Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boot Failures; Slow PC SAS Freezez and Graphic Card Miscues


  • This topic is locked This topic is locked
108 replies to this topic

#31 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 08 March 2014 - 10:52 PM

here it goes

 

ComboFix 14-03-05.01 - JBA P 03/08/2014  18:10:59.4.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3895.2251 [GMT -5:00]
Running from: c:\users\JBA P\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-08 to 2014-03-08  )))))))))))))))))))))))))))))))
.
.
2014-03-08 23:28 . 2014-03-08 23:28    --------    d-----w-    c:\users\Kids\AppData\Local\temp
2014-03-08 23:28 . 2014-03-08 23:28    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-03-08 23:02 . 2014-03-08 23:02    --------    d-----w-    c:\users\JBA P\AppData\Roaming\TuneUp Software
2014-03-07 21:32 . 2014-03-07 21:32    --------    d-----w-    c:\users\JBA P\AppData\Roaming\FileAssociationManager
2014-03-07 15:04 . 2014-03-07 22:41    --------    d-----w-    c:\program files (x86)\VS Revo Group
2014-03-07 00:41 . 2014-03-07 22:39    --------    d-----w-    C:\FRST
2014-03-05 01:32 . 2014-03-07 22:47    --------    d-----w-    c:\program files (x86)\Search-Protect
2014-03-03 14:30 . 2014-03-07 22:41    --------    d-----w-    c:\program files\iPod
2014-03-03 14:30 . 2014-03-07 22:47    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 14:30 . 2014-03-07 22:47    --------    d-----w-    c:\program files\iTunes
2014-03-03 14:30 . 2014-03-07 22:47    --------    d-----w-    c:\program files (x86)\iTunes
2014-03-03 14:23 . 2014-03-03 14:23    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-03 14:23 . 2014-03-03 14:23    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-03 14:23 . 2014-03-03 14:23    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-03 14:23 . 2014-03-03 14:23    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-03 14:23 . 2014-03-03 14:23    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-03 14:23 . 2014-03-07 22:47    --------    d-----w-    c:\program files (x86)\QuickTime
2014-03-03 00:33 . 2014-03-03 00:33    189248    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
2014-03-03 00:32 . 2014-03-03 00:32    75136    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
2014-03-03 00:16 . 2014-03-07 22:40    --------    d-----w-    c:\program files (x86)\EA Games
2014-03-02 23:46 . 2014-03-07 22:47    --------    d-----w-    c:\program files (x86)\SystemRequirementsLab
2014-03-02 23:41 . 2014-03-02 23:41    --------    d-----w-    c:\programdata\Oracle
2014-03-02 23:40 . 2014-03-07 22:39    --------    d-----w-    c:\program files (x86)\Common Files\Java
2014-03-02 23:40 . 2014-03-02 23:40    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-02 23:16 . 2014-03-07 22:47    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2014-03-02 23:16 . 2014-03-07 00:31    --------    d-----w-    c:\program files (x86)\Spybot - Search & Destroy 2
2014-03-02 22:24 . 2014-03-07 22:48    --------    d-----w-    c:\users\JBA P\AppData\Roaming\SUPERAntiSpyware.com
2014-03-02 21:56 . 2014-03-07 22:47    --------    d-----w-    c:\program files\IDT
2014-03-02 20:49 . 2014-03-08 23:07    --------    d-----w-    c:\users\JBA P\AppData\Local\CrashDumps
2014-03-02 20:49 . 2014-03-07 22:47    --------    d-----w-    c:\programdata\Atheros
2014-03-02 20:40 . 2014-03-02 20:40    --------    d-----w-    c:\users\JBA P\AppData\Roaming\Atheros
2014-03-02 20:39 . 2014-03-02 20:39    --------    d-----w-    c:\program files (x86)\Common Files\Atheros
2014-03-02 20:38 . 2014-03-02 20:38    --------    d-----w-    c:\windows\Options
2014-03-02 20:38 . 2014-03-07 22:48    --------    d-----w-    c:\windows\system32\nn-NO
2014-03-02 20:38 . 2012-03-08 22:37    60416    ----a-w-    c:\windows\system32\athihvui.dll
2014-03-02 20:38 . 2012-03-08 22:37    439296    ----a-w-    c:\windows\system32\athihvs.dll
2014-03-02 20:38 . 2014-03-07 22:39    --------    d-----w-    c:\program files (x86)\Cisco
2014-03-01 00:46 . 2014-03-07 22:42    --------    d-----w-    c:\users\JBA P\AppData\Roaming\PCDr
2014-03-01 00:45 . 2014-03-01 00:46    --------    d-----w-    c:\programdata\PCDr
2014-02-13 00:54 . 2013-12-21 09:53    548864    ----a-w-    c:\windows\system32\vbscript.dll
2014-02-13 00:54 . 2013-12-21 08:56    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-02-12 00:09 . 2013-12-06 02:30    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2014-02-12 00:08 . 2013-12-24 23:09    1987584    ----a-w-    c:\windows\SysWow64\d3d10warp.dll
2014-02-12 00:08 . 2013-12-24 22:48    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2014-02-12 00:08 . 2013-11-26 08:16    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2014-02-12 00:08 . 2013-11-22 22:48    3928064    ----a-w-    c:\windows\system32\d2d1.dll
2014-02-09 20:31 . 2014-02-09 20:31    --------    d-----w-    C:\found.004
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-22 15:18 . 2012-10-30 15:40    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-22 15:18 . 2011-08-18 16:23    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 21:24 . 2014-01-17 21:24    94208    ----a-w-    c:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 21:24 . 2014-01-17 21:24    69632    ----a-w-    c:\windows\SysWow64\QuickTime.qts
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"DellSystemDetect"="c:\users\JBA P\AppData\Local\Apps\2.0\7RL0DAHN.ZKD\CJN83JBK.NQR\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe" [2014-03-02 253952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-02-14 495746]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-13 43848]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R3 0045371314211640mcinstcleanup;McAfee Application Installer Cleanup (0045371314211640);c:\windows\TEMP\004537~1.EXE;c:\windows\TEMP\004537~1.EXE [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 SpyroService;Spyro Portal Service;c:\program files (x86)\FS\Spyro Portal\FlashPortal.exe;c:\program files (x86)\FS\Spyro Portal\FlashPortal.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 02:57    1150280    ----a-w-    c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 15:18]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-22 00:48]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-22 00:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 20:05    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 20:05    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 20:05    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 20:05    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 20:05    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-08-08 2034752]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2012-03-09 1021056]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2012-03-09 800896]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:8080
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: dell.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ACE9E607-269F-4CCF-9E87-1FDCCA78A1D0}\73033393839373330383: NameServer = 208.67.222.222,208.67.222.220
TCP: Interfaces\{ACE9E607-269F-4CCF-9E87-1FDCCA78A1D0}\A4241402052E08993702960586F6E656: NameServer = 208.67.222.222,208.67.222.220
FF - ProfilePath - c:\users\JBA P\AppData\Roaming\Mozilla\Firefox\Profiles\badpz2dl.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-10-02 17:24; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
AddRemove-7-Zip - c:\users\JBA P\AppData\Roaming\.minecraft\bin\7-Zip\Uninstall.exe
AddRemove-FileAssociationManager - c:\program files (x86)\FileAssociationManager\uninstall-fam.exe
AddRemove-RegPowerClean_is1 - c:\program files (x86)\Winferno\RegistryPowerCleaner\unins000.exe
AddRemove-Video Converter Bundle - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
AddRemove-{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1 - c:\program files (x86)\WinZip Driver Updater\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Completion time: 2014-03-08  22:44:33
ComboFix-quarantined-files.txt  2014-03-09 03:44
ComboFix2.txt  2014-03-08 06:16
.
Pre-Run: 512,674,095,104 bytes free
Post-Run: 512,192,258,048 bytes free
.
- - End Of File - - 9757B63992028C0219A3719531EA6D54
 



BC AdBot (Login to Remove)

 


#32 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 09 March 2014 - 02:01 PM

Please run TDSSKiller and aswMBR and post the results.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#33 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 09 March 2014 - 06:24 PM

OK, here is TDSSKiller log:

 

