Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

error "missing file" when trying to uninstall pctech hotline


  • This topic is locked This topic is locked
14 replies to this topic

#1 jenrtris

jenrtris

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 19 March 2014 - 09:38 AM

My son somehow downloaded this pctech software onto his laptop. Its the pctech hotline & another one called pctech speedy fix or something. It is causing all kind of problems so I tried to uninstall it. When I try an error message comes up saying "missing file 000unins. download updated program to fix the problem" (or something along those lines) but that doesn't work either. I've read about doing a clean boot or a safe boot or manually uninstalling the software but dont know what I'm doing Can anyone help me?? 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 19 March 2014 - 09:46 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 jenrtris

jenrtris
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 19 March 2014 - 11:17 AM

Ok. I will follow these steps & stop to ask questions if I have a problem.  My only question so far is what is a logfile?  I'm sorry but I don't know much about computers. 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 19 March 2014 - 03:11 PM

A log file is normally a simple text file where programs save informations about their work to.

The programs I adviced you to run will collect some information about your computer and save it this way. I can find traces of malware, then (if there are some...).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 jenrtris

jenrtris
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 20 March 2014 - 12:25 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by kristy (administrator) on KRISTY-HP on 20-03-2014 13:04:13
Running from C:\Users\kristy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieModeService.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieMode.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Updater) C:\ProgramData\Updater\updater.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(Crawler.com) C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe
() C:\Program Files (x86)\GetPrivate\GetPrivate.exe
() C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook64.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-09-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2539544 2014-03-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [738496 2013-10-25] ()
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-24] (APN)
HKLM-x32\...\Run: [PCFixSpeed] - C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [379240 2014-02-13] (Crawler.com)
HKLM-x32\...\Run: [PCTechHotline] - C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe [1905000 2014-02-13] (Crawler, LLC)
HKLM-x32\...\Run: [GetPrivate] - C:\Program Files (x86)\GetPrivate\GetPrivate.exe [481704 2013-08-15] ()
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM-x32\...\Run: [dnsshield] - C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe [214016 2013-11-29] ()
HKLM-x32\...\Runonce: [Solid Savings-repairJob] - wscript.exe "C:\Users\kristy\AppData\Local\Solid Savings\repair.js" "Solid Savings-repairJob" [X]
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [WeatherBug] - C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2013-11-13] ()
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-03] (Conduit)
AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-02-16] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)
AppInit_DLLs-x32:  c:\progra~2\optimi~1\optpro~1.dll => C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [2961368 2014-02-16] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: saveRoN - {9346A133-7754-99A2-E959-E3F79E5FFD0C} - C:\ProgramData\saveRoN\tphs5.x64.dll ()
BHO: QueenCouppon - {BC703536-93B5-A795-93AC-4B3C26ED5A3F} - C:\ProgramData\QueenCouppon\Ec.x64.dll ()
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: Perk Prize Panel - {47F3EB15-C230-4A0B-BE4B-D527FF483B48} - C:\Program Files (x86)\Perk Prize Panel\pp.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WordExtra - {8BA97046-C600-4264-B367-5DEFD9FC505F} - C:\Users\kristy\AppData\Roaming\WordExtra\temp.dat ()
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: saveRoN - {9346A133-7754-99A2-E959-E3F79E5FFD0C} - C:\ProgramData\saveRoN\tphs5.dll ()
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.250\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: QueenCouppon - {BC703536-93B5-A795-93AC-4B3C26ED5A3F} - C:\ProgramData\QueenCouppon\Ec.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.250\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll (AVG Secure Search)
Hosts: 54.204.28.26 ojbalidmphhoopheigckkcpldegcohhe
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{4812C5CE-A8E4-4360-BFA2-82D4A6998DB4}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{5B154EA1-6199-4D9D-8F53-0A8BBA93338E}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{BFAB841B-6C58-4AFC-A412-9338AB343EF7}: [NameServer]184.172.114.130,208.43.110.90
 
