabletInputService - ok
12:27:19.0397 1772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:27:19.0400 1772 TapiSrv - ok
12:27:19.0411 1772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:27:19.0412 1772 TBS - ok
12:27:19.0456 1772 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:27:19.0467 1772 Tcpip - ok
12:27:19.0514 1772 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:27:19.0525 1772 TCPIP6 - ok
12:27:19.0553 1772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:27:19.0554 1772 tcpipreg - ok
12:27:19.0576 1772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:27:19.0577 1772 TDPIPE - ok
12:27:19.0597 1772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:27:19.0598 1772 TDTCP - ok
12:27:19.0622 1772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:27:19.0623 1772 tdx - ok
12:27:19.0642 1772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:27:19.0643 1772 TermDD - ok
12:27:19.0684 1772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:27:19.0689 1772 TermService - ok
12:27:19.0699 1772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:27:19.0701 1772 Themes - ok
12:27:19.0731 1772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:27:19.0732 1772 THREADORDER - ok
12:27:19.0738 1772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:27:19.0740 1772 TrkWks - ok
12:27:19.0785 1772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:27:19.0786 1772 TrustedInstaller - ok
12:27:19.0821 1772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:27:19.0822 1772 tssecsrv - ok
12:27:19.0840 1772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:27:19.0842 1772 TsUsbFlt - ok
12:27:19.0863 1772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:27:19.0866 1772 tunnel - ok
12:27:19.0890 1772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:27:19.0891 1772 uagp35 - ok
12:27:19.0926 1772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:27:19.0930 1772 udfs - ok
12:27:19.0958 1772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:27:19.0962 1772 UI0Detect - ok
12:27:19.0977 1772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:27:19.0978 1772 uliagpkx - ok
12:27:20.0005 1772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:27:20.0006 1772 umbus - ok
12:27:20.0028 1772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:27:20.0029 1772 UmPass - ok
12:27:20.0047 1772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:27:20.0050 1772 upnphost - ok
12:27:20.0064 1772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:27:20.0065 1772 usbccgp - ok
12:27:20.0096 1772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:27:20.0097 1772 usbcir - ok
12:27:20.0102 1772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:27:20.0103 1772 usbehci - ok
12:27:20.0123 1772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:27:20.0125 1772 usbhub - ok
12:27:20.0140 1772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:27:20.0141 1772 usbohci - ok
12:27:20.0161 1772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:27:20.0162 1772 usbprint - ok
12:27:20.0183 1772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:27:20.0184 1772 usbscan - ok
12:27:20.0196 1772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:27:20.0197 1772 USBSTOR - ok
12:27:20.0212 1772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:27:20.0213 1772 usbuhci - ok
12:27:20.0229 1772 [ D0FE8CB5F84303E73FF0754437FAD3D1 ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys
12:27:20.0230 1772 USB_RNDIS - ok
12:27:20.0253 1772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:27:20.0254 1772 UxSms - ok
12:27:20.0267 1772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:27:20.0268 1772 VaultSvc - ok
12:27:20.0294 1772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:27:20.0295 1772 vdrvroot - ok
12:27:20.0325 1772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:27:20.0329 1772 vds - ok
12:27:20.0340 1772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:27:20.0341 1772 vga - ok
12:27:20.0346 1772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:27:20.0347 1772 VgaSave - ok
12:27:20.0365 1772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:27:20.0366 1772 vhdmp - ok
12:27:20.0377 1772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:27:20.0377 1772 viaide - ok
12:27:20.0393 1772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:27:20.0393 1772 volmgr - ok
12:27:20.0428 1772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:27:20.0431 1772 volmgrx - ok
12:27:20.0449 1772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:27:20.0451 1772 volsnap - ok
12:27:20.0487 1772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:27:20.0488 1772 vsmraid - ok
12:27:20.0539 1772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:27:20.0549 1772 VSS - ok
12:27:20.0566 1772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:27:20.0567 1772 vwifibus - ok
12:27:20.0572 1772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:27:20.0573 1772 vwififlt - ok
12:27:20.0594 1772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:27:20.0597 1772 W32Time - ok
12:27:20.0628 1772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:27:20.0629 1772 WacomPen - ok
12:27:20.0640 1772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:27:20.0641 1772 WANARP - ok
12:27:20.0645 1772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:27:20.0646 1772 Wanarpv6 - ok
12:27:20.0694 1772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:27:20.0707 1772 WatAdminSvc - ok
12:27:20.0758 1772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:27:20.0775 1772 wbengine - ok
12:27:20.0794 1772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:27:20.0797 1772 WbioSrvc - ok
12:27:20.0832 1772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:27:20.0836 1772 wcncsvc - ok
12:27:20.0850 1772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:27:20.0851 1772 WcsPlugInService - ok
12:27:20.0880 1772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:27:20.0880 1772 Wd - ok
12:27:20.0919 1772 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:27:20.0924 1772 Wdf01000 - ok
12:27:20.0937 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:27:20.0938 1772 WdiServiceHost - ok
12:27:20.0944 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:27:20.0946 1772 WdiSystemHost - ok
12:27:20.0971 1772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:27:20.0973 1772 WebClient - ok
12:27:20.0992 1772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:27:20.0995 1772 Wecsvc - ok
12:27:21.0007 1772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:27:21.0009 1772 wercplsupport - ok
12:27:21.0022 1772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:27:21.0024 1772 WerSvc - ok
12:27:21.0044 1772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:21.0045 1772 WfpLwf - ok
12:27:21.0061 1772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:27:21.0062 1772 WIMMount - ok
12:27:21.0073 1772 WinDefend - ok
12:27:21.0079 1772 WinHttpAutoProxySvc - ok
12:27:21.0120 1772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:27:21.0121 1772 Winmgmt - ok
12:27:21.0183 1772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:27:21.0200 1772 WinRM - ok
12:27:21.0250 1772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:27:21.0256 1772 Wlansvc - ok
12:27:21.0289 1772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:27:21.0290 1772 WmiAcpi - ok
12:27:21.0313 1772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:27:21.0314 1772 wmiApSrv - ok
12:27:21.0330 1772 WMPNetworkSvc - ok
12:27:21.0348 1772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:27:21.0349 1772 WPCSvc - ok
12:27:21.0375 1772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:27:21.0377 1772 WPDBusEnum - ok
12:27:21.0391 1772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:27:21.0392 1772 ws2ifsl - ok
12:27:21.0399 1772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:27:21.0401 1772 wscsvc - ok
12:27:21.0407 1772 WSearch - ok
12:27:21.0465 1772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:27:21.0479 1772 wuauserv - ok
12:27:21.0511 1772 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:27:21.0511 1772 WudfPf - ok
12:27:21.0549 1772 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:27:21.0551 1772 wudfsvc - ok
12:27:21.0564 1772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:27:21.0567 1772 WwanSvc - ok
12:27:21.0579 1772 ================ Scan global ===============================
12:27:21.0602 1772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:21.0636 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:27:21.0646 1772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:27:21.0666 1772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:21.0691 1772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:21.0694 1772 [Global] - ok
12:27:21.0695 1772 ================ Scan MBR ==================================
12:27:21.0703 1772 [ 89750024E83C5387C5B5F649AFB20429 ] \Device\Harddisk0\DR0
12:27:21.0930 1772 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:27:21.0930 1772 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:27:21.0930 1772 ================ Scan VBR ==================================
12:27:21.0936 1772 [ 0CB555645E88FB9D32D324EDD502BEAA ] \Device\Harddisk0\DR0\Partition1
12:27:21.0939 1772 \Device\Harddisk0\DR0\Partition1 - ok
12:27:21.0967 1772 [ C88532FE8C261DC926E34F2EEDC1F880 ] \Device\Harddisk0\DR0\Partition2
12:27:21.0969 1772 \Device\Harddisk0\DR0\Partition2 - ok
12:27:21.0999 1772 [ 3A96162BAA79A5A8E0F50DA9AB06DE36 ] \Device\Harddisk0\DR0\Partition3
12:27:22.0001 1772 \Device\Harddisk0\DR0\Partition3 - ok
12:27:22.0001 1772 ============================================================
12:27:22.0001 1772 Scan finished
12:27:22.0001 1772 ============================================================
12:27:22.0014 3896 Detected object count: 1
12:27:22.0014 3896 Actual detected object count: 1
12:28:15.0584 3896 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:28:15.0642 3896 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:28:15.0716 3896 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:28:15.0725 3896 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:28:15.0728 3896 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:28:15.0731 3896 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:28:15.0735 3896 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:28:15.0737 3896 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:28:15.0740 3896 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:28:15.0741 3896 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:28:15.0743 3896 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:28:15.0745 3896 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:28:15.0745 3896 \Device\Harddisk0\DR0\TDLFS - deleted
12:28:15.0745 3896 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
12:26:59.0532 3840 VgaSave - ok
12:26:59.0548 3840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:26:59.0551 3840 vhdmp - ok
12:26:59.0568 3840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:26:59.0570 3840 viaide - ok
12:26:59.0584 3840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:26:59.0586 3840 volmgr - ok
12:26:59.0620 3840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:26:59.0624 3840 volmgrx - ok
12:26:59.0641 3840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:26:59.0644 3840 volsnap - ok
12:26:59.0679 3840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:26:59.0681 3840 vsmraid - ok
12:26:59.0731 3840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:26:59.0761 3840 VSS - ok
12:26:59.0775 3840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:26:59.0776 3840 vwifibus - ok
12:26:59.0791 3840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:26:59.0793 3840 vwififlt - ok
12:26:59.0811 3840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:26:59.0814 3840 W32Time - ok
12:26:59.0837 3840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:26:59.0838 3840 WacomPen - ok
12:26:59.0873 3840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0875 3840 WANARP - ok
12:26:59.0879 3840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0880 3840 Wanarpv6 - ok
12:26:59.0923 3840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:26:59.0936 3840 WatAdminSvc - ok
12:26:59.0978 3840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:26:59.0994 3840 wbengine - ok
12:27:00.0019 3840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:27:00.0023 3840 WbioSrvc - ok
12:27:00.0058 3840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:27:00.0063 3840 wcncsvc - ok
12:27:00.0091 3840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:27:00.0093 3840 WcsPlugInService - ok
12:27:00.0113 3840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:27:00.0114 3840 Wd - ok
12:27:00.0153 3840 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:27:00.0160 3840 Wdf01000 - ok
12:27:00.0178 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:27:00.0180 3840 WdiServiceHost - ok
12:27:00.0186 3840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:27:00.0188 3840 WdiSystemHost - ok
12:27:00.0213 3840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:27:00.0217 3840 WebClient - ok
12:27:00.0234 3840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:27:00.0238 3840 Wecsvc - ok
12:27:00.0249 3840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:27:00.0251 3840 wercplsupport - ok
12:27:00.0273 3840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:27:00.0274 3840 WerSvc - ok
12:27:00.0294 3840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:00.0295 3840 WfpLwf - ok
12:27:00.0312 3840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:27:00.0313 3840 WIMMount - ok
12:27:00.0323 3840 WinDefend - ok
12:27:00.0329 3840 WinHttpAutoProxySvc - ok
12:27:00.0379 3840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:27:00.0382 3840 Winmgmt - ok
12:27:00.0441 3840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:27:00.0494 3840 WinRM - ok
12:27:00.0551 3840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:27:00.0558 3840 Wlansvc - ok
12:27:00.0589 3840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:27:00.0590 3840 WmiAcpi - ok
12:27:00.0613 3840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:27:00.0616 3840 wmiApSrv - ok
12:27:00.0630 3840 WMPNetworkSvc - ok
12:27:00.0650 3840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:27:00.0653 3840 WPCSvc - ok
12:27:00.0684 3840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:27:00.0686 3840 WPDBusEnum - ok
12:27:00.0708 3840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:27:00.0709 3840 ws2ifsl - ok
12:27:00.0725 3840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:27:00.0727 3840 wscsvc - ok
12:27:00.0732 3840 WSearch - ok
12:27:00.0799 3840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:27:00.0830 3840 wuauserv - ok
12:27:00.0861 3840 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:27:00.0862 3840 WudfPf - ok
12:27:00.0890 3840 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:27:00.0892 3840 wudfsvc - ok
12:27:00.0906 3840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:27:00.0910 3840 WwanSvc - ok
12:27:00.0931 3840 ================ Scan global ===============================
12:27:00.0953 3840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:00.0986 3840 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:27:00.0994 3840 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:27:01.0009 3840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:01.0033 3840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:01.0036 3840 [Global] - ok
12:27:01.0037 3840 ================ Scan MBR ==================================
12:27:01.0046 3840 [ 89750024E83C5387C5B5F649AFB20429 ] \Device\Harddisk0\DR0
12:27:01.0233 3840 \Device\Harddisk0\DR0 - ok
12:27:01.0233 3840 ================ Scan VBR ==================================
12:27:01.0238 3840 [ 0CB555645E88FB9D32D324EDD502BEAA ] \Device\Harddisk0\DR0\Partition1