17:33:43.0334 0x1018  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
17:33:53.0405 0x1018  ============================================================
17:33:53.0405 0x1018  Current date / time: 2014/03/09 17:33:53.0405
17:33:53.0405 0x1018  SystemInfo:
17:33:53.0405 0x1018  
17:33:53.0405 0x1018  OS Version: 6.1.7601 ServicePack: 1.0
17:33:53.0405 0x1018  Product type: Workstation
17:33:53.0405 0x1018  ComputerName: JBAP-PC
17:33:53.0405 0x1018  UserName: JBA P
17:33:53.0405 0x1018  Windows directory: C:\windows
17:33:53.0405 0x1018  System windows directory: C:\windows
17:33:53.0405 0x1018  Running under WOW64
17:33:53.0405 0x1018  Processor architecture: Intel x64
17:33:53.0405 0x1018  Number of processors: 4
17:33:53.0405 0x1018  Page size: 0x1000
17:33:53.0405 0x1018  Boot type: Normal boot
17:33:53.0405 0x1018  ============================================================
17:33:53.0655 0x1018  KLMD registered as C:\windows\system32\drivers\27092800.sys
17:33:53.0785 0x1018  System UUID: {57270C93-2EE5-ABB5-0ADB-DD40DC903C4A}
17:33:54.0275 0x1018  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:33:54.0275 0x1018  ============================================================
17:33:54.0275 0x1018  \Device\Harddisk0\DR0:
17:33:54.0285 0x1018  MBR partitions:
17:33:54.0285 0x1018  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:33:54.0285 0x1018  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
17:33:54.0285 0x1018  ============================================================
17:33:54.0315 0x1018  C: <-> \Device\Harddisk0\DR0\Partition2
17:33:54.0315 0x1018  ============================================================
17:33:54.0315 0x1018  Initialize success
17:33:54.0315 0x1018  ============================================================
17:34:05.0127 0x0994  ============================================================
17:34:05.0127 0x0994  Scan started
17:34:05.0127 0x0994  Mode: Manual;
17:34:05.0127 0x0994  ============================================================
17:34:05.0127 0x0994  KSN ping started
17:34:18.0799 0x0994  KSN ping finished: true
17:34:19.0209 0x0994  ================ Scan system memory ========================
17:34:19.0209 0x0994  System memory - ok
17:34:19.0209 0x0994  ================ Scan services =============================
17:34:19.0389 0x0994  0045371314211640mcinstcleanup - ok
17:34:19.0559 0x0994  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
17:34:19.0569 0x0994  1394ohci - ok
17:34:19.0649 0x0994  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
17:34:19.0689 0x0994  ACPI - ok
17:34:19.0729 0x0994  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
17:34:19.0729 0x0994  AcpiPmi - ok
17:34:19.0969 0x0994  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:19.0979 0x0994  AdobeFlashPlayerUpdateSvc - ok
17:34:20.0079 0x0994  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
17:34:20.0119 0x0994  adp94xx - ok
17:34:20.0169 0x0994  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
17:34:20.0179 0x0994  adpahci - ok
17:34:20.0209 0x0994  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
17:34:20.0209 0x0994  adpu320 - ok
17:34:20.0269 0x0994  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
17:34:20.0269 0x0994  AeLookupSvc - ok
17:34:20.0389 0x0994  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
17:34:20.0389 0x0994  AESTFilters - ok
17:34:20.0459 0x0994  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
17:34:20.0489 0x0994  AFD - ok
17:34:20.0539 0x0994  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
17:34:20.0549 0x0994  agp440 - ok
17:34:20.0579 0x0994  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
17:34:20.0589 0x0994  ALG - ok
17:34:20.0659 0x0994  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
17:34:20.0659 0x0994  aliide - ok
17:34:20.0699 0x0994  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
17:34:20.0699 0x0994  amdide - ok
17:34:20.0729 0x0994  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
17:34:20.0729 0x0994  AmdK8 - ok
17:34:20.0749 0x0994  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
17:34:20.0759 0x0994  AmdPPM - ok
17:34:20.0779 0x0994  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
17:34:20.0779 0x0994  amdsata - ok
17:34:20.0839 0x0994  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
17:34:20.0849 0x0994  amdsbs - ok
17:34:20.0869 0x0994  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
17:34:20.0869 0x0994  amdxata - ok
17:34:20.0919 0x0994  [ 6690E42CED5D067233ABAD42DA141213, 7FECA42624513E6C3216E91F708E97101CCFC252F925A3707EA8560D8059CBE3 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
17:34:20.0929 0x0994  ApfiltrService - ok
17:34:20.0979 0x0994  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
17:34:20.0989 0x0994  AppID - ok
17:34:21.0019 0x0994  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
17:34:21.0029 0x0994  AppIDSvc - ok
17:34:21.0079 0x0994  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
17:34:21.0079 0x0994  Appinfo - ok
17:34:21.0210 0x0994  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:34:21.0210 0x0994  Apple Mobile Device - ok
17:34:21.0270 0x0994  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
17:34:21.0270 0x0994  arc - ok
17:34:21.0300 0x0994  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
17:34:21.0300 0x0994  arcsas - ok
17:34:21.0450 0x0994  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:34:21.0450 0x0994  aspnet_state - ok
17:34:21.0470 0x0994  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
17:34:21.0470 0x0994  AsyncMac - ok
17:34:21.0550 0x0994  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
17:34:21.0560 0x0994  atapi - ok
17:34:21.0670 0x0994  [ E1211175C28C86A14BFC216BA3F4C2E7, 651632309620DA98D35F3337BB76E087674F110FB5E75597EAE914AC0221E6EA ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
17:34:21.0680 0x0994  AtherosSvc - ok
17:34:21.0840 0x0994  [ 0B034E43E0B4A33BB5624C28EFE3C6ED, 5C727562C79E487B5D85F59B9496273FD56E502CED399EE613FAB0A50E12EE16 ] athr            C:\windows\system32\DRIVERS\athrx.sys
17:34:21.0960 0x0994  athr - ok
17:34:22.0060 0x0994  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:34:22.0140 0x0994  AudioEndpointBuilder - ok
17:34:22.0190 0x0994  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
17:34:22.0200 0x0994  AudioSrv - ok
17:34:22.0260 0x0994  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\windows\system32\drivers\avgtpx64.sys
17:34:22.0260 0x0994  avgtp - ok
17:34:22.0300 0x0994  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
17:34:22.0300 0x0994  AxInstSV - ok
17:34:22.0350 0x0994  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
17:34:22.0360 0x0994  b06bdrv - ok
17:34:22.0400 0x0994  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
17:34:22.0410 0x0994  b57nd60a - ok
17:34:22.0430 0x0994  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
17:34:22.0430 0x0994  BDESVC - ok
17:34:22.0440 0x0994  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
17:34:22.0440 0x0994  Beep - ok
17:34:22.0500 0x0994  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
17:34:22.0530 0x0994  BFE - ok
17:34:22.0590 0x0994  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\system32\qmgr.dll
17:34:22.0630 0x0994  BITS - ok
17:34:22.0660 0x0994  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
17:34:22.0660 0x0994  blbdrive - ok
17:34:22.0760 0x0994  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:34:22.0780 0x0994  Bonjour Service - ok
17:34:22.0830 0x0994  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
17:34:22.0830 0x0994  bowser - ok
17:34:22.0860 0x0994  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
17:34:22.0860 0x0994  BrFiltLo - ok
17:34:22.0870 0x0994  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
17:34:22.0870 0x0994  BrFiltUp - ok
17:34:22.0900 0x0994  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
17:34:22.0900 0x0994  BridgeMP - ok
17:34:22.0960 0x0994  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
17:34:22.0970 0x0994  Browser - ok
17:34:22.0990 0x0994  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
17:34:22.0990 0x0994  Brserid - ok
17:34:23.0020 0x0994  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
17:34:23.0020 0x0994  BrSerWdm - ok
17:34:23.0060 0x0994  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
17:34:23.0060 0x0994  BrUsbMdm - ok
17:34:23.0080 0x0994  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
17:34:23.0080 0x0994  BrUsbSer - ok
17:34:23.0120 0x0994  [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS       C:\windows\system32\DRIVERS\btath_bus.sys
17:34:23.0120 0x0994  BTATH_BUS - ok
17:34:23.0200 0x0994  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
17:34:23.0200 0x0994  BthEnum - ok
17:34:23.0230 0x0994  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
17:34:23.0230 0x0994  BTHMODEM - ok
17:34:23.0260 0x0994  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
17:34:23.0270 0x0994  BthPan - ok
17:34:23.0340 0x0994  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
17:34:23.0380 0x0994  BTHPORT - ok
17:34:23.0420 0x0994  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
17:34:23.0430 0x0994  bthserv - ok
17:34:23.0470 0x0994  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
17:34:23.0470 0x0994  BTHUSB - ok
17:34:23.0540 0x0994  catchme - ok
17:34:23.0560 0x0994  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
17:34:23.0570 0x0994  cdfs - ok
17:34:23.0620 0x0994  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
17:34:23.0620 0x0994  cdrom - ok
17:34:23.0660 0x0994  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
17:34:23.0660 0x0994  CertPropSvc - ok
17:34:23.0680 0x0994  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
17:34:23.0690 0x0994  circlass - ok
17:34:23.0720 0x0994  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
17:34:23.0730 0x0994  CLFS - ok
17:34:23.0810 0x0994  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:23.0820 0x0994  clr_optimization_v2.0.50727_32 - ok
17:34:23.0860 0x0994  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:34:23.0860 0x0994  clr_optimization_v2.0.50727_64 - ok
17:34:23.0950 0x0994  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:34:23.0950 0x0994  clr_optimization_v4.0.30319_32 - ok
17:34:23.0970 0x0994  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:34:23.0980 0x0994  clr_optimization_v4.0.30319_64 - ok
17:34:24.0050 0x0994  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
17:34:24.0050 0x0994  CmBatt - ok
17:34:24.0100 0x0994  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
17:34:24.0100 0x0994  cmdide - ok
17:34:24.0160 0x0994  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
17:34:24.0170 0x0994  CNG - ok
17:34:24.0190 0x0994  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
17:34:24.0190 0x0994  Compbatt - ok
17:34:24.0220 0x0994  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
17:34:24.0220 0x0994  CompositeBus - ok
17:34:24.0240 0x0994  COMSysApp - ok
17:34:24.0250 0x0994  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
17:34:24.0260 0x0994  crcdisk - ok
17:34:24.0310 0x0994  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
17:34:24.0310 0x0994  CryptSvc - ok
17:34:24.0390 0x0994  [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
17:34:24.0400 0x0994  CtClsFlt - ok
17:34:24.0500 0x0994  [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys
17:34:24.0510 0x0994  ctxusbm - ok
17:34:24.0570 0x0994  [ 1CA90212A99DB6975C344826D11055C9, 8C430087C36A9E38B9A3D789990C1122E40CA847B395DF7D1537EE769E1FFEE7 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
17:34:24.0570 0x0994  dc3d - ok
17:34:24.0640 0x0994  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
17:34:24.0650 0x0994  DcomLaunch - ok
17:34:24.0690 0x0994  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
17:34:24.0710 0x0994  defragsvc - ok
17:34:24.0730 0x0994  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
17:34:24.0730 0x0994  DfsC - ok
17:34:24.0750 0x0994  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
17:34:24.0760 0x0994  Dhcp - ok
17:34:24.0800 0x0994  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
17:34:24.0800 0x0994  discache - ok
17:34:24.0870 0x0994  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
17:34:24.0880 0x0994  Disk - ok
17:34:24.0930 0x0994  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
17:34:24.0930 0x0994  Dnscache - ok
17:34:24.0960 0x0994  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
17:34:24.0980 0x0994  dot3svc - ok
17:34:25.0040 0x0994  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
17:34:25.0040 0x0994  Dot4 - ok
17:34:25.0060 0x0994  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
17:34:25.0060 0x0994  Dot4Print - ok
17:34:25.0100 0x0994  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
17:34:25.0110 0x0994  dot4usb - ok
17:34:25.0140 0x0994  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
17:34:25.0140 0x0994  DPS - ok
17:34:25.0190 0x0994  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
17:34:25.0190 0x0994  drmkaud - ok
17:34:25.0260 0x0994  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
17:34:25.0290 0x0994  DXGKrnl - ok
17:34:25.0320 0x0994  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
17:34:25.0320 0x0994  EapHost - ok
17:34:25.0470 0x0994  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
17:34:25.0590 0x0994  ebdrv - ok
17:34:25.0630 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe
17:34:25.0640 0x0994  EFS - ok
17:34:25.0730 0x0994  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
17:34:25.0780 0x0994  ehRecvr - ok
17:34:25.0810 0x0994  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
17:34:25.0820 0x0994  ehSched - ok
17:34:25.0860 0x0994  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
17:34:25.0890 0x0994  elxstor - ok
17:34:25.0930 0x0994  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
17:34:25.0930 0x0994  ErrDev - ok
17:34:25.0990 0x0994  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
17:34:26.0010 0x0994  EventSystem - ok
17:34:26.0040 0x0994  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
17:34:26.0040 0x0994  exfat - ok
17:34:26.0070 0x0994  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
17:34:26.0070 0x0994  fastfat - ok
17:34:26.0120 0x0994  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
17:34:26.0160 0x0994  Fax - ok
17:34:26.0180 0x0994  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
17:34:26.0180 0x0994  fdc - ok
17:34:26.0210 0x0994  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
17:34:26.0210 0x0994  fdPHost - ok
17:34:26.0230 0x0994  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
17:34:26.0230 0x0994  FDResPub - ok
17:34:26.0260 0x0994  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
17:34:26.0260 0x0994  FileInfo - ok
17:34:26.0280 0x0994  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
17:34:26.0280 0x0994  Filetrace - ok
17:34:26.0390 0x0994  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:34:26.0450 0x0994  FLEXnet Licensing Service - ok
17:34:26.0470 0x0994  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
17:34:26.0470 0x0994  flpydisk - ok
17:34:26.0490 0x0994  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
17:34:26.0500 0x0994  FltMgr - ok
17:34:26.0580 0x0994  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
17:34:26.0640 0x0994  FontCache - ok
17:34:26.0690 0x0994  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:34:26.0700 0x0994  FontCache3.0.0.0 - ok
17:34:26.0720 0x0994  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
17:34:26.0720 0x0994  FsDepends - ok
17:34:26.0750 0x0994  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
17:34:26.0750 0x0994  Fs_Rec - ok
17:34:26.0800 0x0994  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
17:34:26.0810 0x0994  fvevol - ok
17:34:26.0830 0x0994  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
17:34:26.0830 0x0994  gagp30kx - ok
17:34:26.0970 0x0994  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
17:34:26.0980 0x0994  GamesAppIntegrationService - ok
17:34:27.0030 0x0994  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:34:27.0050 0x0994  GamesAppService - ok
17:34:27.0080 0x0994  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:34:27.0080 0x0994  GEARAspiWDM - ok
17:34:27.0130 0x0994  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
17:34:27.0170 0x0994  gpsvc - ok
17:34:27.0290 0x0994  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:34:27.0300 0x0994  gupdate - ok
17:34:27.0330 0x0994  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:34:27.0340 0x0994  gupdatem - ok
17:34:27.0380 0x0994  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
17:34:27.0380 0x0994  hcw85cir - ok
17:34:27.0410 0x0994  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:34:27.0440 0x0994  HdAudAddService - ok
17:34:27.0450 0x0994  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
17:34:27.0460 0x0994  HDAudBus - ok
17:34:27.0510 0x0994  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
17:34:27.0510 0x0994  HECIx64 - ok
17:34:27.0530 0x0994  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
17:34:27.0530 0x0994  HidBatt - ok
17:34:27.0540 0x0994  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
17:34:27.0540 0x0994  HidBth - ok
17:34:27.0570 0x0994  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
17:34:27.0570 0x0994  HidIr - ok
17:34:27.0600 0x0994  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
17:34:27.0600 0x0994  hidserv - ok
17:34:27.0660 0x0994  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
17:34:27.0670 0x0994  HidUsb - ok
17:34:27.0700 0x0994  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
17:34:27.0700 0x0994  hkmsvc - ok
17:34:27.0720 0x0994  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:34:27.0730 0x0994  HomeGroupListener - ok
17:34:27.0760 0x0994  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:34:27.0760 0x0994  HomeGroupProvider - ok
17:34:27.0870 0x0994  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:34:27.0880 0x0994  hpqcxs08 - ok
17:34:27.0930 0x0994  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:34:27.0940 0x0994  hpqddsvc - ok
17:34:28.0000 0x0994  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
17:34:28.0010 0x0994  HpSAMD - ok
17:34:28.0110 0x0994  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:34:28.0161 0x0994  HPSLPSVC - ok
17:34:28.0211 0x0994  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
17:34:28.0251 0x0994  HTTP - ok
17:34:28.0261 0x0994  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
17:34:28.0271 0x0994  hwpolicy - ok
17:34:28.0321 0x0994  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
17:34:28.0321 0x0994  i8042prt - ok
17:34:28.0381 0x0994  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
17:34:28.0391 0x0994  iaStor - ok
17:34:28.0451 0x0994  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:34:28.0451 0x0994  IAStorDataMgrSvc - ok
17:34:28.0501 0x0994  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
17:34:28.0511 0x0994  iaStorV - ok
17:34:28.0591 0x0994  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:28.0621 0x0994  idsvc - ok
17:34:29.0051 0x0994  [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
17:34:29.0451 0x0994  igfx - ok
17:34:29.0501 0x0994  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
17:34:29.0501 0x0994  iirsp - ok
17:34:29.0561 0x0994  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
17:34:29.0591 0x0994  IKEEXT - ok
17:34:29.0631 0x0994  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
17:34:29.0631 0x0994  Impcd - ok
17:34:29.0681 0x0994  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
17:34:29.0681 0x0994  IntcDAud - ok
17:34:29.0721 0x0994  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
17:34:29.0731 0x0994  intelide - ok
17:34:29.0751 0x0994  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
17:34:29.0751 0x0994  intelppm - ok
17:34:29.0791 0x0994  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
17:34:29.0801 0x0994  IPBusEnum - ok
17:34:29.0851 0x0994  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
17:34:29.0861 0x0994  IpFilterDriver - ok
17:34:29.0931 0x0994  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
17:34:29.0951 0x0994  iphlpsvc - ok
17:34:29.0971 0x0994  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
17:34:29.0971 0x0994  IPMIDRV - ok
17:34:30.0011 0x0994  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
17:34:30.0021 0x0994  IPNAT - ok
17:34:30.0171 0x0994  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:34:30.0191 0x0994  iPod Service - ok
17:34:30.0221 0x0994  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
17:34:30.0221 0x0994  IRENUM - ok
17:34:30.0241 0x0994  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
17:34:30.0251 0x0994  isapnp - ok
17:34:30.0301 0x0994  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
17:34:30.0301 0x0994  iScsiPrt - ok
17:34:30.0321 0x0994  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
17:34:30.0321 0x0994  kbdclass - ok
17:34:30.0351 0x0994  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
17:34:30.0351 0x0994  kbdhid - ok
17:34:30.0371 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe
17:34:30.0371 0x0994  KeyIso - ok
17:34:30.0411 0x0994  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
17:34:30.0411 0x0994  KSecDD - ok
17:34:30.0431 0x0994  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
17:34:30.0431 0x0994  KSecPkg - ok
17:34:30.0471 0x0994  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
17:34:30.0471 0x0994  ksthunk - ok
17:34:30.0531 0x0994  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
17:34:30.0541 0x0994  KtmRm - ok
17:34:30.0601 0x0994  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
17:34:30.0601 0x0994  LanmanServer - ok
17:34:30.0641 0x0994  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:34:30.0651 0x0994  LanmanWorkstation - ok
17:34:30.0691 0x0994  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
17:34:30.0691 0x0994  lltdio - ok
17:34:30.0761 0x0994  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
17:34:30.0791 0x0994  lltdsvc - ok
17:34:30.0811 0x0994  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
17:34:30.0811 0x0994  lmhosts - ok
17:34:30.0881 0x0994  [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:34:30.0891 0x0994  LMS - ok
17:34:30.0941 0x0994  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
17:34:30.0951 0x0994  LSI_FC - ok
17:34:31.0001 0x0994  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
17:34:31.0001 0x0994  LSI_SAS - ok
17:34:31.0021 0x0994  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
17:34:31.0031 0x0994  LSI_SAS2 - ok
17:34:31.0041 0x0994  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
17:34:31.0051 0x0994  LSI_SCSI - ok
17:34:31.0071 0x0994  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
17:34:31.0071 0x0994  luafv - ok
17:34:31.0121 0x0994  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
17:34:31.0121 0x0994  Mcx2Svc - ok
17:34:31.0141 0x0994  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
17:34:31.0141 0x0994  megasas - ok
17:34:31.0172 0x0994  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
17:34:31.0182 0x0994  MegaSR - ok
17:34:31.0212 0x0994  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
17:34:31.0222 0x0994  MMCSS - ok
17:34:31.0242 0x0994  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
17:34:31.0242 0x0994  Modem - ok
17:34:31.0282 0x0994  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
17:34:31.0282 0x0994  monitor - ok
17:34:31.0292 0x0994  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
17:34:31.0292 0x0994  mouclass - ok
17:34:31.0312 0x0994  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
17:34:31.0312 0x0994  mouhid - ok
17:34:31.0332 0x0994  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
17:34:31.0342 0x0994  mountmgr - ok
17:34:31.0472 0x0994  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:34:31.0482 0x0994  MozillaMaintenance - ok
17:34:31.0502 0x0994  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
17:34:31.0512 0x0994  mpio - ok
17:34:31.0572 0x0994  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
17:34:31.0572 0x0994  mpsdrv - ok
17:34:31.0642 0x0994  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
17:34:31.0682 0x0994  MpsSvc - ok
17:34:31.0722 0x0994  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
17:34:31.0722 0x0994  MRxDAV - ok
17:34:31.0772 0x0994  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
17:34:31.0782 0x0994  mrxsmb - ok
17:34:31.0842 0x0994  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
17:34:31.0852 0x0994  mrxsmb10 - ok
17:34:31.0872 0x0994  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
17:34:31.0882 0x0994  mrxsmb20 - ok
17:34:31.0912 0x0994  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
17:34:31.0912 0x0994  msahci - ok
17:34:31.0952 0x0994  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
17:34:31.0962 0x0994  msdsm - ok
17:34:32.0002 0x0994  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
17:34:32.0022 0x0994  MSDTC - ok
17:34:32.0042 0x0994  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
17:34:32.0042 0x0994  Msfs - ok
17:34:32.0072 0x0994  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
17:34:32.0072 0x0994  mshidkmdf - ok
17:34:32.0102 0x0994  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
17:34:32.0102 0x0994  msisadrv - ok
17:34:32.0132 0x0994  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
17:34:32.0142 0x0994  MSiSCSI - ok
17:34:32.0162 0x0994  msiserver - ok
17:34:32.0192 0x0994  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
17:34:32.0192 0x0994  MSKSSRV - ok
17:34:32.0202 0x0994  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
17:34:32.0202 0x0994  MSPCLOCK - ok
17:34:32.0232 0x0994  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
17:34:32.0232 0x0994  MSPQM - ok
17:34:32.0262 0x0994  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
17:34:32.0272 0x0994  MsRPC - ok
17:34:32.0292 0x0994  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
17:34:32.0292 0x0994  mssmbios - ok
17:34:32.0312 0x0994  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
17:34:32.0312 0x0994  MSTEE - ok
17:34:32.0352 0x0994  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
17:34:32.0352 0x0994  MTConfig - ok
17:34:32.0362 0x0994  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
17:34:32.0372 0x0994  Mup - ok
17:34:32.0412 0x0994  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
17:34:32.0422 0x0994  napagent - ok
17:34:32.0462 0x0994  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
17:34:32.0472 0x0994  NativeWifiP - ok
17:34:32.0542 0x0994  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
17:34:32.0602 0x0994  NDIS - ok
17:34:32.0622 0x0994  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
17:34:32.0622 0x0994  NdisCap - ok
17:34:32.0642 0x0994  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
17:34:32.0642 0x0994  NdisTapi - ok
17:34:32.0672 0x0994  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
17:34:32.0672 0x0994  Ndisuio - ok
17:34:32.0682 0x0994  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
17:34:32.0692 0x0994  NdisWan - ok
17:34:32.0712 0x0994  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