FireFox:
========
FF ProfilePath: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default
FF user.js: detected! => C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\user.js
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: about:home
FF SearchEngineOrder.3: Bing 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: TopArcadeHits - C:\Users\kristy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-07-19]
FF Extension: The weDownload - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\ed149b31-2114-4948-bbf4-21fb338a9d9d@87b08077-a2a6-4480-a7a1-ade143a3d21e.com [2014-01-30]
FF Extension: WordExtra - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\korey@markus.me [2014-02-16]
FF Extension: WebCake - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\plugin@getwebcake.com [2013-07-09]
FF Extension: No Name - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\staged [2013-07-19]
FF Extension: Websteroids - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\support@websteroidsapp.com [2014-02-16]
FF Extension: TopArcadeHits - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-07-19]
FF Extension: SaveSense - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2014-01-30]
FF Extension: Snap.Do  - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{9c2651bc-3966-4420-ad32-99cb6dc4e7bf} [2013-07-19]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org [2013-05-28]
FF Extension: LessTabs - C:\Program Files (x86)\Mozilla Firefox\extensions\lesstabs@lesstabs.com [2013-07-19]
FF Extension: WordExtra - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\korey@markus.me [2014-02-16]
FF HKCU\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FF\
 
Chrome: 
=======
CHR RestoreOnStartup: "sync": {
      "suppress_start"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Websteroids) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb [2014-03-10]
CHR Extension: (AVG SafeGuard) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-03-19]
CHR Extension: (Solid Savings) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbalidmphhoopheigckkcpldegcohhe [2014-02-10]
CHR Extension: (MySearchDial) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2013-10-25]
CHR Extension: (Ask Toolbar) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pljcgbedjplidkdjahbaalanadmjfgop [2014-03-01]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.0.0.250\avg.crx [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-02-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [186496 2014-02-16] ()
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-24] (APN LLC.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
R2 MovieMode; C:\ProgramData\MovieMode\MovieMode.exe [151184 2014-02-10] (GenTechnologies Apps, LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PCTechHotlineSvc; C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe [701800 2014-02-13] (Crawler, LLC)
R2 vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [1759768 2014-03-02] (AVG Secure Search)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-03-02] (AVG Technologies)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S1 lsnfd; system32\drivers\lsnfd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-20 13:04 - 2014-03-20 13:07 - 00026121 _____ () C:\Users\kristy\Downloads\FRST.txt
2014-03-20 13:03 - 2014-03-20 13:04 - 00000000 ____D () C:\FRST
2014-03-20 13:03 - 2014-03-20 13:03 - 02157056 _____ (Farbar) C:\Users\kristy\Downloads\FRST64.exe
2014-03-19 09:34 - 2014-03-19 09:34 - 00000000 ____D () C:\Program Files (x86)\Social Privacy  DNS
2014-03-19 06:02 - 2014-03-19 06:03 - 01699944 _____ (SafeInstall, LLC) C:\Users\kristy\Downloads\Unconfirmed 112302.crdownload
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\QueenCouppon
2014-03-18 10:30 - 2014-03-18 10:30 - 00000000 ____D () C:\ProgramData\ATI
2014-03-14 15:26 - 2014-03-14 15:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-13 07:46 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 07:46 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 07:46 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 07:45 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 07:45 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 07:45 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 07:45 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 07:45 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 07:45 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 07:45 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 07:45 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 07:45 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 07:45 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 07:45 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 07:45 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 07:45 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 07:45 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 07:45 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 07:45 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 07:45 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 07:45 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 07:45 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 07:45 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 07:45 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 07:45 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 07:45 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 07:45 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 07:45 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 07:45 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 07:45 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 07:45 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 07:45 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 07:45 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 07:45 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 07:45 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 07:45 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 07:45 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 07:45 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 07:45 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 07:45 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 07:45 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 07:45 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 07:45 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 07:45 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 07:44 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 07:44 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 07:44 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 07:44 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-07 22:12 - 2014-03-18 10:51 - 00000000 ____D () C:\ProgramData\4bf0f201094769a5
2014-03-07 22:12 - 2014-03-07 22:12 - 00000000 ____D () C:\Users\kristy\AppData\Local\Packages
2014-03-07 22:11 - 2014-03-07 22:12 - 00000000 ____D () C:\ProgramData\saveRoN
2014-03-05 17:37 - 2014-03-05 17:37 - 00000000 ____D () C:\Users\kristy\AppData\Local\Skype
2014-03-02 19:58 - 2014-03-02 19:58 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-01 19:48 - 2014-03-01 19:48 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Optimizer Pro
2014-03-01 19:35 - 2014-03-01 19:36 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PCFixSpeed
2014-03-01 19:04 - 2014-03-01 19:04 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PC Tech Hotline
2014-02-23 23:58 - 2014-02-23 23:58 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
 