12:27:01.0240 3840 \Device\Harddisk0\DR0\Partition1 - ok
12:27:01.0251 3840 [ C88532FE8C261DC926E34F2EEDC1F880 ] \Device\Harddisk0\DR0\Partition2
12:27:01.0254 3840 \Device\Harddisk0\DR0\Partition2 - ok
12:27:01.0283 3840 [ 3A96162BAA79A5A8E0F50DA9AB06DE36 ] \Device\Harddisk0\DR0\Partition3
12:27:01.0286 3840 \Device\Harddisk0\DR0\Partition3 - ok
12:27:01.0286 3840 ============================================================
12:27:01.0286 3840 Scan finished
12:27:01.0286 3840 ============================================================
12:27:01.0305 3740 Detected object count: 0
12:27:01.0305 3740 Actual detected object count: 0
12:27:09.0251 1772 ============================================================
12:27:09.0251 1772 Scan started
12:27:09.0251 1772 Mode: Manual; TDLFS;
12:27:09.0251 1772 ============================================================
12:27:09.0387 1772 ================ Scan system memory ========================
12:27:09.0387 1772 System memory - ok
12:27:09.0388 1772 ================ Scan services =============================
12:27:09.0513 1772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:27:09.0516 1772 1394ohci - ok
12:27:09.0533 1772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:27:09.0537 1772 ACPI - ok
12:27:09.0564 1772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:27:09.0565 1772 AcpiPmi - ok
12:27:09.0651 1772 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:27:09.0654 1772 AdobeFlashPlayerUpdateSvc - ok
12:27:09.0682 1772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:27:09.0687 1772 adp94xx - ok
12:27:09.0720 1772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:27:09.0724 1772 adpahci - ok
12:27:09.0735 1772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:27:09.0737 1772 adpu320 - ok
12:27:09.0765 1772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:27:09.0766 1772 AeLookupSvc - ok
12:27:09.0800 1772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:27:09.0805 1772 AFD - ok
12:27:09.0884 1772 [ 23E7CB4641B93CE8591D1057670A4F04 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
12:27:09.0890 1772 AffinegyService - ok
12:27:09.0922 1772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:27:09.0923 1772 agp440 - ok
12:27:09.0939 1772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:27:09.0940 1772 ALG - ok
12:27:09.0957 1772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:27:09.0958 1772 aliide - ok
12:27:09.0971 1772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:27:09.0972 1772 amdide - ok
12:27:09.0988 1772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:27:09.0989 1772 AmdK8 - ok
12:27:09.0997 1772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:27:09.0998 1772 AmdPPM - ok
12:27:10.0028 1772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:27:10.0029 1772 amdsata - ok
12:27:10.0070 1772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:27:10.0072 1772 amdsbs - ok
12:27:10.0093 1772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:27:10.0094 1772 amdxata - ok
12:27:10.0119 1772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:27:10.0121 1772 AppID - ok
12:27:10.0128 1772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:27:10.0129 1772 AppIDSvc - ok
12:27:10.0181 1772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:27:10.0182 1772 Appinfo - ok
12:27:10.0223 1772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:27:10.0224 1772 arc - ok
12:27:10.0230 1772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:27:10.0231 1772 arcsas - ok
12:27:10.0289 1772 aspnet_state - ok
12:27:10.0316 1772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:27:10.0317 1772 AsyncMac - ok
12:27:10.0327 1772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:27:10.0328 1772 atapi - ok
12:27:10.0368 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:27:10.0372 1772 AudioEndpointBuilder - ok
12:27:10.0385 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:27:10.0389 1772 AudioSrv - ok
12:27:10.0420 1772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:27:10.0421 1772 AxInstSV - ok
12:27:10.0445 1772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:27:10.0448 1772 b06bdrv - ok
12:27:10.0461 1772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:27:10.0463 1772 b57nd60a - ok
12:27:10.0481 1772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:27:10.0482 1772 BDESVC - ok
12:27:10.0499 1772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:27:10.0499 1772 Beep - ok
12:27:10.0577 1772 [ 9BB84C554D7429F0A2CDF4EA1836F233 ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
12:27:10.0579 1772 Belkin Local Backup Service - ok
12:27:10.0603 1772 [ E62A04D615A8CAC83601E1F07C010D3C ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
12:27:10.0604 1772 Belkin Network USB Helper - ok
12:27:10.0643 1772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:27:10.0650 1772 BFE - ok
12:27:10.0797 1772 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
12:27:10.0811 1772 BHDrvx64 - ok
12:27:10.0864 1772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:27:10.0874 1772 BITS - ok
12:27:10.0895 1772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:27:10.0896 1772 blbdrive - ok
12:27:10.0922 1772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:27:10.0923 1772 bowser - ok
12:27:10.0944 1772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:27:10.0945 1772 BrFiltLo - ok
12:27:10.0959 1772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:27:10.0960 1772 BrFiltUp - ok
12:27:10.0990 1772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:27:10.0992 1772 Browser - ok
12:27:11.0019 1772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:27:11.0022 1772 Brserid - ok
12:27:11.0030 1772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:27:11.0031 1772 BrSerWdm - ok
12:27:11.0050 1772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:27:11.0051 1772 BrUsbMdm - ok
12:27:11.0058 1772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:27:11.0059 1772 BrUsbSer - ok
12:27:11.0075 1772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:27:11.0076 1772 BTHMODEM - ok
12:27:11.0105 1772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:27:11.0106 1772 bthserv - ok
12:27:11.0158 1772 [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys
12:27:11.0160 1772 ccSet_N360 - ok
12:27:11.0188 1772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:27:11.0189 1772 cdfs - ok
12:27:11.0223 1772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:27:11.0224 1772 cdrom - ok
12:27:11.0255 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:27:11.0256 1772 CertPropSvc - ok
12:27:11.0266 1772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:27:11.0267 1772 circlass - ok
12:27:11.0284 1772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:27:11.0288 1772 CLFS - ok
12:27:11.0312 1772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:27:11.0313 1772 clr_optimization_v2.0.50727_32 - ok
12:27:11.0358 1772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:27:11.0360 1772 clr_optimization_v2.0.50727_64 - ok
12:27:11.0399 1772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:27:11.0401 1772 clr_optimization_v4.0.30319_32 - ok
12:27:11.0419 1772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:27:11.0421 1772 clr_optimization_v4.0.30319_64 - ok
12:27:11.0447 1772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:27:11.0447 1772 CmBatt - ok
12:27:11.0468 1772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:27:11.0469 1772 cmdide - ok
12:27:11.0497 1772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:27:11.0502 1772 CNG - ok
12:27:11.0521 1772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:27:11.0522 1772 Compbatt - ok
12:27:11.0543 1772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:27:11.0544 1772 CompositeBus - ok
12:27:11.0551 1772 COMSysApp - ok
12:27:11.0585 1772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:27:11.0586 1772 crcdisk - ok
12:27:11.0624 1772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:27:11.0626 1772 CryptSvc - ok
12:27:11.0664 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:27:11.0671 1772 DcomLaunch - ok
12:27:11.0697 1772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:27:11.0699 1772 defragsvc - ok
12:27:11.0723 1772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:27:11.0723 1772 DfsC - ok
12:27:11.0751 1772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:27:11.0753 1772 Dhcp - ok
12:27:11.0774 1772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:27:11.0774 1772 discache - ok
12:27:11.0789 1772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:27:11.0790 1772 Disk - ok
12:27:11.0812 1772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:27:11.0813 1772 Dnscache - ok
12:27:11.0843 1772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:27:11.0844 1772 dot3svc - ok
12:27:11.0870 1772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:27:11.0871 1772 DPS - ok
12:27:11.0897 1772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:27:11.0897 1772 drmkaud - ok
12:27:11.0933 1772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:27:11.0938 1772 DXGKrnl - ok
12:27:11.0949 1772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:27:11.0950 1772 EapHost - ok
12:27:12.0008 1772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:27:12.0026 1772 ebdrv - ok
12:27:12.0076 1772 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:27:12.0081 1772 eeCtrl - ok
12:27:12.0108 1772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:27:12.0110 1772 EFS - ok
12:27:12.0158 1772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:27:12.0165 1772 ehRecvr - ok
12:27:12.0189 1772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:27:12.0190 1772 ehSched - ok
12:27:12.0219 1772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:27:12.0224 1772 elxstor - ok
12:27:12.0255 1772 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:27:12.0257 1772 EraserUtilRebootDrv - ok
12:27:12.0287 1772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:27:12.0288 1772 ErrDev - ok
12:27:12.0310 1772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:27:12.0315 1772 EventSystem - ok
12:27:12.0345 1772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:27:12.0346 1772 exfat - ok
12:27:12.0353 1772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:27:12.0355 1772 fastfat - ok
12:27:12.0383 1772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:27:12.0388 1772 Fax - ok
12:27:12.0400 1772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:27:12.0401 1772 fdc - ok
12:27:12.0415 1772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:27:12.0416 1772 fdPHost - ok
12:27:12.0431 1772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:27:12.0432 1772 FDResPub - ok
12:27:12.0443 1772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:27:12.0444 1772 FileInfo - ok
12:27:12.0454 1772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:27:12.0454 1772 Filetrace - ok
12:27:12.0467 1772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:27:12.0467 1772 flpydisk - ok
12:27:12.0497 1772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:27:12.0499 1772 FltMgr - ok
12:27:12.0540 1772 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
12:27:12.0546 1772 FontCache - ok
12:27:12.0594 1772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:27:12.0595 1772 FontCache3.0.0.0 - ok
12:27:12.0603 1772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:27:12.0604 1772 FsDepends - ok
12:27:12.0634 1772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:27:12.0635 1772 Fs_Rec - ok
12:27:12.0673 1772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:27:12.0676 1772 fvevol - ok
12:27:12.0697 1772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:27:12.0699 1772 gagp30kx - ok
12:27:12.0737 1772 [ 81C1EB203DD3F0C111FE2086BADA2D67 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:27:12.0740 1772 GameConsoleService - ok
12:27:12.0787 1772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:27:12.0795 1772 gpsvc - ok
12:27:12.0859 1772 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:12.0861 1772 gupdate - ok
12:27:12.0868 1772 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:12.0871 1772 gupdatem - ok
12:27:12.0914 1772 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:27:12.0916 1772 gusvc - ok
12:27:12.0936 1772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:27:12.0937 1772 hcw85cir - ok
12:27:12.0961 1772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:27:12.0962 1772 HDAudBus - ok
12:27:12.0970 1772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:27:12.0971 1772 HidBatt - ok
12:27:12.0989 1772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:27:12.0990 1772 HidBth - ok
12:27:12.0999 1772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:27:13.0000 1772 HidIr - ok
12:27:13.0026 1772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:27:13.0027 1772 hidserv - ok
12:27:13.0036 1772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:27:13.0037 1772 HidUsb - ok
12:27:13.0068 1772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:27:13.0069 1772 hkmsvc - ok
12:27:13.0104 1772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:27:13.0107 1772 HomeGroupListener - ok
12:27:13.0136 1772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:27:13.0139 1772 HomeGroupProvider - ok
12:27:13.0197 1772 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:27:13.0199 1772 HP Support Assistant Service - ok
12:27:13.0249 1772 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:27:13.0259 1772 hpqwmiex - ok
12:27:13.0287 1772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:27:13.0288 1772 HpSAMD - ok
12:27:13.0327 1772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:27:13.0331 1772 HTTP - ok
12:27:13.0362 1772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:27:13.0362 1772 hwpolicy - ok
12:27:13.0390 1772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:27:13.0391 1772 i8042prt - ok
12:27:13.0425 1772 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:27:13.0428 1772 iaStor - ok
12:27:13.0461 1772 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:27:13.0461 1772 IAStorDataMgrSvc - ok
12:27:13.0483 1772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:27:13.0485 1772 iaStorV - ok
12:27:13.0521 1772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:27:13.0526 1772 idsvc - ok
12:27:13.0602 1772 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys
12:27:13.0607 1772 IDSVia64 - ok
12:27:13.0737 1772 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:27:13.0769 1772 igfx - ok
12:27:13.0810 1772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:27:13.0811 1772 iirsp - ok
12:27:13.0835 1772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:27:13.0844 1772 IKEEXT - ok
12:27:13.0903 1772 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:27:13.0913 1772 IntcAzAudAddService - ok
12:27:13.0932 1772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:27:13.0932 1772 intelide - ok
12:27:13.0958 1772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:27:13.0959 1772 intelppm - ok
12:27:14.0008 1772 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
12:27:14.0009 1772 IntuitUpdateService - ok
12:27:14.0051 1772 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
12:27:14.0052 1772 IntuitUpdateServiceV4 - ok
12:27:14.0072 1772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:27:14.0074 1772 IPBusEnum - ok
12:27:14.0104 1772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:27:14.0105 1772 IpFilterDriver - ok
12:27:14.0137 1772 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:27:14.0140 1772 iphlpsvc - ok
12:27:14.0173 1772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:27:14.0174 1772 IPMIDRV - ok
12:27:14.0198 1772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:27:14.0199 1772 IPNAT - ok
12:27:14.0217 1772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:27:14.0218 1772 IRENUM - ok
12:27:14.0236 1772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:27:14.0237 1772 isapnp - ok