17:34:32.0712 0x0994  NDProxy - ok
17:34:32.0772 0x0994  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:34:32.0782 0x0994  Net Driver HPZ12 - ok
17:34:32.0812 0x0994  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\windows\system32\DRIVERS\netaapl64.sys
17:34:32.0822 0x0994  Netaapl - ok
17:34:32.0862 0x0994  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
17:34:32.0862 0x0994  NetBIOS - ok
17:34:32.0892 0x0994  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
17:34:32.0902 0x0994  NetBT - ok
17:34:32.0922 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe
17:34:32.0922 0x0994  Netlogon - ok
17:34:32.0962 0x0994  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
17:34:32.0972 0x0994  Netman - ok
17:34:33.0012 0x0994  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:33.0022 0x0994  NetMsmqActivator - ok
17:34:33.0042 0x0994  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:33.0042 0x0994  NetPipeActivator - ok
17:34:33.0062 0x0994  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
17:34:33.0072 0x0994  netprofm - ok
17:34:33.0092 0x0994  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:33.0092 0x0994  NetTcpActivator - ok
17:34:33.0102 0x0994  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:33.0102 0x0994  NetTcpPortSharing - ok
17:34:33.0142 0x0994  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
17:34:33.0142 0x0994  nfrd960 - ok
17:34:33.0193 0x0994  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
17:34:33.0203 0x0994  NlaSvc - ok
17:34:33.0353 0x0994  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:34:33.0453 0x0994  NOBU - ok
17:34:33.0463 0x0994  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
17:34:33.0463 0x0994  Npfs - ok
17:34:33.0493 0x0994  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
17:34:33.0493 0x0994  nsi - ok
17:34:33.0523 0x0994  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
17:34:33.0533 0x0994  nsiproxy - ok
17:34:33.0623 0x0994  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
17:34:33.0673 0x0994  Ntfs - ok
17:34:33.0693 0x0994  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
17:34:33.0693 0x0994  Null - ok
17:34:33.0723 0x0994  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
17:34:33.0733 0x0994  nvraid - ok
17:34:33.0753 0x0994  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
17:34:33.0753 0x0994  nvstor - ok
17:34:33.0793 0x0994  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
17:34:33.0793 0x0994  nv_agp - ok
17:34:33.0813 0x0994  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
17:34:33.0813 0x0994  ohci1394 - ok
17:34:33.0903 0x0994  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:34:33.0903 0x0994  ose - ok
17:34:34.0133 0x0994  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:34:34.0303 0x0994  osppsvc - ok
17:34:34.0343 0x0994  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
17:34:34.0353 0x0994  p2pimsvc - ok
17:34:34.0393 0x0994  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
17:34:34.0413 0x0994  p2psvc - ok
17:34:34.0443 0x0994  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
17:34:34.0443 0x0994  Parport - ok
17:34:34.0483 0x0994  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
17:34:34.0483 0x0994  partmgr - ok
17:34:34.0503 0x0994  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
17:34:34.0523 0x0994  PcaSvc - ok
17:34:34.0593 0x0994  [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
17:34:34.0603 0x0994  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
17:34:34.0623 0x0994  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
17:34:34.0633 0x0994  pci - ok
17:34:34.0683 0x0994  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
17:34:34.0683 0x0994  pciide - ok
17:34:34.0703 0x0994  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
17:34:34.0703 0x0994  pcmcia - ok
17:34:34.0723 0x0994  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
17:34:34.0723 0x0994  pcw - ok
17:34:34.0773 0x0994  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
17:34:34.0803 0x0994  PEAUTH - ok
17:34:34.0893 0x0994  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
17:34:34.0893 0x0994  PerfHost - ok
17:34:35.0013 0x0994  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
17:34:35.0063 0x0994  pla - ok
17:34:35.0153 0x0994  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
17:34:35.0173 0x0994  PlugPlay - ok
17:34:35.0193 0x0994  PnkBstrA - ok
17:34:35.0203 0x0994  PnkBstrB - ok
17:34:35.0213 0x0994  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
17:34:35.0223 0x0994  PNRPAutoReg - ok
17:34:35.0243 0x0994  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
17:34:35.0253 0x0994  PNRPsvc - ok
17:34:35.0313 0x0994  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\windows\system32\DRIVERS\point64.sys
17:34:35.0323 0x0994  Point64 - ok
17:34:35.0383 0x0994  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
17:34:35.0413 0x0994  PolicyAgent - ok
17:34:35.0453 0x0994  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
17:34:35.0463 0x0994  Power - ok
17:34:35.0513 0x0994  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
17:34:35.0513 0x0994  PptpMiniport - ok
17:34:35.0543 0x0994  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
17:34:35.0543 0x0994  Processor - ok
17:34:35.0583 0x0994  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
17:34:35.0593 0x0994  ProfSvc - ok
17:34:35.0613 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
17:34:35.0613 0x0994  ProtectedStorage - ok
17:34:35.0643 0x0994  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
17:34:35.0643 0x0994  Psched - ok
17:34:35.0703 0x0994  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
17:34:35.0703 0x0994  PxHlpa64 - ok
17:34:35.0773 0x0994  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
17:34:35.0883 0x0994  ql2300 - ok
17:34:35.0903 0x0994  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
17:34:35.0913 0x0994  ql40xx - ok
17:34:35.0943 0x0994  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
17:34:35.0943 0x0994  QWAVE - ok
17:34:35.0953 0x0994  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
17:34:35.0963 0x0994  QWAVEdrv - ok
17:34:35.0993 0x0994  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
17:34:35.0993 0x0994  RasAcd - ok
17:34:36.0033 0x0994  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
17:34:36.0033 0x0994  RasAgileVpn - ok
17:34:36.0063 0x0994  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
17:34:36.0063 0x0994  RasAuto - ok
17:34:36.0073 0x0994  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
17:34:36.0083 0x0994  Rasl2tp - ok
17:34:36.0123 0x0994  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
17:34:36.0133 0x0994  RasMan - ok
17:34:36.0153 0x0994  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
17:34:36.0153 0x0994  RasPppoe - ok
17:34:36.0183 0x0994  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
17:34:36.0183 0x0994  RasSstp - ok
17:34:36.0233 0x0994  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
17:34:36.0233 0x0994  rdbss - ok
17:34:36.0253 0x0994  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
17:34:36.0253 0x0994  rdpbus - ok
17:34:36.0263 0x0994  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
17:34:36.0263 0x0994  RDPCDD - ok
17:34:36.0303 0x0994  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
17:34:36.0303 0x0994  RDPENCDD - ok
17:34:36.0313 0x0994  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
17:34:36.0313 0x0994  RDPREFMP - ok
17:34:36.0343 0x0994  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
17:34:36.0353 0x0994  RDPWD - ok
17:34:36.0373 0x0994  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
17:34:36.0373 0x0994  rdyboost - ok
17:34:36.0423 0x0994  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
17:34:36.0423 0x0994  RemoteAccess - ok
17:34:36.0463 0x0994  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
17:34:36.0463 0x0994  RemoteRegistry - ok
17:34:36.0513 0x0994  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
17:34:36.0513 0x0994  RFCOMM - ok
17:34:36.0663 0x0994  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:34:36.0703 0x0994  RoxMediaDB12OEM - ok
17:34:36.0753 0x0994  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:34:36.0763 0x0994  RoxWatch12 - ok
17:34:36.0803 0x0994  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
17:34:36.0803 0x0994  RpcEptMapper - ok
17:34:36.0823 0x0994  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
17:34:36.0833 0x0994  RpcLocator - ok
17:34:36.0883 0x0994  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\System32\rpcss.dll
17:34:36.0893 0x0994  RpcSs - ok
17:34:36.0933 0x0994  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
17:34:36.0933 0x0994  rspndr - ok
17:34:37.0003 0x0994  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA, D6F76ECD30EDE1E5B1F01919B1492715947ACCA411D70BB2771427775736C055 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
17:34:37.0003 0x0994  RSUSBSTOR - ok
17:34:37.0043 0x0994  [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
17:34:37.0063 0x0994  RTL8167 - ok
17:34:37.0083 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe
17:34:37.0083 0x0994  SamSs - ok
17:34:37.0123 0x0994  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
17:34:37.0133 0x0994  sbp2port - ok
17:34:37.0183 0x0994  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
17:34:37.0193 0x0994  SCardSvr - ok
17:34:37.0204 0x0994  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
17:34:37.0214 0x0994  scfilter - ok
17:34:37.0274 0x0994  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
17:34:37.0314 0x0994  Schedule - ok
17:34:37.0344 0x0994  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
17:34:37.0344 0x0994  SCPolicySvc - ok
17:34:37.0364 0x0994  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
17:34:37.0374 0x0994  SDRSVC - ok
17:34:37.0394 0x0994  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
17:34:37.0394 0x0994  secdrv - ok
17:34:37.0434 0x0994  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
17:34:37.0434 0x0994  seclogon - ok
17:34:37.0444 0x0994  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll
17:34:37.0444 0x0994  SENS - ok
17:34:37.0454 0x0994  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
17:34:37.0464 0x0994  SensrSvc - ok
17:34:37.0494 0x0994  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
17:34:37.0494 0x0994  Serenum - ok
17:34:37.0514 0x0994  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
17:34:37.0514 0x0994  Serial - ok
17:34:37.0554 0x0994  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
17:34:37.0554 0x0994  sermouse - ok
17:34:37.0584 0x0994  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
17:34:37.0584 0x0994  SessionEnv - ok
17:34:37.0614 0x0994  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
17:34:37.0614 0x0994  sffdisk - ok
17:34:37.0634 0x0994  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
17:34:37.0634 0x0994  sffp_mmc - ok
17:34:37.0654 0x0994  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
17:34:37.0654 0x0994  sffp_sd - ok
17:34:37.0664 0x0994  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
17:34:37.0664 0x0994  sfloppy - ok
17:34:37.0734 0x0994  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:34:37.0754 0x0994  SftService - ok
17:34:37.0814 0x0994  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
17:34:37.0844 0x0994  SharedAccess - ok
17:34:37.0924 0x0994  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:34:37.0934 0x0994  ShellHWDetection - ok
17:34:37.0974 0x0994  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
17:34:37.0974 0x0994  SiSRaid2 - ok
17:34:37.0994 0x0994  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
17:34:37.0994 0x0994  SiSRaid4 - ok
17:34:38.0024 0x0994  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
17:34:38.0034 0x0994  Smb - ok
17:34:38.0064 0x0994  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
17:34:38.0064 0x0994  SNMPTRAP - ok
17:34:38.0084 0x0994  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
17:34:38.0084 0x0994  spldr - ok
17:34:38.0164 0x0994  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
17:34:38.0184 0x0994  Spooler - ok
17:34:38.0344 0x0994  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
17:34:38.0474 0x0994  sppsvc - ok
17:34:38.0494 0x0994  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
17:34:38.0494 0x0994  sppuinotify - ok
17:34:38.0614 0x0994  [ BFAE719594989D1F02B9E9CD86DB293E, 3C9504E3FB985F2FE55CA88F469376AD18234B667A13BAA74D5CC33C6A3C83B4 ] SpyroService    C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe
17:34:38.0614 0x0994  SpyroService - ok
17:34:38.0674 0x0994  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
17:34:38.0704 0x0994  srv - ok
17:34:38.0724 0x0994  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
17:34:38.0734 0x0994  srv2 - ok
17:34:38.0754 0x0994  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
17:34:38.0754 0x0994  srvnet - ok
17:34:38.0774 0x0994  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
17:34:38.0784 0x0994  SSDPSRV - ok
17:34:38.0844 0x0994  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
17:34:38.0854 0x0994  SstpSvc - ok
17:34:38.0964 0x0994  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0, AD540FB4F300731DE403FB95F110A0F3DBA25917A91EAB23966286DD88C98D17 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:34:38.0984 0x0994  STacSV - ok
17:34:39.0004 0x0994  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
17:34:39.0014 0x0994  stexstor - ok
17:34:39.0114 0x0994  [ EBA98394A7D58F7552C52192BD8FA7E6, 4238870E50132E87772300058B37E36973695CC1A5E62117EEF4B424C6A137E4 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
17:34:39.0134 0x0994  STHDA - ok
17:34:39.0174 0x0994  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
17:34:39.0174 0x0994  StillCam - ok
17:34:39.0224 0x0994  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
17:34:39.0254 0x0994  stisvc - ok
17:34:39.0284 0x0994  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:34:39.0294 0x0994  stllssvr - ok
17:34:39.0304 0x0994  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
17:34:39.0304 0x0994  swenum - ok
17:34:39.0344 0x0994  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
17:34:39.0364 0x0994  swprv - ok
17:34:39.0434 0x0994  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
17:34:39.0494 0x0994  SysMain - ok
17:34:39.0544 0x0994  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:34:39.0554 0x0994  TabletInputService - ok
17:34:39.0584 0x0994  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
17:34:39.0584 0x0994  TapiSrv - ok
17:34:39.0604 0x0994  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
17:34:39.0604 0x0994  TBS - ok
17:34:39.0724 0x0994  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
17:34:39.0814 0x0994  Tcpip - ok
17:34:39.0904 0x0994  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
17:34:39.0934 0x0994  TCPIP6 - ok
17:34:39.0974 0x0994  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
17:34:39.0974 0x0994  tcpipreg - ok
17:34:40.0024 0x0994  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
17:34:40.0024 0x0994  TDPIPE - ok
17:34:40.0054 0x0994  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
17:34:40.0054 0x0994  TDTCP - ok
17:34:40.0074 0x0994  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
17:34:40.0084 0x0994  tdx - ok
17:34:40.0134 0x0994  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
17:34:40.0134 0x0994  TermDD - ok
17:34:40.0174 0x0994  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
17:34:40.0214 0x0994  TermService - ok
17:34:40.0224 0x0994  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
17:34:40.0224 0x0994  Themes - ok
17:34:40.0254 0x0994  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
17:34:40.0254 0x0994  THREADORDER - ok
17:34:40.0274 0x0994  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
17:34:40.0284 0x0994  TrkWks - ok
17:34:40.0364 0x0994  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:34:40.0374 0x0994  TrustedInstaller - ok
17:34:40.0404 0x0994  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
17:34:40.0404 0x0994  tssecsrv - ok
17:34:40.0434 0x0994  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
17:34:40.0444 0x0994  TsUsbFlt - ok
17:34:40.0464 0x0994  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
17:34:40.0464 0x0994  TsUsbGD - ok
17:34:40.0504 0x0994  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
17:34:40.0514 0x0994  tunnel - ok
17:34:40.0534 0x0994  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
17:34:40.0534 0x0994  uagp35 - ok
17:34:40.0554 0x0994  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
17:34:40.0564 0x0994  udfs - ok
17:34:40.0584 0x0994  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
17:34:40.0594 0x0994  UI0Detect - ok
17:34:40.0624 0x0994  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
17:34:40.0634 0x0994  uliagpkx - ok
17:34:40.0644 0x0994  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
17:34:40.0644 0x0994  umbus - ok
17:34:40.0694 0x0994  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
17:34:40.0694 0x0994  UmPass - ok
17:34:40.0854 0x0994  [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:34:40.0904 0x0994  UNS - ok
17:34:40.0954 0x0994  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
17:34:40.0964 0x0994  upnphost - ok
17:34:41.0014 0x0994  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
17:34:41.0014 0x0994  USBAAPL64 - ok
17:34:41.0084 0x0994  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
17:34:41.0094 0x0994  usbaudio - ok
17:34:41.0124 0x0994  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
17:34:41.0134 0x0994  usbccgp - ok
17:34:41.0164 0x0994  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
17:34:41.0174 0x0994  usbcir - ok
17:34:41.0214 0x0994  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
17:34:41.0214 0x0994  usbehci - ok
17:34:41.0254 0x0994  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
17:34:41.0264 0x0994  usbhub - ok
17:34:41.0314 0x0994  [ FB8139DBDFE32979BDB64AA5D0D93504, 7E36F9844AE36A5756C889B97D83A0861221D930D8720C0463510C6DB152FD15 ] usbio           C:\windows\system32\Drivers\dsiarhwprog_x64.sys
17:34:41.0314 0x0994  usbio - ok
17:34:41.0344 0x0994  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\windows\system32\drivers\usbohci.sys
17:34:41.0344 0x0994  usbohci - ok
17:34:41.0404 0x0994  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
17:34:41.0404 0x0994  usbprint - ok
17:34:41.0464 0x0994  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
17:34:41.0464 0x0994  usbscan - ok
17:34:41.0514 0x0994  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
17:34:41.0524 0x0994  USBSTOR - ok
17:34:41.0584 0x0994  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
17:34:41.0584 0x0994  usbuhci - ok
17:34:41.0674 0x0994  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
17:34:41.0684 0x0994  usbvideo - ok
17:34:41.0714 0x0994  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
17:34:41.0714 0x0994  UxSms - ok
17:34:41.0734 0x0994  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe
17:34:41.0734 0x0994  VaultSvc - ok
17:34:41.0764 0x0994  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
17:34:41.0764 0x0994  vdrvroot - ok
17:34:41.0814 0x0994  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
17:34:41.0884 0x0994  vds - ok
17:34:41.0914 0x0994  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
17:34:41.0914 0x0994  vga - ok
17:34:41.0934 0x0994  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
17:34:41.0934 0x0994  VgaSave - ok
17:34:41.0954 0x0994  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
17:34:41.0964 0x0994  vhdmp - ok
17:34:42.0014 0x0994  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
17:34:42.0014 0x0994  viaide - ok
17:34:42.0054 0x0994  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
17:34:42.0054 0x0994  volmgr - ok
17:34:42.0084 0x0994  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
17:34:42.0094 0x0994  volmgrx - ok
17:34:42.0164 0x0994  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
17:34:42.0174 0x0994  volsnap - ok
17:34:42.0204 0x0994  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
17:34:42.0214 0x0994  vsmraid - ok
17:34:42.0324 0x0994  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
17:34:42.0404 0x0994  VSS - ok
17:34:42.0454 0x0994  vToolbarUpdater17.2.0 - ok
17:34:42.0494 0x0994  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
17:34:42.0494 0x0994  vwifibus - ok
17:34:42.0514 0x0994  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
17:34:42.0514 0x0994  vwififlt - ok
17:34:42.0544 0x0994  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
17:34:42.0544 0x0994  vwifimp - ok
17:34:42.0574 0x0994  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
17:34:42.0584 0x0994  W32Time - ok
17:34:42.0614 0x0994  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
17:34:42.0614 0x0994  WacomPen - ok
17:34:42.0644 0x0994  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
17:34:42.0644 0x0994  WANARP - ok
17:34:42.0664 0x0994  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
17:34:42.0664 0x0994  Wanarpv6 - ok
17:34:42.0754 0x0994  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
17:34:42.0804 0x0994  WatAdminSvc - ok
17:34:42.0874 0x0994  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
17:34:42.0924 0x0994  wbengine - ok
17:34:42.0954 0x0994  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
17:34:42.0954 0x0994  WbioSrvc - ok
17:34:42.0994 0x0994  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
17:34:43.0004 0x0994  wcncsvc - ok
17:34:43.0024 0x0994  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:34:43.0024 0x0994  WcsPlugInService - ok
17:34:43.0064 0x0994  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
17:34:43.0064 0x0994  Wd - ok
17:34:43.0114 0x0994  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
17:34:43.0154 0x0994  Wdf01000 - ok
17:34:43.0194 0x0994  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
17:34:43.0194 0x0994  WdiServiceHost - ok
17:34:43.0204 0x0994  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
17:34:43.0204 0x0994  WdiSystemHost - ok
17:34:43.0244 0x0994  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
17:34:43.0254 0x0994  WebClient - ok
17:34:43.0274 0x0994  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
17:34:43.0284 0x0994  Wecsvc - ok
17:34:43.0304 0x0994  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
17:34:43.0314 0x0994  wercplsupport - ok
17:34:43.0344 0x0994  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
17:34:43.0344 0x0994  WerSvc - ok
17:34:43.0414 0x0994  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
17:34:43.0424 0x0994  WfpLwf - ok
17:34:43.0474 0x0994  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
17:34:43.0484 0x0994  WimFltr - ok
17:34:43.0504 0x0994  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
17:34:43.0504 0x0994  WIMMount - ok
17:34:43.0524 0x0994  WinDefend - ok
17:34:43.0584 0x0994  WinHttpAutoProxySvc - ok
17:34:43.0654 0x0994  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
17:34:43.0674 0x0994  Winmgmt - ok
17:34:43.0764 0x0994  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
17:34:43.0874 0x0994  WinRM - ok
17:34:43.0934 0x0994  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
17:34:43.0934 0x0994  WinUsb - ok
17:34:43.0994 0x0994  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
17:34:44.0024 0x0994  Wlansvc - ok
17:34:44.0074 0x0994  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:34:44.0074 0x0994  wlcrasvc - ok
17:34:44.0214 0x0994  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:34:44.0304 0x0994  wlidsvc - ok
17:34:44.0344 0x0994  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
17:34:44.0344 0x0994  WmiAcpi - ok
17:34:44.0394 0x0994  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
17:34:44.0404 0x0994  wmiApSrv - ok
17:34:44.0454 0x0994  WMPNetworkSvc - ok
17:34:44.0504 0x0994  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
17:34:44.0514 0x0994  WPCSvc - ok
17:34:44.0534 0x0994  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
17:34:44.0534 0x0994  WPDBusEnum - ok
17:34:44.0564 0x0994  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
17:34:44.0564 0x0994  ws2ifsl - ok
17:34:44.0584 0x0994  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll
17:34:44.0584 0x0994  wscsvc - ok
17:34:44.0594 0x0994  WSearch - ok
17:34:44.0694 0x0994  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
17:34:44.0804 0x0994  wuauserv - ok
17:34:44.0854 0x0994  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
17:34:44.0854 0x0994  WudfPf - ok
17:34:44.0894 0x0994  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
17:34:44.0904 0x0994  WUDFRd - ok
17:34:44.0944 0x0994  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
17:34:44.0944 0x0994  wudfsvc - ok
17:34:44.0984 0x0994  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\windows\System32\wwansvc.dll
17:34:44.0994 0x0994  WwanSvc - ok
17:34:45.0144 0x0994  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:34:45.0154 0x0994  YahooAUService - ok
17:34:45.0245 0x0994  [ 25020240C87E9BD41D11DCFA694F5963, 04482BE0D04F8E1EB78EDA43A1487239398DDC471ABCA87527890CBC5A04822C ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
17:34:45.0255 0x0994  ZAtheros Bt&Wlan Coex Agent - ok
17:34:45.0295 0x0994  [ 0E2C9AD432B05A7C69756C8B9B8630DF, 6D8CA007EFFCE546625EC1CA6C1D9D6ECF44F5E688B15C40D7A44CB3F528C0D5 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
17:34:45.0295 0x0994  ZAtheros Wlan Agent - ok
17:34:45.0315 0x0994  ================ Scan global ===============================
17:34:45.0335 0x0994  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:34:45.0385 0x0994  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
17:34:45.0405 0x0994  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
17:34:45.0445 0x0994  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
17:34:45.0495 0x0994  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
17:34:45.0535 0x0994  [ Global ] - ok
17:34:45.0535 0x0994  ================ Scan MBR ==================================
17:34:45.0545 0x0994  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:34:45.0905 0x0994  \Device\Harddisk0\DR0 - ok
17:34:45.0905 0x0994  ================ Scan VBR ==================================
17:34:45.0905 0x0994  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
17:34:45.0915 0x0994  \Device\Harddisk0\DR0\Partition1 - ok
17:34:45.0915 0x0994  [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
17:34:45.0955 0x0994  \Device\Harddisk0\DR0\Partition2 - ok
17:34:45.0955 0x0994  Waiting for KSN requests completion. In queue: 73
17:34:46.0955 0x0994  Waiting for KSN requests completion. In queue: 73
17:34:47.0955 0x0994  Waiting for KSN requests completion. In queue: 73
17:34:49.0005 0x0994  Win FW state via NFP2: enabled
17:34:51.0476 0x0994  ============================================================
17:34:51.0476 0x0994  Scan finished
17:34:51.0476 0x0994  ============================================================
17:34:51.0486 0x0ffc  Detected object count: 0
17:34:51.0486 0x0ffc  Actual detected object count: 0
17:35:36.0288 0x0420  Deinitialize success
 