==================== One Month Modified Files and Folders =======
 
2014-03-20 13:07 - 2014-03-20 13:04 - 00026121 _____ () C:\Users\kristy\Downloads\FRST.txt
2014-03-20 13:06 - 2009-07-14 00:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:06 - 2009-07-14 00:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:04 - 2014-03-20 13:03 - 00000000 ____D () C:\FRST
2014-03-20 13:03 - 2014-03-20 13:03 - 02157056 _____ (Farbar) C:\Users\kristy\Downloads\FRST64.exe
2014-03-20 13:02 - 2014-02-16 16:10 - 00000000 ____D () C:\Users\kristy\AppData\Local\MovieMode
2014-03-20 12:51 - 2014-01-21 22:07 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForkristy
2014-03-20 12:51 - 2014-01-21 22:07 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForkristy.job
2014-03-20 12:51 - 2012-09-12 20:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 12:50 - 2013-07-29 00:45 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 12:46 - 2013-10-25 20:49 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job
2014-03-20 12:15 - 2014-02-10 13:34 - 00000346 _____ () C:\Windows\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002.job
2014-03-20 11:25 - 2012-02-27 08:19 - 00000000 ____D () C:\Users\kristy\AppData\Local\CrashDumps
2014-03-20 11:24 - 2013-10-25 20:49 - 00039303 _____ () C:\Users\kristy\daemonprocess.txt
2014-03-20 11:24 - 2011-12-27 03:25 - 02046308 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 11:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-03-20 09:33 - 2014-02-10 13:34 - 00000346 _____ () C:\Windows\Tasks\bench-sys.job
2014-03-20 08:44 - 2012-08-04 22:22 - 00078595 _____ () C:\Windows\setupact.log
2014-03-20 06:48 - 2014-01-21 21:48 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-20 06:48 - 2013-07-29 00:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 06:48 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 15:23 - 2014-01-22 02:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-19 10:46 - 2012-11-08 19:32 - 00159912 _____ () C:\Windows\PFRO.log
2014-03-19 09:36 - 2009-07-14 01:13 - 00796552 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-19 09:34 - 2014-03-19 09:34 - 00000000 ____D () C:\Program Files (x86)\Social Privacy  DNS
2014-03-19 09:34 - 2014-02-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Perk Prize Panel
2014-03-19 09:33 - 2012-02-29 12:05 - 00771580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-19 09:30 - 2012-02-26 18:29 - 00000000 ___RD () C:\Users\kristy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-19 09:12 - 2011-08-31 14:05 - 00000000 ___HD () C:\HP
2014-03-19 06:03 - 2014-03-19 06:02 - 01699944 _____ (SafeInstall, LLC) C:\Users\kristy\Downloads\Unconfirmed 112302.crdownload
2014-03-18 20:00 - 2013-07-11 00:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 19:54 - 2012-03-22 16:54 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 10:51 - 2014-03-07 22:12 - 00000000 ____D () C:\ProgramData\4bf0f201094769a5
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\QueenCouppon
2014-03-18 10:30 - 2014-03-18 10:30 - 00000000 ____D () C:\ProgramData\ATI
2014-03-18 10:28 - 2012-02-26 18:20 - 00000000 ____D () C:\Users\kristy
2014-03-17 13:27 - 2013-10-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 13:27 - 2011-12-27 03:37 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-17 13:26 - 2013-10-29 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 13:26 - 2011-12-27 03:37 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-03-17 13:26 - 2011-12-27 03:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-17 13:26 - 2011-12-27 03:34 - 00000000 ____D () C:\Program Files\ATI
2014-03-17 13:26 - 2011-12-27 03:34 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-17 13:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-03-16 19:01 - 2011-10-14 16:32 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-16 19:00 - 2011-10-14 17:07 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-14 15:26 - 2014-03-14 15:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-14 15:26 - 2013-07-09 20:23 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-13 18:12 - 2013-01-15 17:37 - 00000450 ____H () C:\Windows\Tasks\Norton Security Scan for kristy.job
2014-03-13 17:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-13 12:05 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 00:50 - 2012-02-28 22:21 - 00000627 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-12 00:49 - 2012-03-06 22:07 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-10 19:22 - 2013-08-16 03:58 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Windows Live Writer
2014-03-10 19:21 - 2014-01-20 22:41 - 00000000 ____D () C:\Users\kristy\AppData\Local\Windows Live
2014-03-07 22:12 - 2014-03-07 22:12 - 00000000 ____D () C:\Users\kristy\AppData\Local\Packages