12:27:14.0268 1772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:27:14.0271 1772 iScsiPrt - ok
12:27:14.0290 1772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:27:14.0291 1772 kbdclass - ok
12:27:14.0322 1772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:27:14.0323 1772 kbdhid - ok
12:27:14.0333 1772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:27:14.0334 1772 KeyIso - ok
12:27:14.0359 1772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:27:14.0360 1772 KSecDD - ok
12:27:14.0388 1772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:27:14.0389 1772 KSecPkg - ok
12:27:14.0396 1772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:27:14.0396 1772 ksthunk - ok
12:27:14.0435 1772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:27:14.0438 1772 KtmRm - ok
12:27:14.0460 1772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:27:14.0463 1772 LanmanServer - ok
12:27:14.0492 1772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:27:14.0494 1772 LanmanWorkstation - ok
12:27:14.0534 1772 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:27:14.0535 1772 LightScribeService - ok
12:27:14.0546 1772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:27:14.0547 1772 lltdio - ok
12:27:14.0569 1772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:27:14.0572 1772 lltdsvc - ok
12:27:14.0586 1772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:27:14.0587 1772 lmhosts - ok
12:27:14.0613 1772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:27:14.0614 1772 LSI_FC - ok
12:27:14.0628 1772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:27:14.0629 1772 LSI_SAS - ok
12:27:14.0638 1772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:27:14.0639 1772 LSI_SAS2 - ok
12:27:14.0650 1772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:27:14.0651 1772 LSI_SCSI - ok
12:27:14.0671 1772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:27:14.0672 1772 luafv - ok
12:27:14.0701 1772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:27:14.0702 1772 Mcx2Svc - ok
12:27:14.0726 1772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:27:14.0727 1772 megasas - ok
12:27:14.0748 1772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:27:14.0750 1772 MegaSR - ok
12:27:14.0757 1772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:27:14.0758 1772 MMCSS - ok
12:27:14.0773 1772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:27:14.0774 1772 Modem - ok
12:27:14.0796 1772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:27:14.0797 1772 monitor - ok
12:27:14.0807 1772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:27:14.0808 1772 mouclass - ok
12:27:14.0838 1772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
ComboFix 13-03-02.01 - member 03/02/2013 12:36:14.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.3209 [GMT -8:00]
Running from: c:\users\member\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcadeWeb\arCAdeweb32.dll
c:\program files (x86)\CouponAlert_2pEI
c:\programdata\Microsoft\Windows\DRM\2E17.tmp
c:\programdata\Microsoft\Windows\DRM\2E27.tmp
c:\users\member\AppData\Local\Temp\AFF1.tmp\F_IN_BOX.dll
c:\users\member\AppData\Roaming\.#
c:\windows\svchost.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-02 to 2013-03-02 )))))))))))))))))))))))))))))))
.
.
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\your goddamn jokes\AppData\Local\temp
2013-03-02 20:43 . 2013-03-02 20:43 -------- d-----w- c:\users\my account\AppData\Local\temp
2013-03-01 07:25 . 2009-01-25 20:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-03-01 07:25 . 2013-03-01 07:25 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-03-01 07:23 . 2013-03-01 07:23 -------- d-----w- c:\users\member\AppData\Local\Programs
2013-02-28 03:57 . 2013-03-02 20:28 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-27 03:12 . 2013-02-27 03:12 -------- d-----w- c:\program files (x86)\ERUNT
2013-02-23 22:19 . 2013-02-23 22:20 -------- d-----w- c:\users\my account\AppData\Local\Adobe
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Local\IsolatedStorage
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Roaming\Intuit
2013-02-23 06:18 . 2013-02-23 06:18 -------- d-----w- c:\windows\Sun
2013-02-23 04:16 . 2013-02-23 04:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-02-23 02:57 . 2013-02-23 02:57 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Symantec
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-02-23 02:56 . 2013-02-23 06:24 -------- d-----w- c:\windows\system32\drivers\N360x64\1401010.002
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\Norton 360
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-02-23 02:19 . 2013-02-23 02:19 -------- d-----w- c:\users\my account\AppData\Local\LogMeIn Rescue Applet
2013-02-23 01:46 . 2013-02-23 01:46 95392 ----a-w- c:\windows\system32\drivers\SMR311.SYS
2013-02-23 01:46 . 2013-02-23 02:28 -------- d-----w- c:\users\my account\AppData\Local\NPE
2013-02-23 01:03 . 2013-02-23 03:18 -------- d-----w- c:\users\my account\AppData\Local\ElevatedDiagnostics
2013-02-14 08:03 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:03 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:54 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:53 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 06:53 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 06:53 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 06:53 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 06:53 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 06:53 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 06:53 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 06:53 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 06:53 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-05 04:24 . 2013-02-05 04:24 -------- d-----w- c:\users\my account\AppData\Local\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 01:55 . 2012-04-05 00:15 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-28 01:55 . 2011-06-26 18:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 08:08 . 2010-01-27 09:20 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-04 04:43 . 2013-02-14 06:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 01:42 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 01:42 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-10 05:53 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-10 05:53 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-10 05:53 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-10 05:53 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-10 05:53 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-10 05:53 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-10 05:53 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-10 05:53 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-10 05:53 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-10 05:53 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-10 05:53 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-10 05:53 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-10 05:53 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-10 05:53 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-10 05:53 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-10 05:53 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-10 05:53 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-10 05:53 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-10 05:53 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-10 05:53 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-10 05:53 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-10 05:53 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-10 05:53 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-10 05:53 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-10 05:53 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-10 05:53 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-02-04 18:18 . 2012-04-17 04:15 689552 ----a-w- c:\program files (x86)\2pUninstall Coupon Alert.dll
2012-02-04 18:18 . 2012-04-17 04:15 161720 ----a-w- c:\program files (x86)\2pres.dll
2011-03-19 22:50 . 2011-04-05 20:45 684032 ----a-w- c:\program files (x86)\Uninstall Coupon Alert.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}]
2009-12-18 18:47 81920 ----a-w- c:\program files (x86)\eGames\egamestoolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"= "c:\program files (x86)\egames\egamestoolbar.dll" [2009-12-18 81920]
"{311B58DC-A4DC-4B04-B1B5-60299AD3D803}"= "c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll" [2012-10-18 2572728]
.
[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]
.
[HKEY_CLASSES_ROOT\clsid\{311b58dc-a4dc-4b04-b1b5-60299ad3d803}]
[HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2011-12-19 2548072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-11-14 1884064]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\member\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\windows\Speech\ERUNTcorrectone\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Remote Solution"=%ProgramFiles(x86)%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SelectRebates"=c:\program files (x86)\SelectRebates\SelectRebates.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ApnUpdater"="C:\Program Files (x86)
"AW TrayIcon"=RunDll32.exe "c:\program files (x86)\ArcadeWeb\arcadeweb32.dll", RunTrayIcon
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ShopAtHomeWatcher"=c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 mrtRate;mrtRate; [x]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-04-06 91304]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 4608]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2009-11-19 446976]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-06 1255736]
S0 SMR311;Symantec SMR Utility Service 3.1.1;c:\windows\System32\drivers\SMR311.SYS [2013-02-23 95392]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS [2012-07-28 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS [2012-08-08 1132192]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-02-08 1388120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys [2012-08-07 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-02-23 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS [2012-07-28 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS [2012-07-23 432800]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-04-19 181760]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe [2012-08-29 143928]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2009-06-22 291352]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 138912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-22 04:16 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 01:55]
.
2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-01 c:\windows\Tasks\HPCeeScheduleFormember.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2012-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-12 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-12 363544]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = www.google.com
mDefault_Search_URL = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=16148
FF - prefs.js: keyword.URL - hxxp://urlseek10.vmn.net/search.php?type=dns&tbn=egames3_1dn&q=
FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-65312228.sys
WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Mahjongg Dimensions Deluxe (tb) - c:\program files (x86)\eGames\Mahjongg Dimensions Deluxe (tb)\Uninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.1.1.2\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@="131473"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2013-03-02 12:51:13 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-02 20:51
.
Pre-Run: 426,064,453,632 bytes free
Post-Run: 425,736,925,184 bytes free
.
- - End Of File - - 9F272AA13A59438FA9FDE750E7951733
hope i did all that right cause im so confused. Most of everything on my parents pc is not clickable. It says illegal operation attempted marked for deletion. Please advice. Thanks!
Hello diane7
hope i did all that right cause im so confusedYou did it right :)
Most of everything on my parents pc is not clickable. It says illegal operation attempted marked for deletion. Please advice.Thats nothing to worry about. Simply reboot the machine a couple of times and that message will go away.
I will get back to you later on today with the next set of instructions :)
Hello diane7
I'm back :)
We need to use Combofix again, but this time we will be running it in a slightly different way.
Please work through the following steps
Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
Copy and Paste the text in the quotebox below into the open Notepad window:
File::
c:\program files (x86)\eGames\egamestoolbar.dll
c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
c:\program files (x86)\SelectRebates\SelectRebates.exe
c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
c:\program files (x86)\ArcadeWeb\arcadeweb32.dll
Folder::
c:\program files (x86)\eGames
c:\users\member\AppData\Roaming\ShopAtHome
c:\program files (x86)\SelectRebates
c:\program files (x86)\ArcadeWeb
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E}"=-
"{311B58DC-A4DC-4B04-B1B5-60299AD3D803}"=-
[-HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e}]
[-HKEY_CLASSES_ROOT\clsid\{311b58dc-a4dc-4b04-b1b5-60299ad3d803}]
[-HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome.3]
[-HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[-HKEY_CLASSES_ROOT\ShopAtHome.ShopAtHome]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SelectRebates"=-
"ShopAtHomeWatcher"=-
"AW TrayIcon"=-
Firefox::
FF - ProfilePath - c:\users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - prefs.js: keyword.URL - hxxp://urlseek10.vmn.net/search.php?type=dns&tbn=egames3_1dn&q=
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
Close any open browsers.
Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Refering to the picture below, drag CFScript.txt into ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
Once the log is produced, re-engage your resident anti virus.
Junkware Removal Tool
Please download Junkware Removal Tool by clicking here (http://thisisudax.org/downloads/JRT.exe) and save it to your desktop.
Shutdown your antivirus to avoid any conflicts.
Double click JRT.exe to run the tool.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
Please post the new Combofix log and the Junkware Removal Tool log in your next reply.
I did have that report from after I did all those steps...However I copied it but I couldnt get a browswer to open...everything I clicked was marked for deletion. So knowing what you said last time I restarted the pc and now I can get a browser but I cannot find that log. Please advise!
I will continue on to the next set of instructions. Thanks!
Chrome is telling me that next thing you wanted me to download I believe it had junk it the words is malicious. Please advise. Thanks!
Hello diane7
The Junkware Removal Tool is not malicious. It has been used many times without incident.
As for the Combofix log, let try to find it like this:
Navigate to your C drive and check to see if there is a file there called C:\ComboFix.txt
If it is present open the file and copy/paste the contents into your next reply.
Jon Tom I am out of town and will be back tomorrow night. I will proceed with your instructions at that time. I appreciate your help and guidance more than you know! di
Hello diane7
I am out of town and will be back tomorrow nightNo problem, we will continue when you get back :bigthumb:
Due to inactivity, this topic has been closed.
If you are the topic starter and need this topic reopened, please PM a staff member (include the address of this thread in your request).
Everyone else please start a new topic.
Thread re-opened at Users request.
Thank you for continuing!
Here is the log you requested. I will post the junkware log after this one.