 

And here is the aswMBR log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-09 17:42:13
-----------------------------
17:42:13.923    OS Version: Windows x64 6.1.7601 Service Pack 1
17:42:13.923    Number of processors: 4 586 0x2505
17:42:13.924    ComputerName: JBAP-PC  UserName: JBA P
17:42:15.437    Initialize success
17:45:11.828    AVAST engine defs: 14030901
17:45:20.829    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:45:20.859    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
17:45:21.009    Disk 0 MBR read successfully
17:45:21.009    Disk 0 MBR scan
17:45:21.019    Disk 0 Windows 7 default MBR code
17:45:21.049    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
17:45:21.069    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848
17:45:21.079    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       595378 MB offset 30926848
17:45:21.119    Disk 0 scanning C:\windows\system32\drivers
17:45:32.340    Service scanning
17:45:59.132    Modules scanning
17:45:59.142    Disk 0 trace - called modules:
17:45:59.182    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:45:59.212    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c14060]
17:45:59.212    3 CLASSPNP.SYS[fffff880013b643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004970050]
17:46:01.052    AVAST engine scan C:\windows
17:46:04.902    AVAST engine scan C:\windows\system32
17:50:26.449    AVAST engine scan C:\windows\system32\drivers
17:51:46.405    AVAST engine scan C:\Users\JBA P
18:11:45.034    AVAST engine scan C:\ProgramData
18:46:54.128    Scan finished successfully
19:20:26.309    Disk 0 MBR has been saved successfully to "C:\Users\JBA P\Desktop\MBR.dat"
19:20:26.319    The log file has been saved successfully to "C:\Users\JBA P\Desktop\aswMBR.txt"