2014-03-07 22:12 - 2014-03-07 22:11 - 00000000 ____D () C:\ProgramData\saveRoN
2014-03-06 09:26 - 2014-02-16 15:38 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-05 17:58 - 2011-10-14 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 17:55 - 2012-02-28 19:53 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Skype
2014-03-05 17:37 - 2014-03-05 17:37 - 00000000 ____D () C:\Users\kristy\AppData\Local\Skype
2014-03-02 19:58 - 2014-03-02 19:58 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-02 19:55 - 2013-07-09 20:23 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-01 23:15 - 2013-10-25 20:48 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-01 19:48 - 2014-03-01 19:48 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Optimizer Pro
2014-03-01 19:36 - 2014-03-01 19:35 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PCFixSpeed
2014-03-01 19:04 - 2014-03-01 19:04 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PC Tech Hotline
2014-03-01 18:35 - 2013-05-26 00:34 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-03-01 18:33 - 2014-02-16 15:41 - 00000000 ____D () C:\ProgramData\PCFixSpeed
2014-03-01 18:33 - 2014-02-16 15:33 - 00000000 ____D () C:\Users\kristy\Documents\BitLord
2014-03-01 18:33 - 2014-02-16 15:31 - 00000000 ___HD () C:\ProgramData\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
2014-03-01 18:33 - 2014-02-10 13:34 - 00000000 ____D () C:\Users\kristy\AppData\Local\Solid Savings
2014-03-01 18:33 - 2014-01-29 15:59 - 00000000 ____D () C:\swsetup
2014-03-01 18:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-01 18:32 - 2014-02-16 15:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-01 18:32 - 2014-02-16 15:40 - 00000000 ____D () C:\Program Files (x86)\PCFixSpeed
2014-03-01 18:32 - 2014-02-16 15:32 - 00000000 ____D () C:\Program Files\Earth Networks
2014-03-01 18:32 - 2011-10-14 17:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 18:26 - 2013-09-15 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-01 18:25 - 2014-02-10 13:34 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-03-01 18:25 - 2014-01-29 07:48 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-03-01 02:05 - 2014-03-13 07:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-13 07:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-13 07:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-13 07:45 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-13 07:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-13 07:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-13 07:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-13 07:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-13 07:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-13 07:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-13 07:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-13 07:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-13 07:45 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-13 07:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-13 07:45 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-13 07:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-13 07:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-13 07:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-13 07:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-13 07:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-13 07:45 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-13 07:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-13 07:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-13 07:45 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-13 07:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-13 07:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-13 07:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-13 07:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-13 07:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-13 07:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-13 07:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-13 07:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-13 07:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-13 07:45 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-13 07:45 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-13 07:45 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-13 07:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-13 07:45 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-13 07:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-13 07:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 23:58 - 2014-02-23 23:58 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-02-23 23:55 - 2013-09-15 19:09 - 00000000 ____D () C:\ProgramData\Oracle
 