ComboFix 13-03-03.01 - member 03/03/2013 12:20:32.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.3565 [GMT -8:00]
Running from: c:\users\member\Downloads\ComboFix.exe
Command switches used :: c:\users\member\Desktop\CFScript.txt
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\ArcadeWeb\arcadeweb32.dll"
"c:\program files (x86)\eGames\egamestoolbar.dll"
"c:\program files (x86)\SelectRebates\SelectRebates.exe"
"c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe"
"c:\users\member\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcadeWeb
c:\program files (x86)\eGames
c:\program files (x86)\eGames\auxi\config.xml
c:\program files (x86)\eGames\auxi\egamestoolbarAu.dll
c:\program files (x86)\eGames\chrome\content\about.xml
c:\program files (x86)\eGames\chrome\content\egames.js
c:\program files (x86)\eGames\chrome\content\egamesPreferences.xml
c:\program files (x86)\eGames\chrome\content\egamesrsswin.xml
c:\program files (x86)\eGames\chrome\content\featured.xml
c:\program files (x86)\eGames\chrome\content\lib\about.xml
c:\program files (x86)\eGames\chrome\content\lib\antispywarebutton.js
c:\program files (x86)\eGames\chrome\content\lib\blocked.html
c:\program files (x86)\eGames\chrome\content\lib\dtxevents.js
c:\program files (x86)\eGames\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\eGames\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\eGames\chrome\content\lib\dtxwin.xul
c:\program files (x86)\eGames\chrome\content\lib\external.js
c:\program files (x86)\eGames\chrome\content\lib\html.js
c:\program files (x86)\eGames\chrome\content\lib\neterror.xhtml
c:\program files (x86)\eGames\chrome\content\lib\radio.js
c:\program files (x86)\eGames\chrome\content\lib\radiogroup.js
c:\program files (x86)\eGames\chrome\content\lib\rss.js
c:\program files (x86)\eGames\chrome\content\lib\rssbutton.js
c:\program files (x86)\eGames\chrome\content\lib\rsspreview.html
c:\program files (x86)\eGames\chrome\content\lib\rsswin.js
c:\program files (x86)\eGames\chrome\content\lib\rsswin.xml
c:\program files (x86)\eGames\chrome\content\lib\siteinfo.html
c:\program files (x86)\eGames\chrome\content\lib\textbox.js
c:\program files (x86)\eGames\chrome\content\lib\toolbarseparator.js
c:\program files (x86)\eGames\chrome\content\lib\websiteinspector.js
c:\program files (x86)\eGames\chrome\content\lib\websiteinspectorbutton.js
c:\program files (x86)\eGames\chrome\content\lib\websiteinspectorpref.html
c:\program files (x86)\eGames\chrome\content\modules\datastore.jsm
c:\program files (x86)\eGames\chrome\content\neterror.xhtml
c:\program files (x86)\eGames\chrome\content\newtab\images\btn_search.gif
c:\program files (x86)\eGames\chrome\content\newtab\images\bullet.gif
c:\program files (x86)\eGames\chrome\content\newtab\images\field_bg.gif
c:\program files (x86)\eGames\chrome\content\newtab\images\powered_by_yahoo.gif
c:\program files (x86)\eGames\chrome\content\newtab\images\Thumbs.db
c:\program files (x86)\eGames\chrome\content\newtab\newtab.html
c:\program files (x86)\eGames\chrome\content\toolbar.htm
c:\program files (x86)\eGames\chrome\content\toolbar.xul
c:\program files (x86)\eGames\chrome\content\uninstall.exe
c:\program files (x86)\eGames\chrome\data\feeds\dynamicMenu.xsl
c:\program files (x86)\eGames\chrome\data\feeds\dynamicMenu2.xsl
c:\program files (x86)\eGames\chrome\data\feeds\featured.xml
c:\program files (x86)\eGames\chrome\data\feeds\newadditions.xml
c:\program files (x86)\eGames\chrome\data\feeds\onlinegames.xml
c:\program files (x86)\eGames\chrome\data\feeds\specialoffers.xml
c:\program files (x86)\eGames\chrome\data\feeds\top10.xml
c:\program files (x86)\eGames\chrome\data\search\engines.xml
c:\program files (x86)\eGames\chrome\data\search\search.xsl
c:\program files (x86)\eGames\chrome\skin\bg_end.gif
c:\program files (x86)\eGames\chrome\skin\bg_mdl.gif
c:\program files (x86)\eGames\chrome\skin\bg_start.gif
c:\program files (x86)\eGames\chrome\skin\btn_featured.gif
c:\program files (x86)\eGames\chrome\skin\btn_featured_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_freeonline.gif
c:\program files (x86)\eGames\chrome\skin\btn_freeonline_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_newadd.gif
c:\program files (x86)\eGames\chrome\skin\btn_newadd_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_offers.gif
c:\program files (x86)\eGames\chrome\skin\btn_offers_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_search.gif
c:\program files (x86)\eGames\chrome\skin\btn_search_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_search2.gif
c:\program files (x86)\eGames\chrome\skin\btn_search2.png
c:\program files (x86)\eGames\chrome\skin\btn_search2_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_settings.gif
c:\program files (x86)\eGames\chrome\skin\btn_settings_on.gif
c:\program files (x86)\eGames\chrome\skin\btn_top10.gif
c:\program files (x86)\eGames\chrome\skin\btn_top10_on.gif
c:\program files (x86)\eGames\chrome\skin\categories.png
c:\program files (x86)\eGames\chrome\skin\divider.gif
c:\program files (x86)\eGames\chrome\skin\egames.css
c:\program files (x86)\eGames\chrome\skin\egames.png
c:\program files (x86)\eGames\chrome\skin\feature.png
c:\program files (x86)\eGames\chrome\skin\help.gif
c:\program files (x86)\eGames\chrome\skin\lib\add.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\alexabutton.css
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred0.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred0_5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred1.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred1_5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred2.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred2_5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred3.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred3_5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred4.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred4_5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphred5.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\graphredna.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\relatedlinks.png
c:\program files (x86)\eGames\chrome\skin\lib\alexa\siteinfo.png
c:\program files (x86)\eGames\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\eGames\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\eGames\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\eGames\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\eGames\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\eGames\chrome\skin\lib\blank.gif
c:\program files (x86)\eGames\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\checkmark.png
c:\program files (x86)\eGames\chrome\skin\lib\chevron.png
c:\program files (x86)\eGames\chrome\skin\lib\collapse.png
c:\program files (x86)\eGames\chrome\skin\lib\dtx.css
c:\program files (x86)\eGames\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\eGames\chrome\skin\lib\edit-back.png
c:\program files (x86)\eGames\chrome\skin\lib\expand.png
c:\program files (x86)\eGames\chrome\skin\lib\found.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\eGames\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\eGames\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\eGames\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\eGames\chrome\skin\lib\lock.png
c:\program files (x86)\eGames\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\eGames\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\eGames\chrome\skin\lib\minus.gif
c:\program files (x86)\eGames\chrome\skin\lib\modify.png
c:\program files (x86)\eGames\chrome\skin\lib\move.gif
c:\program files (x86)\eGames\chrome\skin\lib\movetarget.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\eGames\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\eGames\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\eGames\chrome\skin\lib\plus.gif
c:\program files (x86)\eGames\chrome\skin\lib\radio.png
c:\program files (x86)\eGames\chrome\skin\lib\reload.png
c:\program files (x86)\eGames\chrome\skin\lib\remove.png
c:\program files (x86)\eGames\chrome\skin\lib\rename.gif
c:\program files (x86)\eGames\chrome\skin\lib\resize-box.gif
c:\program files (x86)\eGames\chrome\skin\lib\rss.png
c:\program files (x86)\eGames\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\eGames\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\eGames\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\eGames\chrome\skin\lib\scroll-left.png
c:\program files (x86)\eGames\chrome\skin\lib\scroll-right.png
c:\program files (x86)\eGames\chrome\skin\lib\search-go.png
c:\program files (x86)\eGames\chrome\skin\lib\search.png
c:\program files (x86)\eGames\chrome\skin\lib\separator.png
c:\program files (x86)\eGames\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\eGames\chrome\skin\lib\toolbarseparator.css
c:\program files (x86)\eGames\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\eGames\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\eGames\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\eGames\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\eGames\chrome\skin\lib\uwa\template.html
c:\program files (x86)\eGames\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\eGames\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\eGames\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-highrisk-user.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-highrisk.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-lowrisk.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-norating.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-verified-user.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-verified.gif
c:\program files (x86)\eGames\chrome\skin\lib\websiteinspector-verifying.gif
c:\program files (x86)\eGames\chrome\skin\logo.gif
c:\program files (x86)\eGames\chrome\skin\logo.png
c:\program files (x86)\eGames\chrome\skin\logo_over.gif
c:\program files (x86)\eGames\chrome\skin\logotype.png
c:\program files (x86)\eGames\chrome\skin\menuback-hot.gif
c:\program files (x86)\eGames\chrome\skin\menuback.gif
c:\program files (x86)\eGames\chrome\skin\modify.png
c:\program files (x86)\eGames\chrome\skin\new.png
c:\program files (x86)\eGames\chrome\skin\news.png
c:\program files (x86)\eGames\chrome\skin\offers.png
c:\program files (x86)\eGames\chrome\skin\options.png
c:\program files (x86)\eGames\chrome\skin\options\options-main.gif
c:\program files (x86)\eGames\chrome\skin\options\options-main.png
c:\program files (x86)\eGames\chrome\skin\options\options-search.png
c:\program files (x86)\eGames\chrome\skin\options\options-widgets.png
c:\program files (x86)\eGames\chrome\skin\rss-delete.png
c:\program files (x86)\eGames\chrome\skin\rss-feed.png
c:\program files (x86)\eGames\chrome\skin\rss-folder-remove.png
c:\program files (x86)\eGames\chrome\skin\rss-folder-rename.png
c:\program files (x86)\eGames\chrome\skin\rss-folder.png
c:\program files (x86)\eGames\chrome\skin\rss-found.png
c:\program files (x86)\eGames\chrome\skin\rss-reload.png
c:\program files (x86)\eGames\chrome\skin\rss-subscribe.png
c:\program files (x86)\eGames\chrome\skin\rss.png
c:\program files (x86)\eGames\chrome\skin\rssback.gif
c:\program files (x86)\eGames\chrome\skin\rsstopback.gif
c:\program files (x86)\eGames\chrome\skin\save.png
c:\program files (x86)\eGames\chrome\skin\search.png
c:\program files (x86)\eGames\chrome\skin\search_web.gif
c:\program files (x86)\eGames\chrome\skin\searchbox.gif
c:\program files (x86)\eGames\chrome\skin\slider.gif
c:\program files (x86)\eGames\chrome\skin\template\01.png
c:\program files (x86)\eGames\chrome\skin\template\010.png
c:\program files (x86)\eGames\chrome\skin\template\02.png
c:\program files (x86)\eGames\chrome\skin\template\03.png
c:\program files (x86)\eGames\chrome\skin\template\04.png
c:\program files (x86)\eGames\chrome\skin\template\05.png
c:\program files (x86)\eGames\chrome\skin\template\06.png
c:\program files (x86)\eGames\chrome\skin\template\07.png
c:\program files (x86)\eGames\chrome\skin\template\08.png
c:\program files (x86)\eGames\chrome\skin\template\09.png
c:\program files (x86)\eGames\chrome\skin\template\477_gsl.gif
c:\program files (x86)\eGames\chrome\skin\template\515_gsl.gif
c:\program files (x86)\eGames\chrome\skin\template\btn_search2.png
c:\program files (x86)\eGames\chrome\skin\template\dynamicMenu.xsl
c:\program files (x86)\eGames\chrome\skin\template\dynamicMenu2.xsl
c:\program files (x86)\eGames\chrome\skin\template\ico_featured.png
c:\program files (x86)\eGames\chrome\skin\template\ico_freeonline.png
c:\program files (x86)\eGames\chrome\skin\template\ico_newadd.png
c:\program files (x86)\eGames\chrome\skin\template\ico_offers.png
c:\program files (x86)\eGames\chrome\skin\template\ico_top10.png
c:\program files (x86)\eGames\chrome\skin\template\next.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_btmcenter.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_btmleft.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_btmright.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_mdlcenter.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_mdlleft.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_mdright.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_mdright2.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_upcenter.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_upleft.png
c:\program files (x86)\eGames\chrome\skin\template\pnl_upright.png
c:\program files (x86)\eGames\chrome\skin\template\popup.html
c:\program files (x86)\eGames\chrome\skin\template\question.png
c:\program files (x86)\eGames\chrome\skin\template\scroll_arrowtop.png
c:\program files (x86)\eGames\chrome\skin\template\scroll_btm.png
c:\program files (x86)\eGames\chrome\skin\template\scroll_mdl.png
c:\program files (x86)\eGames\chrome\skin\template\scroll_toarrowbtm.png
c:\program files (x86)\eGames\chrome\skin\template\scroll_top.png
c:\program files (x86)\eGames\chrome\skin\template\scrollbar_btm.png
c:\program files (x86)\eGames\chrome\skin\template\scrollbar_mdl.png
c:\program files (x86)\eGames\chrome\skin\template\scrollbar_top.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars0.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars0.5.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars1.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars1.5.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars2.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars2.5.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars3.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars3.5.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars4.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars4.5.png
c:\program files (x86)\eGames\chrome\skin\template\stars\stars5.0.png
c:\program files (x86)\eGames\chrome\skin\template\stars_on_search.png
c:\program files (x86)\eGames\chrome\skin\template\table.html
c:\program files (x86)\eGames\chrome\skin\template\table.js
c:\program files (x86)\eGames\chrome\skin\template\table_top.html
c:\program files (x86)\eGames\chrome\skin\template\xp_close_small.gif
c:\program files (x86)\eGames\chrome\skin\throbber.gif
c:\program files (x86)\eGames\chrome\skin\Top.png
c:\program files (x86)\eGames\chrome\skin\web.png
c:\program files (x86)\eGames\chrome\skin\widgets-square-16px.png
c:\program files (x86)\eGames\chrome\skin\yahoosearch.png
c:\program files (x86)\eGames\components\windowmediator.js
c:\program files (x86)\eGames\egames.dll
c:\program files (x86)\eGames\egamestoolbar.dll
c:\program files (x86)\eGames\GameButler\assets\default.css
c:\program files (x86)\eGames\GameButler\assets\directX.htm
c:\program files (x86)\eGames\GameButler\assets\dxabout.htm
c:\program files (x86)\eGames\GameButler\assets\dxinstall.htm
c:\program files (x86)\eGames\GameButler\assets\faq.htm
c:\program files (x86)\eGames\GameButler\assets\help.htm
c:\program files (x86)\eGames\GameButler\assets\home.htm
c:\program files (x86)\eGames\GameButler\assets\images\controlpanel.gif
c:\program files (x86)\eGames\GameButler\assets\images\controlpanelgame.gif
c:\program files (x86)\eGames\GameButler\assets\images\gamecontroller.gif
c:\program files (x86)\eGames\GameButler\assets\images\gamesub.jpg
c:\program files (x86)\eGames\GameButler\assets\images\home.gif
c:\program files (x86)\eGames\GameButler\assets\images\install.gif
c:\program files (x86)\eGames\GameButler\assets\images\install2.gif
c:\program files (x86)\eGames\GameButler\assets\images\menu.jpg
c:\program files (x86)\eGames\GameButler\assets\images\mygames.jpg
c:\program files (x86)\eGames\GameButler\assets\images\startmenu.gif
c:\program files (x86)\eGames\GameButler\assets\images\supportsub.jpg
c:\program files (x86)\eGames\GameButler\assets\images\systemprops.gif
c:\program files (x86)\eGames\GameButler\assets\images\whitelogo.jpg
c:\program files (x86)\eGames\GameButler\assets\offline.htm
c:\program files (x86)\eGames\GameButler\assets\support.htm
c:\program files (x86)\eGames\GameButler\egames.ico
c:\program files (x86)\eGames\GameButler\gbrowser.exe
c:\program files (x86)\eGames\GameButler\gbrowser.ini
c:\program files (x86)\eGames\GameButler\INSTALL.LOG
c:\program files (x86)\eGames\GameButler\splash.dxr
c:\program files (x86)\eGames\GameButler\UNWISE.EXE
c:\program files (x86)\eGames\GameButler\UNWISE.INI
c:\program files (x86)\eGames\install.ico
c:\program files (x86)\eGames\Mahjongg Master 4\Game\mjm4.exe
c:\program files (x86)\eGames\Mahjongg Master 4\Game\mppsdk.dll
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\about.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\beep.wav
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\bhelp.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\buzz.wav
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\click.wav
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\contact.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\default.css
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\default1.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\default2.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\directX.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\directx1.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\dxinstall.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\external.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\faq.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\help.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\about.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\aboutdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\abouton.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\back.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\backdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\backon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\contact.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\contacton.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\controlpanel.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\Copy of game.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\darrow.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\directx.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\directxdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\directxon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\dxabout.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\dxabouton.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\dxinstall.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\dxinstallon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egames.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egames1.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egames2.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egameson.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egameson2.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_01.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_02.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_03-over.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_03.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_04.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\egyptian-mahjongg_05.jpg
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\faq.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\faqon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\freegames.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\freegameson.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\game.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\gamecontroller.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\gameinst.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\gameinston.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\gameon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\gamesdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\bottom.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\left.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\play.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\playon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\right.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\help\top.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\helpdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\helpon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\homepage.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\homepageon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\install.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\instructions.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\instructionson.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\left.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\main.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\menu.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\navmid.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\navtop.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olgames.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olgameson.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olhelp.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olhelpon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olsupport.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\olsupporton.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\options.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\optionson.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\pipe.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\pipe2.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\play.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\playon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\privacy.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\privacyon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\register.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\registerdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\registerol.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\registerolon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\registeron.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\right.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\silkscreen.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\startmenu.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\systemprops.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\top.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\topbar.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\topbar1.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\using.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\usingon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\web.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\webdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\webon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\windowbar.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images\x.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\bottom.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\help.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\playdown.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\playoff.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\playon.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\images2\top.gif
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\instructions.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\local.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\main.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\nav1.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\nav2.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\nav3.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\options.EXE
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\options.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\register.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\register2.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\top.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\web.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\assets\window.htm
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\Game\egames.ico
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\Game\egames.url
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\Game\icon.ico
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\Game\MJMEgypt.exe
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\INSTALL.LOG
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\eGamesRegistration.exe
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\EReg.Bin
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\EReg01.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\EReg3201.dll
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\EREGBG01.bmp
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\eregui.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\ERegUI32.dll
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\ERGBG01L.bmp
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\ERHttp01.dll
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\ERHTTP01.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\ERLocal.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\HTTP01.ini
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegBody.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegBrwsr.html
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegFax.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegMail.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegRcrd.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\register\RegXMit.txt
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\UNWISE.EXE
c:\program files (x86)\eGames\Mahjongg Master Egyptian Edition\UNWISE.INI
c:\program files (x86)\eGames\manifest.xml
c:\program files (x86)\eGames\Solitaire Master 4\assets\about.htm
c:\program files (x86)\eGames\Solitaire Master 4\assets\external.txt
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\about.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\aboutdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\abouton.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\back.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\backdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\backon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\bottom.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\buttonoff.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\buttonon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\contact.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\contacton.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\controlpanel.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\Copy of game.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\darrow.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\directx.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\directxdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\directxon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\dxabout.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\dxabouton.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\dxinstall.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\dxinstallon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\egames.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\egames1.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\egames2.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\egameson.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\egameson2.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\faq.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\faqon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\freegames.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\freegameson.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\game.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\gamecontroller.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\gameinst.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\gameinston.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\gameon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\gamesdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\bottom.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\left.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\play.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\playon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\right.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\help\top.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\helpdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\helpon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\homepage.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\homepageon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\install.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\instructions.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\instructionson.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\left.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\main.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\menu.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\navmid.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\navtop.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olgames.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olgameson.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olhelp.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olhelpon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olsupport.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\olsupporton.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\options.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\optionson.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\pipe.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\pipe2.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\play.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\playon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\privacy.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\privacyon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\register.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\registerdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\registerol.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\registerolon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\registeron.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\right.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\silkscreen.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\startmenu.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\systemprops.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\top.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\topbar.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\topbar1.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\using.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\usingon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\web.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\webdown.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\webon.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\windowbar.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\images\x.gif