 



#34 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 09 March 2014 - 06:34 PM

Hi Steve,

 

Before taking any more steps I would like us to be able to see a fresh report on the state of your computer.  Please rerun Farbar Recovery Scan Tool and be sure to place a check mark in addition.txt.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#35 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 09 March 2014 - 07:04 PM

Here is the FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014
Ran by JBA P (administrator) on JBAP-PC on 09-03-2014 19:59:59
Running from C:\Users\JBA P\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\windows\SysWOW64\PnkBstrA.exe
() C:\windows\SysWOW64\PnkBstrB.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(FS) C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell) C:\Users\JBA P\AppData\Local\Apps\2.0\7RL0DAHN.ZKD\CJN83JBK.NQR\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(AVAST Software) C:\Users\JBA P\Desktop\aswMBR.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [495746 2011-02-14] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\...\Run: [DellSystemDetect] - C:\Users\JBA P\AppData\Local\Apps\2.0\7RL0DAHN.ZKD\CJN83JBK.NQR\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [253952 2014-03-02] (Dell)
HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-1015218451-1290133160-4184035611-1006\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {A82A80B7-87FF-4521-9D83-C2964F0F6495} URL = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131252,20028,0,85,0
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\JBA P\AppData\Roaming\Mozilla\Firefox\Profiles\badpz2dl.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\JBA P\AppData\Local\Roblox\Versions\version-e6e28771c8004032\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\JBA P\AppData\Roaming\Mozilla\Firefox\Profiles\badpz2dl.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JBA P\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: ArcadeParlor - C:\Users\JBA P\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2013-12-26]
FF Extension: ArcadeParlor - C:\Users\JBA P\AppData\Roaming\Mozilla\Firefox\Profiles\badpz2dl.default\Extensions\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-02]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-02]

Chrome:
=======
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP18A873B9-05EE-4915-AB08-9E27D75B0474&q={searchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Wallet) - C:\Users\JBA P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-09-15]

==================== Services (Whitelisted) =================

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-05] (WildTangent)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-03-02] ()
R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [189248 2014-03-02] ()
R2 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [48128 2012-01-31] (FS)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [159360 2012-03-08] (Atheros)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros)
S3 0045371314211640mcinstcleanup; C:\windows\TEMP\004537~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54200 2012-09-26] (Thesycon GmbH, Germany)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
U3 aswMBR; \??\C:\Users\JBAP~1\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 19:59 - 2014-03-09 19:59 - 00000000 ____D () C:\Users\JBA P\Desktop\FRST-OlderVersion
2014-03-09 19:20 - 2014-03-09 19:20 - 00001901 _____ () C:\Users\JBA P\Desktop\aswMBR.txt
2014-03-09 19:20 - 2014-03-09 19:20 - 00000512 _____ () C:\Users\JBA P\Desktop\MBR.dat
2014-03-09 17:40 - 2014-03-09 17:40 - 04745728 _____ (AVAST Software) C:\Users\JBA P\Desktop\aswMBR.exe
2014-03-09 17:28 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\JBA P\Desktop\TDSSKiller.exe
2014-03-08 23:44 - 2014-03-08 23:44 - 00025358 _____ () C:\ComboFix.txt
2014-03-08 19:02 - 2014-03-08 19:02 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\TuneUp Software
2014-03-07 21:32 - 2014-03-07 21:32 - 05187267 ____R (Swearware) C:\Users\JBA P\Desktop\ComboFix.exe
2014-03-07 20:21 - 2014-03-07 20:21 - 11493480 _____ (OPSWAT, Inc.) C:\Users\JBA P\Downloads\AppRemover.exe
2014-03-07 20:18 - 2014-03-07 20:18 - 00000000 ____D () C:\windows\pss
2014-03-07 19:03 - 2014-03-07 19:03 - 00050176 _____ () C:\Users\JBA P\Documents\WhatInStartup.txt
2014-03-07 19:00 - 2014-03-07 19:00 - 00074867 _____ () C:\Users\JBA P\Desktop\whatinstartup-x64.zip
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\FileAssociationManager
2014-03-07 13:35 - 2014-03-07 13:35 - 00047545 _____ () C:\Users\JBA P\Documents\Summary.zip
2014-03-07 13:22 - 2014-03-07 13:22 - 01104138 _____ () C:\Users\JBA P\Documents\Summary.nfo
2014-03-07 11:04 - 2014-03-07 18:41 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-07 11:04 - 2014-03-07 11:04 - 00001270 _____ () C:\Users\JBA P\Desktop\Revo Uninstaller.lnk
2014-03-07 11:03 - 2014-03-07 11:03 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JBA P\Desktop\revosetup.exe
2014-03-06 20:43 - 2014-03-06 20:45 - 00056361 _____ () C:\Users\JBA P\Desktop\Addition.txt
2014-03-06 20:41 - 2014-03-09 20:00 - 00024375 _____ () C:\Users\JBA P\Desktop\FRST.txt
2014-03-06 20:41 - 2014-03-09 19:59 - 00000000 ____D () C:\FRST
2014-03-06 20:39 - 2014-03-09 19:59 - 02157056 _____ (Farbar) C:\Users\JBA P\Desktop\FRST64.exe
2014-03-04 21:32 - 2014-03-07 18:48 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
2014-03-04 21:32 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files (x86)\Search-Protect
2014-03-04 21:32 - 2014-03-04 21:32 - 00003546 _____ () C:\windows\System32\Tasks\FileAssociationManagerUpdater
2014-03-04 21:32 - 2014-03-04 21:32 - 00003530 _____ () C:\windows\System32\Tasks\Search-Protect
2014-03-03 11:26 - 2014-03-03 11:28 - 00023167 _____ () C:\Users\JBA P\Desktop\attach.txt
2014-03-03 11:26 - 2014-03-03 11:27 - 00033100 _____ () C:\Users\JBA P\Desktop\dds.txt
2014-03-03 10:57 - 2014-03-03 10:57 - 00688992 ____R (Swearware) C:\Users\JBA P\Downloads\dds.com
2014-03-03 10:30 - 2014-03-07 18:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 10:30 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files\iTunes
2014-03-03 10:30 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-03 10:30 - 2014-03-07 18:41 - 00000000 ____D () C:\Program Files\iPod
2014-03-03 10:30 - 2014-03-03 10:30 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 10:23 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-03 10:23 - 2014-03-03 10:23 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-02 20:33 - 2014-03-02 20:33 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-03-02 20:32 - 2014-03-02 20:32 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-03-02 20:32 - 2014-03-02 20:32 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-03-02 20:16 - 2014-03-07 18:40 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-03-02 19:46 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-03-02 19:41 - 2014-03-02 19:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-02 19:40 - 2014-03-02 19:40 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-02 19:17 - 2014-03-02 19:17 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-03-02 19:16 - 2014-03-07 18:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 19:16 - 2014-03-06 20:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-02 19:13 - 2014-03-02 19:13 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\JBA P\Downloads\spybot-2.2.exe
2014-03-02 18:42 - 2014-03-02 18:42 - 18142384 _____ (SUPERAntiSpyware) C:\Users\JBA P\Downloads\SUPERAntiSpyware(1).exe
2014-03-02 18:24 - 2014-03-07 18:48 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\SUPERAntiSpyware.com
2014-03-02 18:22 - 2014-03-02 18:22 - 18142384 _____ (SUPERAntiSpyware) C:\Users\JBA P\Downloads\SUPERAntiSpyware.exe
2014-03-02 17:56 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files\IDT
2014-03-02 17:55 - 2014-03-02 17:55 - 30806440 _____ () C:\Users\JBA P\Downloads\R308434.exe
2014-03-02 16:49 - 2014-03-08 19:07 - 00000000 ____D () C:\Users\JBA P\AppData\Local\CrashDumps
2014-03-02 16:49 - 2014-03-07 18:47 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-02 16:40 - 2014-03-07 18:48 - 00000000 ___RD () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-02 16:40 - 2014-03-02 16:40 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Atheros
2014-03-02 16:39 - 2014-03-02 16:39 - 00000000 ____D () C:\Users\JBA P\Documents\Bluetooth Folder
2014-03-02 16:38 - 2014-03-07 18:48 - 00000000 ____D () C:\windows\system32\nn-NO
2014-03-02 16:38 - 2014-03-07 18:39 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-02 16:38 - 2014-03-02 16:38 - 00000000 ____D () C:\windows\Options
2014-03-02 16:38 - 2012-03-08 18:37 - 00439296 _____ (Atheros) C:\windows\system32\athihvs.dll
2014-03-02 16:38 - 2012-03-08 18:37 - 00060416 _____ (Atheros) C:\windows\system32\athihvui.dll
2014-03-02 16:34 - 2014-03-02 16:36 - 160094208 _____ () C:\Users\JBA P\Downloads\DW1703_W7_A00_Setup-W1GV9_ZPE.exe
2014-03-02 13:50 - 2014-03-02 13:51 - 84704944 _____ () C:\Users\JBA P\Downloads\R302552.exe
2014-03-02 13:43 - 2014-03-02 13:43 - 02720464 _____ () C:\Users\JBA P\Desktop\R302527.exe
2014-03-02 13:41 - 2014-03-07 18:48 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-03-02 13:40 - 2014-03-02 13:40 - 00404048 _____ () C:\Users\JBA P\Downloads\DellSystemDetect.exe
2014-02-28 20:46 - 2014-03-07 18:42 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\PCDr
2014-02-28 20:45 - 2014-02-28 20:46 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-28 20:45 - 2014-02-28 20:45 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-02-28 19:51 - 2014-03-02 16:47 - 00002970 _____ () C:\windows\system32\Drivers\stwrte.log
2014-02-14 13:21 - 2014-03-07 18:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 20:54 - 2013-12-21 05:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 20:54 - 2013-12-21 04:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 20:51 - 2014-02-06 08:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 20:51 - 2014-02-06 07:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 20:51 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-12 20:51 - 2014-02-06 07:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 20:51 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 20:51 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-12 20:51 - 2014-02-06 06:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 20:51 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 20:51 - 2014-02-06 06:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-12 20:51 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-12 20:51 - 2014-02-06 06:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-12 20:51 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-12 20:51 - 2014-02-06 06:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 20:51 - 2014-02-06 06:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 20:51 - 2014-02-06 06:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-12 20:51 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 20:51 - 2014-02-06 06:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 20:51 - 2014-02-06 06:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 20:51 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-12 20:51 - 2014-02-06 05:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 20:51 - 2014-02-06 05:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 20:51 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 20:51 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 20:51 - 2014-02-06 05:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-12 20:51 - 2014-02-06 05:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-12 20:51 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-12 20:51 - 2014-02-06 05:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-12 20:51 - 2014-02-06 05:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 20:51 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 20:51 - 2014-02-06 05:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 20:51 - 2014-02-06 05:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 20:51 - 2014-02-06 05:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 20:51 - 2014-02-06 05:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-12 20:51 - 2014-02-06 05:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 20:51 - 2014-02-06 04:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 20:51 - 2014-02-06 04:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 20:51 - 2014-02-06 04:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-12 20:51 - 2014-02-06 04:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 20:51 - 2014-02-06 04:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-11 20:09 - 2013-12-31 19:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-11 20:09 - 2013-12-31 19:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-11 20:09 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-11 20:09 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-11 20:09 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-11 20:09 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-11 20:09 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-11 20:09 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-11 20:09 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-11 20:09 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-11 20:09 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-11 20:09 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-11 20:09 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-11 20:09 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-11 20:09 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-11 20:09 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-11 20:09 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-11 20:09 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 20:09 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-11 20:09 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-11 20:09 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-11 20:09 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-11 20:09 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 20:09 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-11 20:08 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-11 20:08 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-11 20:08 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-11 20:08 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-10 17:27 - 2014-02-10 17:27 - 00272224 _____ () C:\windows\Minidump\021014-45146-01.dmp
2014-02-10 17:25 - 2014-03-02 18:59 - 307353438 _____ () C:\windows\MEMORY.DMP
2014-02-09 16:31 - 2014-02-09 16:31 - 00000000 ____D () C:\found.004