Some content of TEMP:
====================
C:\Users\kristy\AppData\Local\Temp\APNSetup.exe
C:\Users\kristy\AppData\Local\Temp\BackupSetup.exe
C:\Users\kristy\AppData\Local\Temp\BitLord_Installer.exe
C:\Users\kristy\AppData\Local\Temp\contentDATs.exe
C:\Users\kristy\AppData\Local\Temp\ICReinstall_ROM_Setup.exe
C:\Users\kristy\AppData\Local\Temp\mssinstaller.exe
C:\Users\kristy\AppData\Local\Temp\nsc9FEF.exe
C:\Users\kristy\AppData\Local\Temp\nseF866.exe
C:\Users\kristy\AppData\Local\Temp\nsh2764.exe
C:\Users\kristy\AppData\Local\Temp\nsh92F3.exe
C:\Users\kristy\AppData\Local\Temp\nsoA03.exe
C:\Users\kristy\AppData\Local\Temp\nsu45DD.exe
C:\Users\kristy\AppData\Local\Temp\nsx1DB3.exe
C:\Users\kristy\AppData\Local\Temp\nsz392F.exe
C:\Users\kristy\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\kristy\AppData\Local\Temp\sp64126.exe
C:\Users\kristy\AppData\Local\Temp\SPSetup.exe
C:\Users\kristy\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\kristy\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-13 17:20
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by kristy at 2014-03-20 13:09:38
Running from C:\Users\kristy\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0705.1115.18310 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60705.1113 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A03}) (Version: 12.10.3.34 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{B3C4ADC9-637E-DDD9-A66C-782AE5E2E667}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.0.250 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help English (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help French (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help German (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
ccc-utility64 (Version: 2011.0705.1115.18310 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
GetPrivate (HKLM-x32\...\GetPrivate) (Version: 1.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 28.0.1500.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version:  - MadMan Theory Games)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{41298BF3-DF6B-449C-BFB7-83663ECB5108}) (Version: 3.1.1.10184 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{288591DE-4151-4E8E-A698-C6EFF5DF00F9}) (Version: 2.0.1 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{AF240B18-034B-4A82-B3FC-0B879C4BAE2E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.0.1526.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.6.63 - GenTechnologies Apps, LLC)
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.7.5.5 - Symantec Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
PC Fix Speed 1.2.0.42 (HKLM-x32\...\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1) (Version: 1.2.0.42 - Crawler, LLC)
PC Tech Hotline (HKLM-x32\...\{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1) (Version: 3.0.0.4 - Crawler, LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QueenCouppon (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version:  - QueaenCoupon) <==== ATTENTION
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6461 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
ROM Manager Packages (HKCU\...\ROM Manager Packages) (Version:  - ) <==== ATTENTION
saveRoN (HKLM-x32\...\{66951628-3E5A-9C96-37EA-490E187974D5}) (Version:  - seaveron)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Social Privacy DNS (HKLM-x32\...\dnsshield) (Version:  - )
Solid Savings (HKLM-x32\...\32910_Solid Savings) (Version: 1.0 - Smart Apps)
Solid Savings (HKLM-x32\...\Solid Savings) (Version: 1.27.153.0 - Innovative Apps)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.5.29 - Earth Networks, Inc.)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WordExtra (HKCU\...\WordExtra) (Version: 1 - http://www.wordextra.com)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
05-03-2014 13:53:11 Windows Update
05-03-2014 21:55:23 Removed Skype™ 6.14
08-03-2014 22:39:06 Windows Update
09-03-2014 20:15:12 Windows Backup
12-03-2014 04:40:46 Windows Update
13-03-2014 15:06:53 Windows Update
16-03-2014 15:53:17 Windows Update
16-03-2014 22:50:38 Removed HP Support Assistant.
16-03-2014 23:02:01 Removed Microsoft Silverlight
18-03-2014 23:53:47 Windows Update
19-03-2014 13:18:38 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2014-03-03 23:01 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.204.28.26 ojbalidmphhoopheigckkcpldegcohhe