c:\program files (x86)\eGames\Solitaire Master 4\assets\instructions.htm
c:\program files (x86)\eGames\Solitaire Master 4\assets\main.htm
c:\program files (x86)\eGames\Solitaire Master 4\Game\Animal Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Antique Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Creature Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Diner Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Dinosaurs Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\egames.ico
c:\program files (x86)\eGames\Solitaire Master 4\Game\egames.url
c:\program files (x86)\eGames\Solitaire Master 4\Game\Faces Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Flag Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\icon.ico
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\blue marble.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\bumpthing9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\Charcoal.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cobblestone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\cyber_swirl9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\dark_swim_tile9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\deep space.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\demin.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwirl9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\distwort9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\face9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\fieldstone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\foliage.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\frostback9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gatorpaper9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_back9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\geiger_warped9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burne6r.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\gieger_burner9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glow_worms9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\glowspinwheel9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\greybrick.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hairthing9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\hatchthing9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\horizontalbrick.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\lightning.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\litepattern9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\marblespeck.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Above Earth 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Above Earth.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Acoustic.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Airplane takeoff.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Alarm Clock.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\American Flag.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Antiques.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Archery.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\art1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\art2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\art3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\art4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\art5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Artichoke.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Artifacts.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Assorted Nuts.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Assorted Pasta.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Astronaut.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Autumn Drive.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Autumn Foliage.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Autumn Leaves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Autumn Trees.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Autumn.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Balloons.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Bananas.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Barn in Flower Field.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Barn.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\baseball.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Basketball.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Beach Front.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Bearded Mask.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Berries.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Black Grapes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Black Rug.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Blocks 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Blocks.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue7.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\blue8.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Boat..JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\boat.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\books.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Bread Basket.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\bricks1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\bricks2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\bricks3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Building a House.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Building on the Horizon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Building.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Bulls Eye.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\burlap1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\burlap2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\burlap3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\burlap4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Butterfly Closeup.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cabin.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cactus 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cactus 3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cactus.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Calculator.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Calm Waters.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Candles.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cappuccino .jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cartoon Trees.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Catepillar.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Celebration 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Celebration.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Cellular.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\checkerboard1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\checkerboard2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Checkered Flag.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Chicken Dinner.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Chocolate Rabbit.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Chocolates.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Church 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Church.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Clay Statues.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\copper.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Fan.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Fencing.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Festive Lamp.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Fighter in the Air.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Fighter Sunset.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Fire Place.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flamingos.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Floating Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flower Bud.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flower Field 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flower Field.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flower.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flowering Cactus.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flowers 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flowers in Bloom.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Flowers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Football.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Forest.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\forest1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\forest2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\forest3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\forest4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Gears 4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Gears 5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Gears.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Gift.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Giraffe.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Globe.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\gold1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\gold2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Golden Gate Bridge.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Graffiti.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Granfather Clock.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Green Grapes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\green6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Guitar Pitch Pipe.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Guitar.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hang Glider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Happy Dog.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Happy Time.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Harp.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hawaiian Design.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Helicopter Sunset.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Helicopter.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Helmet.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\High Tower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hiking Trail.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hockey.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Holiday Ornaments.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Home.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\homework.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Horizon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Horn.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Horses.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hot Air Balloon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Hyacinths.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Iguana.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Inner Tube.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Jet Silhouette.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Leaves in the Sand.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\leaves1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\leaves2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Light House.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Lily Pads.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Lone Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\manholecover.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble10.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble11.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble12.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble13.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble7.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble8.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\marble9.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\mathmatics.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\meadow.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Money.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Mountain Top.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Mountains.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\North America 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\North America.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Numbers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\orange1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\orange2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\orange3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\orange4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Palm Trees.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Paper Clips.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Par for the Course.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Park.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Parquet.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Party Tray.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pattern Mask 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pattern Mask.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\pattern rug.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Patterned Walk.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pen Holder.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pencils.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Piano 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Piano 3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Piano.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Piggy Bank.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pineapple.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Plane Soaring.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Poinsettias.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Poker Chips.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Popcorn.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pot of Gold.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Puddles.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flower 3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flower 4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flower 5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flower 6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flower 7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flowers 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flowers 4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Flowers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Lillies.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Star 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Stars.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Purple Steering.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\purple6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Pyramid Building.com.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rain Drops.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Ray of Sun.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Red & Green Buildings.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Red Fence Pattern.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Red Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Red Onion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\red6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Resting Butterfly.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Ribbon.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Riverbank.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Riverside.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rock Tree.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rocky Sea Side.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rowhomes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rubber Duckie.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Running Horses.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Rusted Chain.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Safari.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sailing.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Salad 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Salad.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sand Toys.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\sand.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\satin.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Saturn 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Saturn.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\School Day Sign.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\silver.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stars6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stone1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stone2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stone3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Strawberry.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\stripes6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sun Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sunset 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sunset on Trees.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Sunset.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Teacher's Pet.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Tee Up.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Tranquility.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Tropical Beauty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Tropical Flowers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Tropical Fruits.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Turtle Rug.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Violin.JPG
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Volleyball.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Water Lily.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water7.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\water8.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Waterfall 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Waterfall 3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Waterfall.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Watermelon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Christmas.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Daisy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Flower 2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Flower 3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Flower Pots.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\White Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Wild Yellow Flower.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood1.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood2.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood3.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood4.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\Wood5.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood6.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\More Backgrounds\wood7.bmp
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\Oak.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\orangepaper.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\parmecium9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\patio_tile.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\pebbles.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\pine.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\puzzle9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\red stone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\redfabric.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ripplechrome9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\roccoco_nautilus9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\scalething9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\snakeskin.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\snow.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\space_mandala9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spaghetti_chrome9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle16.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle17.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle18.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle19.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle20.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle21.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle22.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle23.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle24.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle25.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\speckle9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\spinwheel9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\stone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\stucco.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_taffy9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\super_wave9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\supermoire9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\thing9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\ultra_wave9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\verticalbrick.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl1.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl10.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl11.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl12.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl13.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl14.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl15.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl2.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl3.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl4.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl5.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl6.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl7.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl8.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\vinyl9.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\wallpaper.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\walnut.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\weatheredwood.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\images\woodpanel.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\Kooky Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Kooky2 Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Letter Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\License Plate Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\master.exe
c:\program files (x86)\eGames\Solitaire Master 4\Game\master.hlp
c:\program files (x86)\eGames\Solitaire Master 4\Game\Metal Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Patriotic Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\pgscard.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\pgscard.dll