==================== One Month Modified Files and Folders =======

2014-03-09 20:00 - 2014-03-06 20:41 - 00024375 _____ () C:\Users\JBA P\Desktop\FRST.txt
2014-03-09 20:00 - 2011-08-18 12:07 - 01090628 _____ () C:\windows\WindowsUpdate.log
2014-03-09 19:59 - 2014-03-09 19:59 - 00000000 ____D () C:\Users\JBA P\Desktop\FRST-OlderVersion
2014-03-09 19:59 - 2014-03-06 20:41 - 00000000 ____D () C:\FRST
2014-03-09 19:59 - 2014-03-06 20:39 - 02157056 _____ (Farbar) C:\Users\JBA P\Desktop\FRST64.exe
2014-03-09 19:57 - 2012-10-21 20:48 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 19:20 - 2014-03-09 19:20 - 00001901 _____ () C:\Users\JBA P\Desktop\aswMBR.txt
2014-03-09 19:20 - 2014-03-09 19:20 - 00000512 _____ () C:\Users\JBA P\Desktop\MBR.dat
2014-03-09 19:18 - 2012-10-30 11:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 17:40 - 2014-03-09 17:40 - 04745728 _____ (AVAST Software) C:\Users\JBA P\Desktop\aswMBR.exe
2014-03-09 17:39 - 2011-09-13 09:26 - 00000000 ____D () C:\Users\JBA P\AppData\Local\Apps\2.0
2014-03-09 03:57 - 2012-10-21 20:48 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 23:44 - 2014-03-08 23:44 - 00025358 _____ () C:\ComboFix.txt
2014-03-08 23:44 - 2014-01-05 13:01 - 00000000 ____D () C:\Qoobox
2014-03-08 19:29 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini
2014-03-08 19:13 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 19:13 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 19:07 - 2014-03-02 16:49 - 00000000 ____D () C:\Users\JBA P\AppData\Local\CrashDumps
2014-03-08 19:05 - 2014-01-06 18:42 - 00022922 _____ () C:\windows\PFRO.log
2014-03-08 19:05 - 2014-01-06 18:42 - 00004453 _____ () C:\windows\setupact.log
2014-03-08 19:05 - 2011-11-17 14:50 - 00000000 ____D () C:\ProgramData\AVG2012
2014-03-08 19:05 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-08 19:03 - 2011-08-24 21:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-08 19:02 - 2014-03-08 19:02 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\TuneUp Software
2014-03-08 19:02 - 2012-08-27 12:38 - 00000000 ____D () C:\$AVG
2014-03-08 02:16 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-03-07 21:48 - 2014-01-05 13:01 - 00000000 ____D () C:\windows\erdnt
2014-03-07 21:36 - 2014-01-05 13:00 - 05187267 ____R (Swearware) C:\Users\JBA P\Downloads\ComboFix.exe
2014-03-07 21:32 - 2014-03-07 21:32 - 05187267 ____R (Swearware) C:\Users\JBA P\Desktop\ComboFix.exe
2014-03-07 20:21 - 2014-03-07 20:21 - 11493480 _____ (OPSWAT, Inc.) C:\Users\JBA P\Downloads\AppRemover.exe
2014-03-07 20:18 - 2014-03-07 20:18 - 00000000 ____D () C:\windows\pss
2014-03-07 19:03 - 2014-03-07 19:03 - 00050176 _____ () C:\Users\JBA P\Documents\WhatInStartup.txt
2014-03-07 19:00 - 2014-03-07 19:00 - 00074867 _____ () C:\Users\JBA P\Desktop\whatinstartup-x64.zip
2014-03-07 18:52 - 2011-08-24 14:47 - 00000000 ____D () C:\Users\JBA P
2014-03-07 18:49 - 2013-03-06 16:08 - 00000000 ____D () C:\Users\Kids
2014-03-07 18:48 - 2014-03-04 21:32 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
2014-03-07 18:48 - 2014-03-02 18:24 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\SUPERAntiSpyware.com
2014-03-07 18:48 - 2014-03-02 16:40 - 00000000 ___RD () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-07 18:48 - 2014-03-02 16:38 - 00000000 ____D () C:\windows\system32\nn-NO
2014-03-07 18:48 - 2014-03-02 13:41 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-03-07 18:48 - 2013-06-02 09:19 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\.minecraft
2014-03-07 18:48 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-03-07 18:48 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-07 18:47 - 2014-03-04 21:32 - 00000000 ____D () C:\Program Files (x86)\Search-Protect
2014-03-07 18:47 - 2014-03-03 10:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-07 18:47 - 2014-03-03 10:30 - 00000000 ____D () C:\Program Files\iTunes
2014-03-07 18:47 - 2014-03-03 10:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-07 18:47 - 2014-03-03 10:23 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-07 18:47 - 2014-03-02 19:46 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-03-07 18:47 - 2014-03-02 19:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-07 18:47 - 2014-03-02 17:56 - 00000000 ____D () C:\Program Files\IDT
2014-03-07 18:47 - 2014-03-02 16:49 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-07 18:47 - 2014-02-14 13:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-07 18:47 - 2013-12-26 16:31 - 00000000 ____D () C:\Program Files (x86)\FileAssociationManager
2014-03-07 18:47 - 2013-06-02 07:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-07 18:47 - 2011-10-20 13:38 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-07 18:47 - 2011-08-18 12:35 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-03-07 18:46 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2014-03-07 18:45 - 2012-10-21 20:45 - 00000000 ____D () C:\windows\SysWOW64\Adobe
2014-03-07 18:45 - 2012-07-10 09:48 - 00000000 ____D () C:\windows\SysWOW64\AGEIA
2014-03-07 18:45 - 2011-08-18 12:23 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-03-07 18:44 - 2012-10-30 11:40 - 00000000 ____D () C:\windows\system32\Macromed
2014-03-07 18:43 - 2014-01-05 12:43 - 00000000 ____D () C:\windows\ERUNT
2014-03-07 18:43 - 2013-04-21 14:07 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\Mozilla
2014-03-07 18:43 - 2013-03-18 15:49 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\WildTangent
2014-03-07 18:43 - 2013-03-06 16:08 - 00000000 ___RD () C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-07 18:43 - 2012-12-09 18:08 - 00000000 ____D () C:\windows\Action Replay DSi Code Manager
2014-03-07 18:43 - 2012-02-06 12:03 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-03-07 18:43 - 2011-12-19 20:26 - 00000000 ____D () C:\Users\Public\Sony Online Entertainment
2014-03-07 18:42 - 2014-02-28 20:46 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\PCDr
2014-03-07 18:42 - 2014-01-20 20:45 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Reincubate
2014-03-07 18:42 - 2014-01-20 20:45 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2014-03-07 18:42 - 2014-01-20 12:49 - 00000000 ____D () C:\Users\JBA P\Downloads\Server
2014-03-07 18:42 - 2013-04-21 14:07 - 00000000 ____D () C:\Users\Kids\AppData\Local\Mozilla
2014-03-07 18:42 - 2013-04-13 13:14 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\.minecraft
2014-03-07 18:42 - 2013-03-24 11:31 - 00000000 ____D () C:\Users\Kids\AppData\Local\Microsoft Games
2014-03-07 18:42 - 2013-03-15 17:35 - 00000000 ____D () C:\Users\Kids\AppData\Local\Google
2014-03-07 18:42 - 2013-03-06 16:09 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\Creative
2014-03-07 18:42 - 2013-03-06 16:09 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\AVG2012
2014-03-07 18:42 - 2013-03-06 16:09 - 00000000 ____D () C:\Users\Kids\AppData\Local\Dell
2014-03-07 18:42 - 2013-03-06 16:08 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\Macromedia
2014-03-07 18:42 - 2012-12-07 19:51 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\HB Studios
2014-03-07 18:42 - 2012-07-09 19:38 - 00000000 ____D () C:\Users\JBA P\AppData\Local\Roblox
2014-03-07 18:42 - 2012-05-14 15:57 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\WildTangent
2014-03-07 18:42 - 2011-12-03 01:08 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\funkitron
2014-03-07 18:42 - 2011-12-03 00:44 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Namco
2014-03-07 18:41 - 2014-03-07 11:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-07 18:41 - 2014-03-03 10:30 - 00000000 ____D () C:\Program Files\iPod
2014-03-07 18:41 - 2014-01-05 17:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-07 18:41 - 2013-12-26 16:31 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-07 18:41 - 2013-07-18 20:15 - 00000000 ____D () C:\ProgramData\Symantec
2014-03-07 18:41 - 2013-07-18 20:15 - 00000000 ____D () C:\ProgramData\Norton
2014-03-07 18:41 - 2012-10-21 20:48 - 00000000 ____D () C:\Users\JBA P\AppData\Local\Google
2014-03-07 18:41 - 2012-04-10 11:44 - 00000000 ____D () C:\ProgramData\HipSoft
2014-03-07 18:41 - 2012-04-09 09:24 - 00000000 ____D () C:\ProgramData\Citrix
2014-03-07 18:41 - 2012-02-19 12:52 - 00000000 ____D () C:\Users\JBA P\AppData\Local\Microsoft Games
2014-03-07 18:41 - 2011-11-21 16:48 - 00000000 ____D () C:\ProgramData\KingsIsle Entertainment
2014-03-07 18:41 - 2011-10-20 13:38 - 00000000 ____D () C:\ProgramData\Apple
2014-03-07 18:41 - 2011-08-18 12:31 - 00000000 ____D () C:\ProgramData\Dell
2014-03-07 18:40 - 2014-03-02 20:16 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-03-07 18:40 - 2013-12-28 04:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-03-07 18:40 - 2013-12-21 11:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-07 18:40 - 2011-08-18 12:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-07 18:39 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-07 18:39 - 2013-07-11 15:19 - 00000000 ____D () C:\found.003
2014-03-07 18:38 - 2014-01-05 12:32 - 00000000 ____D () C:\AdwCleaner
2014-03-07 18:38 - 2012-11-15 08:43 - 00000000 ____D () C:\1641fa046f6f9fdecb84879f49cf85
2014-03-07 18:38 - 2011-08-18 16:21 - 00000000 ____D () C:\Dell
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\FileAssociationManager
2014-03-07 13:35 - 2014-03-07 13:35 - 00047545 _____ () C:\Users\JBA P\Documents\Summary.zip
2014-03-07 13:22 - 2014-03-07 13:22 - 01104138 _____ () C:\Users\JBA P\Documents\Summary.nfo
2014-03-07 11:04 - 2014-03-07 11:04 - 00001270 _____ () C:\Users\JBA P\Desktop\Revo Uninstaller.lnk
2014-03-07 11:03 - 2014-03-07 11:03 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JBA P\Desktop\revosetup.exe
2014-03-06 20:45 - 2014-03-06 20:43 - 00056361 _____ () C:\Users\JBA P\Desktop\Addition.txt
2014-03-06 20:31 - 2014-03-02 19:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-04 21:32 - 2014-03-04 21:32 - 00003546 _____ () C:\windows\System32\Tasks\FileAssociationManagerUpdater
2014-03-04 21:32 - 2014-03-04 21:32 - 00003530 _____ () C:\windows\System32\Tasks\Search-Protect
2014-03-04 10:39 - 2011-08-18 12:51 - 00002506 _____ () C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
2014-03-03 23:05 - 2012-10-21 20:49 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 11:28 - 2014-03-03 11:26 - 00023167 _____ () C:\Users\JBA P\Desktop\attach.txt
2014-03-03 11:27 - 2014-03-03 11:26 - 00033100 _____ () C:\Users\JBA P\Desktop\dds.txt
2014-03-03 10:57 - 2014-03-03 10:57 - 00688992 ____R (Swearware) C:\Users\JBA P\Downloads\dds.com
2014-03-03 10:30 - 2014-03-03 10:30 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 10:23 - 2014-03-03 10:23 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-02 20:33 - 2014-03-02 20:33 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-03-02 20:32 - 2014-03-02 20:32 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-03-02 20:32 - 2014-03-02 20:32 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-03-02 19:41 - 2014-03-02 19:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-02 19:40 - 2014-03-02 19:40 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-02 19:40 - 2014-03-02 19:40 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-02 19:17 - 2014-03-02 19:17 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-03-02 19:13 - 2014-03-02 19:13 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\JBA P\Downloads\spybot-2.2.exe
2014-03-02 18:59 - 2014-02-10 17:25 - 307353438 _____ () C:\windows\MEMORY.DMP
2014-03-02 18:42 - 2014-03-02 18:42 - 18142384 _____ (SUPERAntiSpyware) C:\Users\JBA P\Downloads\SUPERAntiSpyware(1).exe
2014-03-02 18:40 - 2014-01-05 14:29 - 00000000 ____D () C:\ProgramData\Fighters
2014-03-02 18:22 - 2014-03-02 18:22 - 18142384 _____ (SUPERAntiSpyware) C:\Users\JBA P\Downloads\SUPERAntiSpyware.exe
2014-03-02 18:02 - 2009-07-14 01:08 - 00032550 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-02 17:55 - 2014-03-02 17:55 - 30806440 _____ () C:\Users\JBA P\Downloads\R308434.exe
2014-03-02 16:47 - 2014-02-28 19:51 - 00002970 _____ () C:\windows\system32\Drivers\stwrte.log
2014-03-02 16:44 - 2009-07-14 01:13 - 00810436 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-02 16:40 - 2014-03-02 16:40 - 00000000 ____D () C:\Users\JBA P\AppData\Roaming\Atheros
2014-03-02 16:40 - 2012-03-08 19:30 - 00246804 _____ () C:\windows\system32\Drivers\AtherosBt.bin
2014-03-02 16:40 - 2012-03-08 19:30 - 00001796 _____ () C:\windows\system32\Drivers\ramps_0x11020000_40.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001434 _____ () C:\windows\system32\Drivers\ramps_0x31010000_40.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001242 _____ () C:\windows\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001228 _____ () C:\windows\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001214 _____ () C:\windows\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001204 _____ () C:\windows\system32\Drivers\ramps_0x01020201_40.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001204 _____ () C:\windows\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001204 _____ () C:\windows\system32\Drivers\ramps_0x01020200_40.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001198 _____ () C:\windows\system32\Drivers\ramps_0x01020201_26.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001198 _____ () C:\windows\system32\Drivers\ramps_0x01020200_26.dfu
2014-03-02 16:40 - 2012-03-08 19:30 - 00001192 _____ () C:\windows\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2014-03-02 16:39 - 2014-03-02 16:39 - 00000000 ____D () C:\Users\JBA P\Documents\Bluetooth Folder
2014-03-02 16:38 - 2014-03-02 16:38 - 00000000 ____D () C:\windows\Options
2014-03-02 16:36 - 2014-03-02 16:34 - 160094208 _____ () C:\Users\JBA P\Downloads\DW1703_W7_A00_Setup-W1GV9_ZPE.exe
2014-03-02 13:51 - 2014-03-02 13:50 - 84704944 _____ () C:\Users\JBA P\Downloads\R302552.exe
2014-03-02 13:43 - 2014-03-02 13:43 - 02720464 _____ () C:\Users\JBA P\Desktop\R302527.exe
2014-03-02 13:43 - 2011-09-13 09:26 - 00000000 ____D () C:\Users\JBA P\AppData\Local\Deployment
2014-03-02 13:40 - 2014-03-02 13:40 - 00404048 _____ () C:\Users\JBA P\Downloads\DellSystemDetect.exe
2014-02-28 20:46 - 2014-02-28 20:45 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-28 20:45 - 2014-02-28 20:45 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-02-28 20:38 - 2011-08-18 12:46 - 00000000 ____D () C:\ProgramData\Sonic
2014-02-28 19:47 - 2011-08-24 14:50 - 00000072 _____ () C:\windows\SysWOW64\ToasterLauncherLog.log
2014-02-28 19:47 - 2011-08-18 13:08 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-28 19:08 - 2011-11-01 19:47 - 00002454 ____N () C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-02-27 15:26 - 2014-03-09 17:28 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\JBA P\Desktop\TDSSKiller.exe
2014-02-22 11:18 - 2012-10-30 11:40 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 11:18 - 2012-10-30 11:40 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 11:18 - 2011-08-18 12:23 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-15 14:01 - 2012-05-30 08:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 04:52 - 2012-10-21 20:48 - 00003892 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 04:52 - 2012-10-21 20:48 - 00003640 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 23:04 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-02-12 22:18 - 2011-09-13 20:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 22:18 - 2011-08-18 12:25 - 00805278 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-10 17:27 - 2014-02-10 17:27 - 00272224 _____ () C:\windows\Minidump\021014-45146-01.dmp
2014-02-10 17:27 - 2012-11-10 13:55 - 00000000 ____D () C:\windows\Minidump
2014-02-09 16:31 - 2014-02-09 16:31 - 00000000 ____D () C:\found.004