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {09C51F47-8630-4D58-BE14-E09947835DB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {153F9573-EB93-426D-9520-0812E0DD6437} - System32\Tasks\{18663FD4-24D8-4C6A-BF1D-FAA36DC80E59} => Chrome.exe 
Task: {1ADF6375-FEF3-4F68-98CF-47FEE9F6E2CF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {23DADE94-FCA3-49C0-95B3-05452C19CCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe
Task: {2CEA68B7-7B38-4761-9573-6403220C2B48} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-01-31] () <==== ATTENTION
Task: {311D49FE-AE8E-4546-A8F0-7269DE590DA9} - System32\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-01-31] () <==== ATTENTION
Task: {42687CA8-0BD3-4790-B65C-B67E7BB3F2D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-26] (Adobe Systems Incorporated)
Task: {77EFC973-2DFF-4369-A509-714534309701} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: {8E10A256-DCA1-4168-84EE-03864CC29363} - System32\Tasks\Updater26278.exe => C:\Users\kristy\AppData\Local\Updater26278\Updater26278.exe [2013-12-25] (Innovative Apps) <==== ATTENTION
Task: {9AAFD396-CC0A-40AA-AC06-2AF798349024} - System32\Tasks\HPCeeScheduleForkristy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AF50C359-DC34-4F3E-9248-F22B49A62B5A} - System32\Tasks\Norton Security Scan for kristy => C:\Program Files (x86)\Norton Security Scan\Engine\3.7.5.5\Nss.exe [2012-10-22] (Symantec Corporation)
Task: {CD9E8E92-0BF5-4DBA-B10A-29A75DD4F761} - System32\Tasks\MySearchDial => C:\Users\kristy\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {F065A3D6-D6AB-4C66-9747-DE8F8126E282} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
Task: {F3765232-24D8-4065-BFE3-52B157819CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForkristy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\kristy\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for kristy.job => C:\PROGRA~2\NORTON~2\Engine\375~1.5\Nss.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-16 15:32 - 2014-02-16 15:32 - 02681648 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll
2012-09-12 19:22 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-03-02 19:58 - 2014-03-02 19:55 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
2014-02-16 15:32 - 2013-11-13 15:08 - 00146736 _____ () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-07-28 21:29 - 2014-03-14 15:24 - 02539544 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-10-25 20:49 - 2013-10-25 21:04 - 00738496 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2013-08-15 08:28 - 2013-08-15 08:28 - 00481704 _____ () C:\Program Files (x86)\GetPrivate\GetPrivate.exe
2013-11-29 01:14 - 2013-11-29 01:14 - 00214016 _____ () C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
2011-07-05 15:13 - 2011-07-05 15:13 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 17:42 - 2011-06-17 17:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-16 15:32 - 2014-02-16 15:32 - 02961368 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-02-16 15:32 - 2014-02-16 15:32 - 00186496 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll
2014-03-02 19:58 - 2014-03-02 19:55 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll
2013-08-15 08:28 - 2013-08-15 08:28 - 01005992 _____ () C:\Program Files (x86)\GetPrivate\VPN.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 00601552 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 00123344 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 04052944 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 00396240 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 01597392 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:ECF54A0E
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMIMaint => 2
MSCONFIG\Services: LogMeIn => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\kristy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\kristy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\kristy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\kristy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/20/2014 11:25:12 AM) (Source: Application Error) (User: )
Description: Faulting application name: cltmngui.exe, version: 2.11.11.7, time stamp: 0x531483bc
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0xa50
Faulting application start time: 0xcltmngui.exe0
Faulting application path: cltmngui.exe1
Faulting module path: cltmngui.exe2
Report Id: cltmngui.exe3
 