c:\program files (x86)\eGames\Solitaire Master 4\Game\pgstips.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Red n Black Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Accordian.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Ace_Of_Hearts.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Aces_and_Kings.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Aces_Up.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Acme.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Acquaintance.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Adela.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Agnes_Bernauer.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Agnes_Sorel.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Agnes_Three.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Alaska.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Alexander_the_Great.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Algerian_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Alhambra.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Ali_Baba.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\All_In_A_Row.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Alternation.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Alternations.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Amazons.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\American_Toad.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Anno_Domini.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Antares.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Applegate.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Arabella.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Aracnida.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Archway.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Arizona.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Assembly.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Auld_Lang_Syne.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Aunt_Mary.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Australian_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Backbone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Baker's_Dozen.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Baker's_Game.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bastille_Day.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bastion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Batsford.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bavarian_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Beetle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Beleaguered_Castle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Betsy_Ross.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Big_Bertha.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Big_Forty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Big_Harp.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Big_Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Binary_Star.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bisley.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Black_Hole.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Black_Widow.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Blind_Alleys.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Blind_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Block_Ten.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Blockade.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Blondes_and_Brunettes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Boudoir.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Box_Fan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Box_Kite.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Boxing_the_Compass.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Brazilian_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Breakwater.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bridesmaids.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Brigade.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Brisbane.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Bristol.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\British_Constitution.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\British_Square.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Brown_Recluse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Buffalo_bill.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Busy_Aces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cadran.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Calculation.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Canister.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Capricieuse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Captive_Queens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Carlton.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Carpet.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Carre_Napoleon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Castile.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Castle_Mount.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Castle_of_Indolence.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Castles_End.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Castles_in_Spain.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cat's_Cradle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Challenge_FreeCell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Chameleon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cheops.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Chequers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Chessboard.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cicely.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Circle_Eight.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Circle_Nine.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Citadel.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cleopatra.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Clock.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Clover_Leaf.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Club.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Colorado.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Colours.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Compass.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Congress.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Contradance.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cornelius.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Corners.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Corona.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Courtyard.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Crescent.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Criss_Cross.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cromwell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Cruel.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Curds_and_Whey.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Czarina.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Demon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Demon_Fan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Demons_and_Thieves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Demonthief.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Deuces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Deuces_and_Queens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Dial.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Diavolo.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Dieppe.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Diminishing_Reserves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Diplomat.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Dorothy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Dot.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Easthaven.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Fives.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Fourteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_FreeCell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Klondike.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_or_Quits.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Rail.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Scorpion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_SeaTowers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Double_Yukon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Doublets.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Dover.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Duke.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Dutchess.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eagle_Wing.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\EastHaven.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eclipse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eight_by_Eight.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eight_Off.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eighteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Elevens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Emperor.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Empress_of_Italy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Eternal_Triangle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Exiled_Kings.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Exit.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Falling_Star.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Famous_Fifty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fan_Albert.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fascination.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fifteen.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fifteen_Puzzle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fifteen_Rush.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fifteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Five_and_Diamond.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Five_Piles.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Floradora.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Flower_Garden.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fly.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\ForeCell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fort.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fortress.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fortress_of_Mercy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fortune's_Favor.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forty-Nine.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forty_and_Eight.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forty_Devils.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forty_Thieves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forwards.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Forwards_and_Backwards.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Four_by_Five.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Four_Colours.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Four_Leaf_Clovers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Four_Seasons.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Four_Winds.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fours_Up.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Foursome.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fourteen_Out.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fourteen_Up.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fourteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Fred's_Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Free_Parking.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\FreeCell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Frog.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gaps.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gargantua.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gate.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\General's_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Geoffrey.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\German_Cross.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\German_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Giant.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Giza.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gloucestershire.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gnat.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gold_Rush.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Golf.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Good_Measure.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Gradations.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Grand_Duchess.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Grandfather.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Grandmother's.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Great_Triangle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Great_Wheel.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Grounds_for_Divorce.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Harp.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Heads_and_Tails.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Hidden_Treasures.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\House_in_the_Wood.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\House_on_the_Hill.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Idle_Aces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Imperial_Guards.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Incompatibility.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Indefatigable.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Indian.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Indian_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Inquisitor.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Intelligence.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Interchange.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Interment.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Interregnum.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Josephine.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Junction.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\King's_Way.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\King_Albert.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\King_Tut.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kingdom.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kings.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kings_and_Aces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kings_and_Queens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kingsdown_Eights.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kingsley.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Kleine_Napoleon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Klondike_(Standard_Solitaire).jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Knotty_Nines.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\La_Belle_Lucie.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Ladies'_Battle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lady_Betty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lady_Cadogan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lady_Jane.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lady_of_the_Manor.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lady_Palk.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lafayette.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lanes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Last_Chance.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Letter_H.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Light_and_Shade.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Limited.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Links.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Billie.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Forty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Giant.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Milligan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Napoleon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Picture_Gallery.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Little_Thieves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lucas.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Lucky_Thirteen.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Mamy_Susan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Maria.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Martha.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Matrimony.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Maze.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Memory.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Midnight_Clover.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Midshipman.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Millie.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Milligan_Cell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Milligan_Harp.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Miss_Milligan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Miss_Muffet.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Monaco.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Monte_Carlo.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Morehead.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Mount_Olympus.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Moving_Left.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Mrs_mop.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Munger.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Napoleon's_Square.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Napoleon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Nationale.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Needle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Nestor.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\New_York.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Nines.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Northwest_Territory.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Number_Ten.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Numeration.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Octagon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Octave.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Odd_and_Even.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Old_Carlton.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\One234.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Opus.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Order_Time.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Osmosis.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Osmotic_Cell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Outback.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Parliament.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pas_Seul.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Patience's_Reward.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Patient_Pairs.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Patriarchs.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Peek.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Penelope's_Web.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Penguin.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Penta.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Perpetual_Motion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Perseverance.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pharaohs.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Picture_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pigtail.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Point_Sable.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Precedence.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Preference.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Primose.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Prince_Serg.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Push-Pin.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Puss_in_the_Corner.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Putt_putt.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pyramid.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pyramid_Golf.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Pyramid_Seven.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Q.C..jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Quadrangle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Quadruple_Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Quadruple_Klondike.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Queenie.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Queens_and_Jacks.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Racing_Aces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Raglan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rainbow.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rainbow_Fan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rank_and_File.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Raw_Prawn.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Red_and_Black.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Redheads.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Repair.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Reserved_Pyramid.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Reserves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Right_and_Left.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Ripple_Fan.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rittenhouse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Robert.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Roosevelt.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rouge_et_Noir.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Rows_of_Four.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Royal_Cotillion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Royal_Family.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Royal_Marriage.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Royal_Rendezvous.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Russian_Cell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Russian_Solitaire.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Salic_Law.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\San_Juan_Hill.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Saratoga.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Saxony.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Scorpion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Scorpion_II.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Scorpion_Towers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Scotch_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sea_Towers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Selective_Castle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Senate.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Senior_Wrangler.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Seven_by_Seven.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Seven_Devils.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Seventeens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Shady_Lanes.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Shamrocks.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Shifting.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Siberia.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Simon_Jester.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Simple_Pairs.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Simple_Simon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Simplex.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Simplicity.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Single_Interchange.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Single_Rail.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sir_Tommy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sixes_and_Sevens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sixteen_Puzzle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sixteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sixty_Thieves.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Skippy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Snake.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Solid_Square.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Solstice.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Somerset.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spaces_and_Aces.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spanish_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Speculation.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spider_Web.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spidercells.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spiderette.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spidike.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Spike.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Springfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Squadron.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Square.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\St._Helena.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Stalactites.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Stepping_Stone.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Steps.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Steve.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Stonewall.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Storehouse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Strata.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Strategy.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Strategy_+.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Streets.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Streets_and_Alleys.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Striptease.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Stronghold.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Suit_Yourself.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Sultan_of_Turkey.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Super_Flower_Garden.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Superior_Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Suspenseful.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Swiss_Patience.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Taj_Mahal.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Take_Away.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tam_O'Shanter.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tarantella.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tarantula.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Terrace.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\TetSol.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\The_Plot.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\The_Spark.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\The_Wish.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thieves_of_Egypt.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thirteen_Down.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thirteen_Packs.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thirteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thirty-Nine_Steps.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thirty_Six.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Three's_Company.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Three_Blind_Mice.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Three_Cells.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Three_Shuffles_and_a_Draw.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Thumb_and_Pouch.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Toni.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tournament.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Tower_of_Hanoi.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Towers.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Trapdoor_Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Travellers_Clock.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Trefoil.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Trevi_Garden.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triangle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Trillium.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Easthaven.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Fourteens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_FreeCell.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Interchange.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Klondike.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Line.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Peaks.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Scorpion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Triple_Yukon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Trusty_Twelve.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Twenty.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Twin_Queens.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Twister.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Two_Cells.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Ukrainian_Solitaire.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Unlimited.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Usk.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Variegated_Canfield.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Vertical.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Vineyard.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Waning_Moon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Waterloo.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Wave_Motion.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Waxing_Moon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Westcliff.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Wheatsheaf.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Whitehead.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Whitehorse.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Will_o_the_Wisp.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Windmill.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Wings.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Wood.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Yukon.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Yukon_Puzzle.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Yukon_Spider.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Zerline.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\screenshots\Zodiac.jpg
c:\program files (x86)\eGames\Solitaire Master 4\Game\Scribbly Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Seasons Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\sm4install.txt
c:\program files (x86)\eGames\Solitaire Master 4\Game\Snowflake Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\sounds\open.wav
c:\program files (x86)\eGames\Solitaire Master 4\Game\sounds\shuffle.wav
c:\program files (x86)\eGames\Solitaire Master 4\Game\sounds\win.wav
c:\program files (x86)\eGames\Solitaire Master 4\Game\Space Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Sports Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Stamps Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Star Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Statemaps Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\Game\Text Cards.dat
c:\program files (x86)\eGames\Solitaire Master 4\INSTALL.LOG
c:\program files (x86)\eGames\Solitaire Master 4\register\eGamesRegistration.exe
c:\program files (x86)\eGames\Solitaire Master 4\register\EReg.Bin
c:\program files (x86)\eGames\Solitaire Master 4\register\EReg01.ini
c:\program files (x86)\eGames\Solitaire Master 4\register\EReg3201.dll
c:\program files (x86)\eGames\Solitaire Master 4\register\EREGBG01.bmp
c:\program files (x86)\eGames\Solitaire Master 4\register\eregui.ini
c:\program files (x86)\eGames\Solitaire Master 4\register\ERegUI32.dll
c:\program files (x86)\eGames\Solitaire Master 4\register\ERGBG01L.bmp
c:\program files (x86)\eGames\Solitaire Master 4\register\ERHttp01.dll
c:\program files (x86)\eGames\Solitaire Master 4\register\ERHTTP01.ini
c:\program files (x86)\eGames\Solitaire Master 4\register\ERLocal.ini
c:\program files (x86)\eGames\Solitaire Master 4\register\HTTP01.ini
c:\program files (x86)\eGames\Solitaire Master 4\register\RegBody.txt
c:\program files (x86)\eGames\Solitaire Master 4\register\RegBrwsr.html
c:\program files (x86)\eGames\Solitaire Master 4\register\RegFax.txt
c:\program files (x86)\eGames\Solitaire Master 4\register\RegMail.txt
c:\program files (x86)\eGames\Solitaire Master 4\register\RegRcrd.txt
c:\program files (x86)\eGames\Solitaire Master 4\register\RegXMit.txt
c:\program files (x86)\eGames\Solitaire Master 4\UNWISE.EXE
c:\program files (x86)\eGames\Solitaire Master 4\UNWISE.INI
c:\program files (x86)\eGames\uninstall.exe
c:\users\member\AppData\Local\Temp\AFF1.tmp\F_IN_BOX.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-02-03 to 2013-03-03 )))))))))))))))))))))))))))))))
.