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 21:21

==================== End Of Log ============================

 

And here is the Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014
Ran by JBA P at 2014-03-09 20:00:30
Running from C:\Users\JBA P\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

1912 Titanic Mystery (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version:  - )
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Abyss: The Wraiths of Eden Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Action Replay DSi Code Manager (HKLM\...\Action Replay DSi Code Manager_is1) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Air Conflicts: Secret Wars (x32 Version: 2.2.0.98 - WildTangent) Hidden
All My Gods (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
Backyard Sports - Sandlot Sluggers (x32 Version: 2.2.0.95 - WildTangent) Hidden
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blue's Clues: Meet Blue's Baby Brother (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Building Thinking Skills Level 1 (HKLM-x32\...\Building Thinking Skills Level 1) (Version: 1.1.4.0 - The Critical Thinking Co.)
Building Thinking Skills Level 2 (HKLM-x32\...\Building Thinking Skills Level 2) (Version: 1.1.3.0 - The Critical Thinking Co.)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Chessmaster Challenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Clone Wars (HKCU\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
Cruel Games: Red Riding Hood (x32 Version: 3.0.2.38 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.32 - WildTangent) Hidden
CWA Reminder by We-Care.com v4.1.24.3 (HKLM-x32\...\{0228288D-975E-42F7-9993-E91A82E6BBD9}) (Version: 4.1.24.3 - We-Care.com)
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Mysteries: The Soul Keeper Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Deal or No Deal (x32 Version: 2.2.0.98 - WildTangent) Hidden
Deer Drive (x32 Version: 2.2.0.95 - WildTangent) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{89263C19-557E-4D23-AAD7-113F6175DFC1}) (Version: 1.5.402.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.1 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.66 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.5.0.19 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.1.1408 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.1.1408 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.41 - Creative Technology Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
File Association Manager (HKLM-x32\...\FileAssociationManager) (Version: 0.7 - Amnis Technology Ltd)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut (HKLM-x32\...\WTA-b1f78596-a245-47a5-96b1-3a95fc932126) (Version: 2.2.0.110 - )
FlatOut (x32 Version: 2.2.0.110 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Halloween: Trick or Treat (x32 Version: 3.0.2.32 - WildTangent) Hidden
Haunting Mysteries: The Island of Lost Souls Premium Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hunting Unlimited 2010 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hunting Unlimited 2011 (x32 Version: 2.2.0.95 - WildTangent) Hidden
I SPY Spooky Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
I SPY Treasure Hunt (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ice Cream Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Inspector Magnusson - Murder on the Titanic (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.7.4.0 - Reincubate Ltd)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Joining Hands (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monopoly® (x32 Version: 3.0.2.32 - WildTangent) Hidden
Monument Builders: Eiffel Tower™ (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nancy Drew®: The Final Scene (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Puzzle Quest - Challenge of the Warlords (x32 Version: 2.2.0.95 - WildTangent) Hidden
Puzzle Quest 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Rescue Team 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rescue Team Bundle (x32 Version: 2.2.0.110 - WildTangent) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROBLOX Player for JBA P (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for JBA P (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Run N Gun Football (x32 Version: 2.2.0.95 - WildTangent) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Search-Protect (HKLM-x32\...\Search-Protect) (Version: 0.1.0.0 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Special Enquiry Detail: Engaged to Kill (x32 Version: 2.2.0.110 - WildTangent) Hidden
SpongeBob Typing (x32 Version: 2.2.0.98 - WildTangent) Hidden
SpyroDriver (HKLM-x32\...\{63104E84-532C-4011-A4F4-AD6EDF8CC214}) (Version: 1.07.0000 - FS)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater By SweetPacks 2.0.0.586 (Version: 2.0.0.586 - SweetPacks) Hidden <==== ATTENTION
Video Converter Bundle (HKLM-x32\...\Video Converter Bundle) (Version: 1.0.0.0 - Perion)
Virtual City 2: Paradise Resort! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
War Chess (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Datel Design & Development (usbio) USBIOControlledDevices  (04/21/2009 2.40.0.0) (HKLM\...\30853F7174C6EB267FDAABE50A369169D18DA611) (Version: 04/21/2009 2.40.0.0 - Datel Design & Development)
Windows Driver Package - Datel Design & Development USBIOControlledDevices  (04/21/2009 2.40.0.0) (HKLM\...\8555DF8099612EF2F8333DC0EC454113D4537E7B) (Version: 04/21/2009 2.40.0.0 - Datel Design & Development)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Winferno Registry Power Cleaner (HKLM-x32\...\RegPowerClean_is1) (Version: 2012 - Winferno.com)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip Driver Updater (HKLM-x32\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.11339 - WinZip Computing, S.L. (WinZip Computing))
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zeal (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zoo Empire (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

07-03-2014 08:00:12 Windows Update
07-03-2014 19:06:27 Revo Uninstaller's restore point - Wizard101
07-03-2014 19:54:22 Restore Operation
07-03-2014 20:15:04 Windows Update
07-03-2014 22:34:34 Restore Operation
08-03-2014 08:00:12 Windows Update
08-03-2014 23:01:31 Removed AVG 2012
08-03-2014 23:03:04 Removed AVG 2012
09-03-2014 08:00:12 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-03-07 21:50 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {168D9959-7DA6-42FB-A205-9B42D6540566} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-21] (Google Inc.)
Task: {4FFD600B-C1FB-4D39-B6B3-64BA0D30B633} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {5122FE35-A798-4B63-A5ED-4F6FECB1724E} - System32\Tasks\{E07E2850-3EF2-4281-A232-9D74CF4A9CAE} => D:\setup.exe
Task: {5250D4F4-3D28-417F-B00E-F7098AAC64BA} - \GoforFilesUpdate No Task File
Task: {5C2A0EEB-3686-425B-9132-846379939CF8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {6674B256-F665-47A4-B540-18C24E0630E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {83820984-529D-4C7B-A948-F8290CC9DFE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-21] (Google Inc.)
Task: {90CC5A7B-95E1-4B8D-B943-71AE9B8C5B69} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
Task: {9ABD81C2-497A-4843-923A-7B60ED54BCA0} - System32\Tasks\Search-Protect => C:\Program Files (x86)\Search-Protect\Updater.exe [2014-03-04] (Search-Protect)
Task: {D5AB5B00-D87B-4AE9-A493-669CE4FDA7A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DBC3CE3E-3887-432C-A3E2-6BF9F31BE758} - System32\Tasks\FileAssociationManagerUpdater => C:\Program Files (x86)\FileAssociationManager\Updater.exe
Task: {E64942AB-2839-4887-82E0-302348D8AE01} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-02 20:32 - 2014-03-02 20:32 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-03-02 20:33 - 2014-03-02 20:33 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2011-08-08 19:26 - 2011-08-08 19:26 - 00475200 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2011-08-08 19:26 - 2011-08-08 19:26 - 00891456 _____ () C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-18 13:08 - 2010-08-11 19:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2011-08-18 13:08 - 2010-08-11 19:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2011-08-18 13:08 - 2010-08-11 19:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2011-11-03 16:02 - 2011-11-03 16:02 - 00142336 _____ () C:\Program Files (x86)\FS\Spyro Portal\SpyroLibrary.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2007-04-13 10:39 - 2007-04-13 10:39 - 00252672 _____ () C:\Program Files (x86)\Dell\Stage Remote\kgl.dll
2011-07-17 11:35 - 2011-07-17 11:35 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-07-06 17:53 - 2011-07-06 17:53 - 00068160 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\DMRUI.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2007-04-19 09:28 - 2007-04-19 09:28 - 00436992 _____ () C:\Program Files (x86)\Dell\Stage Remote\fpxlib.dll
2014-02-13 13:23 - 2014-02-13 13:23 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-08-18 12:22 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-02-14 13:21 - 2014-02-14 13:21 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-22 11:18 - 2014-02-22 11:18 - 16265096 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\JBA P\Downloads\launch.ica.t1i32u1.partial:icasource

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel® HD Graphics
Description: Intel® HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Activision Xbox360 Spyro Portal
Description: Activision Xbox360 Spyro Portal
Class Guid:
Manufacturer: Activision
Service: WinUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 05:39:09 PM) (Source: SideBySide) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/09/2014 05:39:09 PM) (Source: SideBySide) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/09/2014 01:30:59 AM) (Source: SideBySide) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/08/2014 07:07:14 PM) (Source: Application Error) (User: )
Description: accuweather.exe1.7.209.04f287048unknown0.0.0.000000000c000000500000000109801cf3b2309458f97C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exeunknown626ba5dc-a716-11e3-a2bb-1803737aeb79

Error: (03/08/2014 07:07:09 PM) (Source: Application Error) (User: )
Description: stage_primary.exe1.7.209.04f286f8cunknown0.0.0.000000000c000000500000000d1001cf3b22f6753822C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exeunknown5f7ae387-a716-11e3-a2bb-1803737aeb79

Error: (03/08/2014 07:06:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2014 05:50:28 PM) (Source: Application Error) (User: )
Description: stage_primary.exe1.7.209.04f286f8cunknown0.0.0.000000000c000000500000000e0c01cf3b183cc81dbfC:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exeunknowna9434fb4-a70b-11e3-af4b-1803737aeb79

Error: (03/08/2014 05:50:28 PM) (Source: Application Error) (User: )
Description: accuweather.exe1.7.209.04f287048unknown0.0.0.000000000c00000050000000013f801cf3b184d67573aC:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exeunknowna94376c4-a70b-11e3-af4b-1803737aeb79

Error: (03/08/2014 05:49:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2014 02:36:09 AM) (Source: SideBySide) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe


System errors:
=============
Error: (03/09/2014 04:01:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Display - Intel® HD Graphics.

Error: (03/08/2014 07:29:03 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/08/2014 07:23:52 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/08/2014 07:08:10 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/08/2014 07:08:10 PM) (Source: Service Control Manager) (User: )
Description: The hpqcxs08 service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/08/2014 07:05:32 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (03/08/2014 07:05:28 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Policy Service service terminated with the following error:
%%5

Error: (03/08/2014 05:48:35 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (03/08/2014 05:48:27 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Policy Service service terminated with the following error:
%%5

Error: (03/08/2014 05:48:12 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:32:46 PM on ‎3/‎8/‎2014 was unexpected.


Microsoft Office Sessions:
=========================
Error: (03/09/2014 05:39:09 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/09/2014 05:39:09 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/09/2014 01:30:59 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/08/2014 07:07:14 PM) (Source: Application Error)(User: )
Description: accuweather.exe1.7.209.04f287048unknown0.0.0.000000000c000000500000000109801cf3b2309458f97C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exeunknown626ba5dc-a716-11e3-a2bb-1803737aeb79

Error: (03/08/2014 07:07:09 PM) (Source: Application Error)(User: )
Description: stage_primary.exe1.7.209.04f286f8cunknown0.0.0.000000000c000000500000000d1001cf3b22f6753822C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exeunknown5f7ae387-a716-11e3-a2bb-1803737aeb79

Error: (03/08/2014 07:06:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2014 05:50:28 PM) (Source: Application Error)(User: )
Description: stage_primary.exe1.7.209.04f286f8cunknown0.0.0.000000000c000000500000000e0c01cf3b183cc81dbfC:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exeunknowna9434fb4-a70b-11e3-af4b-1803737aeb79

Error: (03/08/2014 05:50:28 PM) (Source: Application Error)(User: )
Description: accuweather.exe1.7.209.04f287048unknown0.0.0.000000000c00000050000000013f801cf3b184d67573aC:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exeunknowna94376c4-a70b-11e3-af4b-1803737aeb79

Error: (03/08/2014 05:49:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2014 02:36:09 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe


CodeIntegrity Errors:
===================================
  Date: 2014-03-07 20:47:55.937
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-07 20:47:55.837
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-05 12:21:14.903
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-05 12:21:14.783
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 69%
Total physical RAM: 3894.68 MB
Available physical RAM: 1181.39 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 5286.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:477.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B45AECD1)

Partition: GPT Partition Type.