.
2013-03-03 20:31 . 2013-03-03 20:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-03-03 20:31 . 2013-03-03 20:31 -------- d-----w- c:\users\your goddamn jokes\AppData\Local\temp
2013-03-03 20:31 . 2013-03-03 20:31 -------- d-----w- c:\users\my account\AppData\Local\temp
2013-03-03 20:31 . 2013-03-03 20:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-01 07:25 . 2009-01-25 20:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-03-01 07:25 . 2013-03-01 07:25 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-03-01 07:23 . 2013-03-01 07:23 -------- d-----w- c:\users\member\AppData\Local\Programs
2013-02-28 03:57 . 2013-03-02 20:28 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-27 03:12 . 2013-02-27 03:12 -------- d-----w- c:\program files (x86)\ERUNT
2013-02-23 22:19 . 2013-02-23 22:20 -------- d-----w- c:\users\my account\AppData\Local\Adobe
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Local\IsolatedStorage
2013-02-23 22:17 . 2013-02-23 22:17 -------- d-----w- c:\users\my account\AppData\Roaming\Intuit
2013-02-23 06:18 . 2013-02-23 06:18 -------- d-----w- c:\windows\Sun
2013-02-23 04:16 . 2013-02-23 04:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-02-23 02:57 . 2013-02-23 02:57 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Symantec
2013-02-23 02:57 . 2013-02-23 02:57 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-02-23 02:56 . 2013-02-23 06:24 -------- d-----w- c:\windows\system32\drivers\N360x64\1401010.002
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\Norton 360
2013-02-23 02:56 . 2013-02-23 02:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-02-23 02:19 . 2013-02-23 02:19 -------- d-----w- c:\users\my account\AppData\Local\LogMeIn Rescue Applet
2013-02-23 01:46 . 2013-02-23 01:46 95392 ----a-w- c:\windows\system32\drivers\SMR311.SYS
2013-02-23 01:46 . 2013-02-23 02:28 -------- d-----w- c:\users\my account\AppData\Local\NPE
2013-02-23 01:03 . 2013-02-23 03:18 -------- d-----w- c:\users\my account\AppData\Local\ElevatedDiagnostics
2013-02-14 08:03 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:03 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:54 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:53 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 06:53 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 06:53 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 06:53 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 06:53 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 06:53 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 06:53 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 06:53 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 06:53 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 06:53 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-05 04:24 . 2013-02-05 04:24 -------- d-----w- c:\users\my account\AppData\Local\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 01:55 . 2012-04-05 00:15 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-28 01:55 . 2011-06-26 18:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 08:08 . 2010-01-27 09:20 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-04 04:43 . 2013-02-14 06:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 01:42 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 01:42 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-10 05:53 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-10 05:53 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-10 05:53 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-10 05:53 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-10 05:53 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-10 05:53 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-10 05:53 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-10 05:53 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-10 05:53 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-10 05:53 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-10 05:53 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-10 05:53 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-10 05:53 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-10 05:53 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-10 05:53 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-10 05:53 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-10 05:53 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-10 05:53 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-10 05:53 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-10 05:53 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-10 05:53 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-10 05:53 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-10 05:53 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-10 05:53 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-10 05:53 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-10 05:53 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-10 05:53 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-10 05:53 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-02-04 18:18 . 2012-04-17 04:15 689552 ----a-w- c:\program files (x86)\2pUninstall Coupon Alert.dll
2012-02-04 18:18 . 2012-04-17 04:15 161720 ----a-w- c:\program files (x86)\2pres.dll
2011-03-19 22:50 . 2011-04-05 20:45 684032 ----a-w- c:\program files (x86)\Uninstall Coupon Alert.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2011-12-19 2548072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-11-14 1884064]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\member\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\windows\Speech\ERUNTcorrectone\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Remote Solution"=%ProgramFiles(x86)%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ApnUpdater"="C:\Program Files (x86)
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 mrtRate;mrtRate; [x]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-04-06 91304]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 4608]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2009-11-19 446976]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-06 1255736]
S0 SMR311;Symantec SMR Utility Service 3.1.1;c:\windows\System32\drivers\SMR311.SYS [2013-02-23 95392]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1401010.002\SYMDS64.SYS [2012-07-28 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1401010.002\SYMEFA64.SYS [2012-08-08 1132192]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-02-08 1388120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1401010.002\ccSetx64.sys [2012-08-07 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-02-23 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1401010.002\Ironx64.SYS [2012-07-28 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\1401010.002\SYMNETS.SYS [2012-07-23 432800]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-04-19 181760]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2010-02-09 55296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe [2012-08-29 143928]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2009-06-22 291352]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 138912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-03 04:27 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 01:55]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-09 04:04]
.
2013-03-01 c:\windows\Tasks\HPCeeScheduleFormember.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2012-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-12 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-12 363544]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = www.google.com
mDefault_Search_URL = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=16148
FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - c:\program files (x86)\egames\egamestoolbar.dll
Notify-SDWinLogon - SDWinLogon.dll
WebBrowser-{C4D78C72-08DB-4A3F-9175-B265157283F3} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-egames - c:\program files (x86)\egames\uninstall.exe
AddRemove-eGames GameButler - c:\progra~2\eGames\GAMEBU~1\UNWISE.EXE
AddRemove-Mahjongg Dimensions Deluxe (tb) - c:\program files (x86)\eGames\Mahjongg Dimensions Deluxe (tb)\Uninstall.exe
AddRemove-Mahjongg Master Egyptian Edition - c:\progra~2\eGames\MAHJON~1\UNWISE.EXE
AddRemove-Solitaire Master 4 - c:\progra~2\eGames\SOLITA~1\UNWISE.EXE
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.1.1.2\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.1.1.2\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@="131473"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files (x86)\NORTON 360\ENGINE\20.1.1.2\cltLMH.exe
.
**************************************************************************
.
Completion time: 2013-03-03 12:37:40 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-03 20:37
ComboFix2.txt 2013-03-02 20:51
.
Pre-Run: 425,043,021,824 bytes free
Post-Run: 424,710,877,184 bytes free
.
- - End Of File - - CD2F6D8B8C939A28EAF3B04F1C1FC4B3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.1 (03.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by member on Wed 03/13/2013 at 20:25:29.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{d7e97865-918f-41e4-9cd0-25ab1c574ce8}
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\pstext.dll
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{abd3b5e1-b268-407b-a150-2641dab8d898}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{c04b7d22-5aec-4561-8f49-27f6269208f6}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afbcb7e0-f91a-4951-9f31-58fee57a25c4}
~~~ Files
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\Users\Public\Desktop\Play More Great Games!.url"
Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\member\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\member\appdata\locallow\couponalert_2p"
Successfully deleted: [Folder] "C:\Users\member\appdata\locallow\couponalert_2pei"
Successfully deleted: [Folder] "C:\Users\member\appdata\locallow\couponxplorer_5z"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"
~~~ FireFox
Successfully deleted the following from C:\Users\member\AppData\Roaming\mozilla\firefox\profiles\p8ye63aw.default\prefs.js
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("browser.startup.homepage", "hxxp://www.ask.com/?l=dis&o=16148");
Emptied folder: C:\Users\member\AppData\Roaming\mozilla\firefox\profiles\p8ye63aw.default\minidumps [6 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/13/2013 at 20:35:42.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hello diane7
Thank you for the logs.
Lets continue as follows:
Temporary File Cleaner
Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop.
Close any open windows.
Right click the TFC icon and select "Run as Administrator" to run the program.
TFC will close all open programs itself in order to run.
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish.
Once complete it should automatically reboot your machine.
If your machine does not reboot automatically, manually reboot to ensure a complete clean.
Note: After running TFC your machine may take slightly longer to boot the first time. This is normal.
Please perform the following scan:
Please download MalwareBytes AntiMalware by clicking here (http://www.besttechie.net/tools/mbam-setup.exe) and save the file (called mbam-setup.exe) to your desktop.
Right click on the mbam-setup.exe icon and select "Run as Administrator" to install the program.
Follow the prompts during installation and have the Installation Wizzard create a desktop icon.
Once installed, double click on the MalwareBytes AntiMalware icon to launch the program.
Click on the "Update" tab and then on "Check for Updates".
The program will now install the latest Malware definition files.
Once complete, click on the "Scanner" tab, select "Perform Quick Scan"and then click on "Scan".
Once the program has scanned your computer, a log file will be created in Notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
If the scan detects any Malware-related objects, make sure that everything is checked, and click "Remove Selected" <– Very Important.
When disinfection is completed, a log will open in Notepad and you may be prompted to restart your computer.
The log is automatically saved by MBAM and can be viewed by clicking the "Logs" tab.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart your computer, please do so immediately.
Come back here to this thread and Paste the log in your next reply.
Please post the MBAM log and a new set of DDS scan logs in your next reply and let me know how the machine is running now.
Omg! You are brilliant! This pc is running so much better!
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.14.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
member :: MEMBER-PC [administrator]
Protection: Enabled
3/14/2013 3:46:31 PM
mbam-log-2013-03-14 (15-46-31).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 268718
Time elapsed: 3 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCR\CLSID\{78919608-B066-4B5A-B248-38E12A783E05} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
Files Detected: 3
C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\chrome.manifest (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\arcadewebfirefox.dll (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
C:\Users\member\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\arcadewebfirefox2.dll (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
(end)
After I used the tfc I could not get the pc to boot up properly. You mentioned it could be a problem, so the first time I waited 20 minutes, and then did a hard shut down. It did the same thing again and so I did the shut down and put it into safe mode. Seems better now.
Hello diane7
After I used the tfc I could not get the pc to boot up properly.Thats very odd. A slight delay can sometimes happen but 20 minutes is a little long....
Are you able to boot the machine normally now? Is it still taking a long time to boot?
Hello diane7
Thats good :)
Please re-scan your machine with DDS as requested and post the new logs for me to review.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2009 11:32:52 AM
System Uptime: 3/16/2013 3:42:13 PM (0 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | CPU 1 | 2600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 396.428 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 2.165 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Compact Flash
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
Manufacturer: Generic-
Name: G:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MS/MS-Pro
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
Manufacturer: Generic-
Name: I:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SD/MMC
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
Manufacturer: Generic-
Name: F:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
Service: WUDFRd
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SM/xD-Picture
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
Manufacturer: Generic-
Name: H:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP498: 2/23/2013 3:18:11 AM - Scheduled Checkpoint
RP499: 2/26/2013 10:04:12 PM - Windows Update
RP500: 3/2/2013 12:33:17 PM - ComboFix created restore point
RP501: 3/9/2013 7:45:35 PM - Scheduled Checkpoint
RP502: 3/13/2013 3:00:13 AM - Windows Update
RP503: 3/14/2013 12:26:07 AM - Windows Update
.
==== Installed Programs ======================
.
3Dice Casino
Acrobat.com
Activate Norton Online Backup
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.5
Bejeweled 2 Deluxe
Bejeweled 3
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center
Best of Slots II
Big Fish Games: Game Manager
CCleaner
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
eGames GameButler
eGames Toolbar
ERUNT 1.1j
Facebook Video Calling 1.2.0.159
FreeCell Wonderland
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hallmark Card Studio 2
Hardware Diagnostic Tools
Hewlett-Packard ACLM.NET v1.2.1.1
Homepage Protection
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MAINSTREAM KEYBOARD
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP Odometer
HP Officejet 4620 series Basic Device Software
HP Officejet 4620 series Help
HP Officejet 4620 series Product Improvement Study
HP Photo Creations
HP Product Detection
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
I.R.I.S. OCR
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Internet Explorer (Enable DEP)
iSEEK AnswerWorks English Runtime
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 32
LabelPrint
LightScribe System Software
Mahjong Escape (TM) - Ancient Japan
Mahjong Escape: Ancient China 1.0.0.5
Mahjongg Dimensions
Mahjongg Dimensions Deluxe (tb) (remove only)
Mahjongg Master Egyptian Edition
Malwarebytes Anti-Malware version 1.70.0.1100
Masque Slots
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NETGEAR WG111v3 wireless USB 2.0 adapter
Norton 360
Pando Media Booster
PC Matic 1.1.0.36
PictureMover
Playalot Games
Power2Go
PowerDirector
PowerRecover
Quicken 2001 Deluxe
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Sierra Utilities
Skype Click to Call
Skype™ 5.10
Slots from Bally Gaming
SnapShot
Solitaire Master 4
Spybot - Search & Destroy
System Checkup 3.1
System Requirements Lab for Intel
The Weather Channel Desktop 6
TurboTax 2009
TurboTax 2009 wcaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 wcaiper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 wcaiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Video Mover
Web Publishing Wizard
.
==== Event Viewer Messages From Past Week ========
.
3/16/2013 3:42:42 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: This driver has been blocked from loading
3/16/2013 3:42:42 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/14/2013 4:17:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/14/2013 4:15:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/14/2013 4:15:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/14/2013 4:15:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/14/2013 4:15:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/14/2013 4:15:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
3/14/2013 4:13:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
3/14/2013 4:13:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
3/14/2013 4:12:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
3/14/2013 4:12:37 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/14/2013 4:12:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
3/14/2013 4:11:05 PM, Error: Service Control Manager [7034] - The AffinegyService service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 1.6.0_32
Run by member at 15:47:22 on 2013-03-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.3293 [GMT -7:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = www.google.com
mStart Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: eGames Toolbar: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R210JY05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\member\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Windows\Speech\ERUNTcorrectone\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{EA537523-3F90-44BF-960A-440561B31138} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 SMR311;Symantec SMR Utility Service 3.1.1;C:\Windows\System32\drivers\SMR311.SYS [2013-2-22 95392]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys [2013-3-4 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys [2013-3-4 1139800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-5 1388120]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys [2013-3-4 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130313.001\IDSviA64.sys [2013-3-14 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys [2013-3-4 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys [2013-3-4 432800]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-5-6 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-5-6 55296]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-17 13336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-14 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-14 682344]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccsvchst.exe [2013-3-4 144520]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-3-1 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-3-1 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-3-1 168384]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2012-5-6 291352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-23 138912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-14 24176]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-9-9 233472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-4-5 91304]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;C:\Windows\System32\drivers\wg111v3.sys [2010-5-16 446976]
S3 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-6 1255736]
.
=============== Created Last 30 ================
.
2013-03-14 22:44:56 -------- d-----w- C:\Users\member\AppData\Roaming\Malwarebytes
2013-03-14 22:44:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-14 22:44:47 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-14 22:44:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-14 03:25:28 -------- d-----w- C:\Windows\ERUNT
2013-03-14 03:25:05 -------- d-----w- C:\JRT
2013-03-05 00:37:39 796248 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\srtsp64.sys
2013-03-05 00:37:39 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys
2013-03-05 00:37:39 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys
2013-03-05 00:37:39 36952 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\srtspx64.sys
2013-03-05 00:37:39 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1403000.024\symelam.sys
2013-03-05 00:37:39 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys
2013-03-05 00:37:39 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys
2013-03-05 00:37:39 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys
2013-03-05 00:37:24 -------- d-----w- C:\Windows\System32\drivers\N360x64\1403000.024
2013-03-03 20:32:47 -------- d-----w- C:\$RECYCLE.BIN
2013-03-02 20:33:11 98816 ----a-w- C:\Windows\sed.exe
2013-03-02 20:33:11 256000 ----a-w- C:\Windows\PEV.exe
2013-03-02 20:33:11 208896 ----a-w- C:\Windows\MBR.exe
2013-03-01 07:25:04 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-03-01 07:25:00 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-03-01 07:23:53 -------- d-----w- C:\Users\member\AppData\Local\Programs
2013-02-28 03:57:11 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-23 04:16:04 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-02-23 02:57:45 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Symantec
2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2013-02-23 02:56:52 -------- d-----w- C:\Program Files (x86)\Norton 360
2013-02-23 02:56:46 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2013-02-23 01:46:47 95392 ----a-w- C:\Windows\System32\drivers\SMR311.SYS
.
==================== Find3M ====================
.
2013-03-13 07:55:18 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 07:55:18 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-02-04 18:18:40 689552 ----a-w- C:\Program Files (x86)\2pUninstall Coupon Alert.dll
2012-02-04 18:18:40 161720 ----a-w- C:\Program Files (x86)\2pres.dll
2011-03-19 22:50:01 684032 ----a-w- C:\Program Files (x86)\Uninstall Coupon Alert.dll
.
============= FINISH: 15:48:28.34 ===============
Hello diane7
Thank you for the logs.
Lets remove your outdated Java. Once we have taken care of that we will run an online scan to check for anything that may have been missed.
Please un-install your outdated Java
Click on "Start" then on "Control Panel" and then on the "Programs and Features" tab.
Find the "J2SE Runtime Environment 5.0" program, click on it once and then click on the "uninstall" button.
If you are prompted to re-boot your computer to complete the uninstall please do so.
Please run the following scan
Note: You will need to use Internet Explorer for this scan.
Note for Vista/Windows 7 Users: ESET is compatible but Internet Explorer must be run as Administrator. To do this, right-click on your Internet Explorer icon and select "Run as Administrator".
Please disable your real time security programs before performing the scan.
Scan your system with Eset Online Scanner (http://www.eset.com/onlinescan/)
Place a check mark in the box YES, I accept the Terms Of Use.
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps).
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option to "Remove Found Threats" is UN checked.
Push the "Start" button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please post the ESET log in your next reply.
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\2E17.tmp.vir Win64/Olmarik.AR trojan
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\2E27.tmp.vir Win64/Olmarik.AR trojan
C:\TDSSKiller_Quarantine\02.03.2013_12.26.42\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan
C:\TDSSKiller_Quarantine\27.02.2013_19.55.16\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm
Hope I did everything right? Thanks!
Hello diane7
Hope I did everything right?You certainly did :)
All of those detections are for things that have been quarantined by various applications. They cannot harm your machine from their present location.
Having said that, it would be better if they were not present at all, so lets take care of that now:
Please empty your Spybot Recovery Folder
Some of the infections detected by the ESET Online Scan are located in your Spybot Recovery Folder.
To empty this folder, please do the following:
Open Spybot Search & Destroy, click on "Recovery", select "SmitfraudCgeneric.zip", then click on "purge selected items".
Close Spybot.
Please search for and delete the following folder
Right-click your "Start" button and select "Explore".
Navigate to and delete the following folder in bold.
C:\TDSSKiller_Quarantine <== Delete this folder
Once deleted, Empty your Recycle Bin.
Your latest DDS logs appear to be malware free, so providing you are no longer having any problems we can remove our tools in the steps below:
Please Uninstall Combofix
Hold down the Windows key (has the Windows symbol on it) and press the "R" key.
A Run box will open.
Type combofix /uninstall in the run box and click "OK". Please note the space between the "x" and the "/Uninstall", it needs to be there.
Removal of Tools
You no longer need DDS, aswMBR or TDSSKiller.
Please delete them from your machine.
Once you have completed the above steps you should be good to go! If you have any further questions, please feel free to ask.
Finally, please take the time to read through the information provided below:
Enhance your System Security
For an excellent list of free anti virus software, free online virus scanners, free spyware detection/removal and free firewalls, click here. (http://www.geekstogo.com/forum/Free-Antivirus-Antispyware-Software-t38.html)
IMPORTANT! Please make sure you only have ONE firewall and ONE real-time antivirus installed on your system. When using "on demand" scanners, first update the detection signature files, then disconnect from the internet and disable your resident security program before running the scan.
Once complete, remember to re-engage your resident security before going online.
Web Browsers and Browser Security
Firefox
Firefox is generally considered to have greater browsing security in comparison to other popular programs. You can download Firefox 3.0 from here. (http://www.mozilla.com/en-US/firefox/)
No-Script
If you use Firefox as your default browser, No-Script can provide additional security by preventing malicious scripts from being executed on your system.
You can download No-Script by clicking here. (https://addons.mozilla.org/en-US/firefox/addon/722)
Internet Explorer
The newest version of Internet Explorer is available from here. (http://www.microsoft.com/windows/internet-explorer/?ocid=ie8_s_94735d11-65d1-4bb8-bf6f-72d7b059a928)
SpywareBlaster
If you use Internet Explorer as your default browser, SpywareBlaster would be a valuable addition to your online security.
SpywareBlaster prevents malicious ActiveX objects from being downloaded onto your system.
You can download SpywareBlaster by clicking here. (http://www.javacoolsoftware.com/sbdownload.html)
Web of Trust
When using search engines, Web of Trust provides you with an easy way of telling the good sites from the bad and is compatible with both Firefox and Internet Explorer.
Coloured symbols are displayed next to search results, giving you more confidence in the links you choose to click on: Green (To go), Yellow (Caution) and Red (Stop).
You can download Web of Trust by clicking here. (http://www.mywot.com/)
Keep your Software Updated
Outdated software can sometimes have vulnerabilities that are exploitable by malware.
Check if there are available updates for your installed software with Secunia's Online Software Inspector by clicking here. (http://secunia.com/vulnerability_scanning/online/)
Passwords
Learn how to create strong passwords by clicking here (http://www.microsoft.com/protect/yourself/password/create.mspx) and test the strength of the passwords you already use by clicking here. (http://www.microsoft.com/protect/yourself/password/checker.mspx)
General Reading
PC Safety and Security - What do I need? (http://www.techsupportforum.com/security-center/general-computer-security/115548-pc-safety-security-what-do-i-need.html)
How to prevent Malware (by Miekiemoes) (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html)
Learn How To Combat Malware
Would you like to learn how to fight back against malware and help others? Enroll at the What The Tech (Formerly Tom Coyotes) Malware Classroom by clicking here. (http://forums.whatthetech.com/What_Tech_Classroom_t80368.html)
I will follow your last instructions and want to thank you so very much for your time and patience. You are a godsend! I do have one question if you dont mind? System restore? I know I have seen this computer mention somewhere that there is to much room allocated for it...hence lots of restore points. Isnt that where trojans and malware like to hide? Thank you!!!!!
Hello diane7
thank you so very much for your time and patience You are Very Welcome Diane :bigthumb:
I do have one question if you dont mind? System restore? I know I have seen this computer mention somewhere that there is to much room allocated for it...
hence lots of restore points. Isnt that where trojans and malware like to hide? Thank you!!!!!A very good question. Malware can (and quite often does) hide in system restore points. However, no infected points were detected when you ran your online scan. As for the points you have in place, those will be taken care of when you remove the tools we used to clean your machine (I'm not going to discuss the precise details on the open forum but there are things that happen behind the scenes when you uninstall the tools we used, which is why it is important to follow the directions exactly as they are described).
You have no infected restore points so there is nothing to worry about :)
That makes sense to me. I started on your last set of instructions and I cannot locate specifically the Spybot Recovery Folder.
Please empty your Spybot Recovery Folder
Some of the infections detected by the ESET Online Scan are located in your Spybot Recovery Folder.
To empty this folder, please do the following:
Open Spybot Search & Destroy, click on "Recovery", select "SmitfraudCgeneric.zip", then click on "purge selected items".
Close Spybot.
Hello diane7
I cannot locate specifically the Spybot Recovery FolderLets try it manually:
Please make all files and folders VISIBLE:
Close all open programs.
Click on the "Windows Orb" (bottom left hand corner of your screen).
Click on "Control Panel", and then on "Appearance and Personalization".
Under Folder Options, click on "Show hidden files and folders".
Remove the checkmark from the checkbox labeled "Hide extensions for known file types".
Remove the checkmark from the checkbox labeled "Hide protected operating system files (Recommended)".
Press the "Apply" button and then the "OK" button.
For more detail, please see here (http://www.bleepingcomputer.com/tutorials/tutorial151.html).
Please search for the following files/folders
NOTE: DO NOT double click on ANY files in the next step!!!
Right-click your "Start" button and select "Explore".
Navigate to and delete the following files in bold.
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip <=== Delete this file.
C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip <=== Delete this file.
Once deleted, empty your recycle bin.
As this issue appears to be resolved this thread is now closed.