==================== End Of Log ============================



#36 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 09 March 2014 - 09:44 PM

Hi Steve,

There are several things from Post #4 we sidelined a bit in order to check some other things. Please return back to that post and complete everything except the uninstalling programs part. In addition, please do this.

===================================================

Windows Repair (All in One)

--------------------
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Download Windows Repair (All in One) and save it to your desktop
  • Double click the icon and select Run
  • Continually click Next, then Finish
  • Note: If any steps will not complete simply move on to the next step.
  • Go to Step 2 and allow it to run See if Check Disk is Needed by clicking on the Check button:
  • If your see Errors Found On The Drive! Check Disk Is Needed click Do It in the Check Disk (If Needed) box
  • Once that is done then go to Step 3 and click Do It under System File Check
  • Go to Step 4 and click Create under System Restore, then Backup under Registry Backup
  • Go to Start Repairs tab and click Start button.
  • Please make sure the following items are checked

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Hosts File
Remove Policies Set By Infections
Remove Temp Files
Repair Proxy Settings
Repair Windows Updates
Repair Volume Shadow Copy Service
Repair MSI (Windows Installer)
Restore Important Windows Services
Set Windows Services To Default Startup

  • Click on box next to the Restart/Shutdown System when Finished
  • Click on Restart System
  • Click on Start
  • Your computer will reboot upon completion
  • Using Windows Explorer navigate to the following file

C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt

  • Copy and paste the contents of the log in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Security check log
  • Virustotal link
  • Fixlog
  • Windows All in One log
  • How is your computer running?

Edited by Oh My, 09 March 2014 - 09:45 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#37 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 10 March 2014 - 04:49 PM

OK, trying to do this in chunks.

 

AdwCleaner log I think this is the right file, but found it under C:\AdwCleaner\):

 

# AdwCleaner v3.021 - Report created 10/03/2014 at 15:55:03
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : JBA P - JBAP-PC
# Running from : C:\Users\JBA P\Desktop\AdwCleaner(1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Users\Kids\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol
Folder Found : C:\Users\Kids\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\Kids\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\caphyon
Key Found : [x64] HKCU\Software\caphyon
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\.bdc
Key Found : HKLM\SOFTWARE\Classes\.bgl

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\JBA P\AppData\Roaming\Mozilla\Firefox\Profiles\badpz2dl.default\prefs.js ]


[ File : C:\Users\Kids\AppData\Roaming\Mozilla\Firefox\Profiles\3hx7sb2b.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\JBA P\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : search_url
Found : suggest_url
Found : keyword
Found : search_url
Found : search_url
Found : suggest_url

[ File : C:\Users\Kids\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [57611 octets] - [05/01/2014 12:32:48]
AdwCleaner[R1].txt - [1674 octets] - [10/03/2014 15:55:03]
AdwCleaner[S0].txt - [56051 octets] - [05/01/2014 12:34:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1795 octets] ##########
 

 

JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by JBA P on Mon 03/10/2014 at 16:04:26.66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"



~~~ FireFox

Successfully deleted the following from C:\Users\JBA P\AppData\Roaming\mozilla\firefox\profiles\badpz2dl.default\prefs.js

user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\
Emptied folder: C:\Users\JBA P\AppData\Roaming\mozilla\firefox\profiles\badpz2dl.default\minidumps [99 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/10/2014 at 16:15:03.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Screen317 Log (had trouble finding this, but eventually did):

 

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 I SPY Treasure Hunt  
 SpyroDriver     
 Malwarebytes Anti-Malware version 1.70.0.1100  
 Out of date Malwarebytes Anti-Malware installed!
 Winferno Registry Power Cleaner  
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.70  
 Mozilla Firefox (27.0.1)
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 

 

VirusTotal Link:

 

https://www.virustotal.com/en/file/14508c8d6578c32a1407f9f716e20bb64e63c2619cd0c675602d8855d56649d2/analysis/1394486388/

 

 

FRST Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-03-2014
Ran by JBA P at 2014-03-10 17:24:47 Run:2
Running from C:\Users\JBA P\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\...\Run: [DellSystemDetect] - C:\Users\JBA P\AppData\Local\Apps\2.0\7RL0DAHN.ZKD\CJN83JBK.NQR
GroupPolicyUsers\S-1-5-21-1015218451-1290133160-4184035611-1006\User: Group Policy restriction detected <======= ATTENTION
ProxyServer: localhost:8080
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­ URL =
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
C:\Users\JBA P\AppData\Local\Temp\fam-installer.exe
C:\Users\JBA P\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\JBA P\AppData\Local\Temp\sp-latest.exe
Task: {5122FE35-A798-4B63-A5ED-4F6FECB1724E} - System32\Tasks\{E07E2850-3EF2-4281-A232-9D74CF4A9CAE} => D:\setup.exe
Task: {5250D4F4-3D28-417F-B00E-F7098AAC64BA} - \GoforFilesUpdate No Task File
Task: {9ABD81C2-497A-4843-923A-7B60ED54BCA0} - System32\Tasks\Search-Protect => C:\Program Files (x86)\Search-Protect\Updater.exe [2014-03-04] (Search-Protect)
AlternateDataStreams: C:\Users\JBA P\Downloads\launch.ica.t1i32u1.partial:icasource
*****************

HKU\S-1-5-21-1015218451-1290133160-4184035611-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DellSystemDetect => Value deleted successfully.
C:\windows\system32\GroupPolicyUsers\S-1-5-21-1015218451-1290133160-4184035611-1006\User => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­ => Key not found.
HKCR\CLSID\ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­ => Key not found.
HKCR\PROTOCOLS\Handler\cozi => Key deleted successfully.
HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=euc-jp => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=ISO-8859-1 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS936 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS949 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS950 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF-8 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF8 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=euc-jp => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=ISO-8859-1 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS936 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS949 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS950 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF-8 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF8 => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\ica => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
"C:\Users\JBA P\AppData\Local\Temp\fam-installer.exe" => File/Directory not found.
"C:\Users\JBA P\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\JBA P\AppData\Local\Temp\sp-latest.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5122FE35-A798-4B63-A5ED-4F6FECB1724E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5122FE35-A798-4B63-A5ED-4F6FECB1724E} => Key deleted successfully.
C:\Windows\System32\Tasks\{E07E2850-3EF2-4281-A232-9D74CF4A9CAE} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E07E2850-3EF2-4281-A232-9D74CF4A9CAE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5250D4F4-3D28-417F-B00E-F7098AAC64BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5250D4F4-3D28-417F-B00E-F7098AAC64BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ABD81C2-497A-4843-923A-7B60ED54BCA0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ABD81C2-497A-4843-923A-7B60ED54BCA0} => Key deleted successfully.
C:\Windows\System32\Tasks\Search-Protect => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Search-Protect => Key deleted successfully.
C:\Users\JBA P\Downloads\launch.ica.t1i32u1.partial => ":icasource" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog ====

 

 

Will attempt to finish the rest shortly.

Thanks,

Steve



#38 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 11 March 2014 - 07:02 AM

Hey Gary,

 

So I ran the Windows All in One and went through all the steps until the Restart/Shutdown when Finished.  I had to leave the house and came back to see the computer off.  I powered on and it showed screens we probably didnt want to see.  Startup Repair.  I should have ended there, but I hit YES.  It went through its motions and now has come up to the System Restore screen.  I ceased actions and await your instructions (what I should have done a step ago).

 

Thanks,

Steve



#39 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 11 March 2014 - 09:10 AM

Hi Steve,

We are fine, no damage done. System Restore is not going to help us because we don't have a Restore Point prior to the onset of your symptoms. Here is what I would like us to do.

===================================================

Hiding Windows Update Component

--------------------
  • Click Start, All Programs, then Windows Update
  • Click Check for Updates
  • Allow the scan to complete then click the Optional updates are available
  • If present, right click on ny updates for Intel® HD Graphics and select Hide update
  • Install any remaining updates
  • Reboot your computer and check for the video card warning
===================================================

Services Repair

----------
  • Please download ServicesRepair and save it to your desktop.
  • Double-click ServicesRepair.exe
  • Click Run and then click Yes on any security notifications that appear
  • Click Yes to restart your computer
  • Double click on the CCSupport folder on your desktop, double click the Logs folder, then copy and paste the log in your reply
===================================================

ESET SysInspector

----------
  • Download ESET SysInspector for either 64 bit or 32 bit systems.
  • Click I accept then patiently allow the program to run
  • Once completed you will be presented with a results screen
  • Click File, Generate, then Suitable for sending
  • Click No to Do you want to save the current log before opening another one?
  • The program will run again
  • When completed click File, Save log, and save it to your desktop with the default name
  • Attach the zipped folder to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did you hide a Windows Update/error information
  • Services Repair log
  • ESET SysInspector log (attached)
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#40 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 11 March 2014 - 09:26 AM

Gary,

 

I want to make sure we are both clear.  I have the computer within Startup Repair with the window asking me if I want to use System Restore.  Do I hit Restore or Cancel?  And then afterwards I continue with the other items?

 

Thanks,

Steve



#41 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 11 March 2014 - 01:01 PM

I am glad you wanted to clarify. Click cancel and if you do not see a report reboot your computer to see if you get a clean boot up. Then post the report located at C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt. Don't do the other steps yet until we work through the All in One hiccup.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#42 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 11 March 2014 - 03:14 PM

OK, One thing you are probably aware of.  I have no firewall or anti-virus running on my system for the last several days since uninstalling.  Keeping me a bit nervous so if something isn't running, I am turning off access to my router. 

 

The system seems to have booted up just fine. While I couldn't find a file or a subdirectory like the one you mentioned, I did find the following.  Hopefully it is what you need to proceed:

 

File location -->  C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs\3.10.2014_6.49.51-PM

 

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: JBAP-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\JBA P
Current Profile SID: S-1-5-21-1015218451-1290133160-4184035611-1000
Current Profile Classes: S-1-5-21-1015218451-1290133160-4184035611-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\JBA P\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:32:04

Process Count: 82
Commit Total: 1.64 GB
Commit Limit: 7.61 GB
Commit Peak: 1.73 GB
Handle Count: 22242
Kernel Total: 401.30 MB
Kernel Paged: 306.50 MB
Kernel Non Paged: 94.80 MB
System Cache: 2.38 GB
Thread Count: 967
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.80 GB
Memory Used: 1.56 GB(40.9009%)
Memory Avail.: 2.25 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.80 GB
Memory Used: 1.27 GB(33.3056%)
Memory Avail.: 2.54 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Start (3/10/2014 6:49:53 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (3/10/2014 6:49:53 PM)
   Running Repair Under Current User Account
   Done (3/10/2014 6:49:58 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (3/10/2014 6:49:58 PM)
   Running Repair Under System Account
   Done (3/10/2014 6:51:59 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (3/10/2014 6:51:59 PM)
   Running Repair Under System Account
   Done (3/10/2014 6:53:27 PM)

02 - Reset File Permissions: C:
   C: & Sub Folders
   Start (3/10/2014 6:53:28 PM)
   Running Repair Under System Account
   Done (3/10/2014 7:11:59 PM)

02 - Reset File Permissions: All Profiles
   C:\Users & Sub Folders
   Start (3/10/2014 7:11:59 PM)
   Running Repair Under System Account
   Done (3/10/2014 7:16:40 PM)

02 - Reset File Permissions: Current Profile
   C:\Users\JBA P & Sub Folders
   Start (3/10/2014 7:16:40 PM)
   Running Repair Under System Account
   Done (3/10/2014 7:17:49 PM)

02 - Reset File Permissions: Cleanup
   Repairing Restricted Folders Permissions To Avoid Infinite Loops
   Start (3/10/2014 7:17:49 PM)
   Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>
Reading the SD from <\\?\C:\Users\Default\Cookies> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\JBA P\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Kids\Documents\My Videos>

SetACL finished successfully.
   Done (3/10/2014 7:18:07 PM)

03 - Register System Files
   Start (3/10/2014 7:18:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:19:39 PM)

04 - Repair WMI
   Start (3/10/2014 7:19:39 PM)
   Running Repair Under Current User Account
   Done (3/10/2014 7:35:55 PM)

08 - Repair Hosts File
   Start (3/10/2014 7:35:55 PM)
   Running Repair Under System Account
   Done (3/10/2014 7:35:57 PM)

09 - Remove Policies Set By Infections
   Start (3/10/2014 7:35:57 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:36:02 PM)

13 - Remove Temp Files
   Start (3/10/2014 7:36:02 PM)
   Running Repair Under System Account
   Done (3/10/2014 7:36:05 PM)

14 - Repair Proxy Settings
   Start (3/10/2014 7:36:05 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:36:10 PM)

16 - Repair Windows Updates
   Start (3/10/2014 7:36:10 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:37:03 PM)

18 - Repair Volume Shadow Copy Service
   Start (3/10/2014 7:37:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:37:21 PM)

20 - Repair MSI (Windows Installer)
   Start (3/10/2014 7:37:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:37:39 PM)

25 - Restore Important Windows Services
   Start (3/10/2014 7:37:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:38:39 PM)

26 - Set Windows Services To Default Startup
   Start (3/10/2014 7:38:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (3/10/2014 7:39:07 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (3/10/2014 7:39:08 PM)
   Total Repair Time: 00:49:17


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 



#43 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 11 March 2014 - 03:58 PM

Hi Steve,

Yes I know regarding the antivirus. We are almost ready to reinstall but I want a clean shot at the things we are doing now. Go ahead and run the steps in Post #39
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#44 sspea

sspea
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Falls Church, vA
  • Local time:05:15 AM

Posted 12 March 2014 - 08:46 AM

Booted up fine.  Lots of updates.  There was no Intel driver to hide, but it showed as failed.  And there are two updates now showing as available: Intel display and some .NET Framework.  Am proceeding with the next part.



#45 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:15 AM

Posted 12 March 2014 - 09:02 AM

And there are two updates now showing as available: Intel display


Can you give me the information about this pending update.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users