Error: (03/20/2014 06:48:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 05:54:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: UPDATE~1.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0013d169
Faulting process id: 0x3434
Faulting application start time: 0xUPDATE~1.EXE0
Faulting application path: UPDATE~1.EXE1
Faulting module path: UPDATE~1.EXE2
Report Id: UPDATE~1.EXE3
 
Error: (03/19/2014 10:48:51 AM) (Source: Application Error) (User: )
Description: Faulting application name: PCFixTray.exe, version: 1.2.0.14, time stamp: 0x520de38f
Faulting module name: VERSION.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x73e74867
Faulting process id: 0xc14
Faulting application start time: 0xPCFixTray.exe0
Faulting application path: PCFixTray.exe1
Faulting module path: PCFixTray.exe2
Report Id: PCFixTray.exe3
 
Error: (03/19/2014 10:48:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 09:26:48 AM) (Source: Application Hang) (User: )
Description: The program WeatherBug.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f24
 
Start Time: 01cf435208b7bbca
 
Termination Time: 921
 
Application Path: C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
 
Report Id:
 
Error: (03/19/2014 05:03:42 AM) (Source: Application Error) (User: )
Description: Faulting application name: PCFixTray.exe, version: 1.2.0.14, time stamp: 0x520de38f
Faulting module name: VERSION.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x737d4867
Faulting process id: 0x10c0
Faulting application start time: 0xPCFixTray.exe0
Faulting application path: PCFixTray.exe1
Faulting module path: PCFixTray.exe2
Report Id: PCFixTray.exe3
 
Error: (03/19/2014 05:02:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 04:13:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: cltmngui.exe, version: 2.11.11.7, time stamp: 0x531483bc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00bbec48
Faulting process id: 0xa7c
Faulting application start time: 0xcltmngui.exe0
Faulting application path: cltmngui.exe1
Faulting module path: cltmngui.exe2
Report Id: cltmngui.exe3
 
Error: (03/18/2014 11:03:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: GetPrivate.exe, version: 1.0.0.1, time stamp: 0x520cc902
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x10f4
Faulting application start time: 0xGetPrivate.exe0
Faulting application path: GetPrivate.exe1
Faulting module path: GetPrivate.exe2
Report Id: GetPrivate.exe3
 
 
System errors:
=============
Error: (03/20/2014 06:50:41 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/20/2014 06:50:41 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/20/2014 06:49:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/20/2014 06:48:38 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
lsnfd
 
Error: (03/20/2014 06:48:25 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
Error: (03/19/2014 04:45:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MovieMode service.
 
Error: (03/19/2014 10:50:30 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/19/2014 10:50:30 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/19/2014 10:48:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/19/2014 10:47:56 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
lsnfd
 
 
Microsoft Office Sessions:
=========================
Error: (03/20/2014 11:25:12 AM) (Source: Application Error)(User: )
Description: cltmngui.exe2.11.11.7531483bcole32.dll6.1.7601.175144ce7b96fc000000500039342a5001cf4429f171c583C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exeC:\Windows\syswow64\ole32.dlld3967df8-b043-11e3-af19-ec9a74fb5df5
 
Error: (03/20/2014 06:48:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 05:54:11 AM) (Source: Application Error)(User: )
Description: UPDATE~1.EXE0.0.0.02a425e19ole32.dll6.1.7601.175144ce7b96fc00000050013d169343401cf44220faaab1dC:\Users\kristy\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXEC:\Windows\syswow64\ole32.dll95746936-b015-11e3-8f3b-ec9a74fb5df5
 
Error: (03/19/2014 10:48:51 AM) (Source: Application Error)(User: )
Description: PCFixTray.exe1.2.0.14520de38fVERSION.dll_unloaded0.0.0.04a5bdb2bc000000573e74867c1401cf43824e884706C:\Program Files (x86)\PCFixSpeed\PCFixTray.exeVERSION.dll9539c8ae-af75-11e3-8f3b-ec9a74fb5df5
 
Error: (03/19/2014 10:48:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 09:26:48 AM) (Source: Application Hang)(User: )
Description: WeatherBug.exe1.0.0.0f2401cf435208b7bbca921C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
 
Error: (03/19/2014 05:03:42 AM) (Source: Application Error)(User: )
Description: PCFixTray.exe1.2.0.14520de38fVERSION.dll_unloaded0.0.0.04a5bdb2bc0000005737d486710c001cf435214bf28b9C:\Program Files (x86)\PCFixSpeed\PCFixTray.exeVERSION.dll5df0fc8b-af45-11e3-ae97-ec9a74fb5df5
 
Error: (03/19/2014 05:02:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 04:13:12 PM) (Source: Application Error)(User: )
Description: cltmngui.exe2.11.11.7531483bcunknown0.0.0.000000000c000000500bbec48a7c01cf42b64d361bd9C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exeunknownbab558df-aed9-11e3-afca-ec9a74fb5df5
 
Error: (03/18/2014 11:03:44 AM) (Source: Application Error)(User: )
Description: GetPrivate.exe1.0.0.1520cc902unknown0.0.0.000000000c00000050000000010f401cf42b678a9a5fdC:\Program Files (x86)\GetPrivate\GetPrivate.exeunknown7f1cc80f-aeae-11e3-afca-ec9a74fb5df5
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 1642.91 MB
Available physical RAM: 554.36 MB
Total Pagefile: 3285.81 MB
Available Pagefile: 1354.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:209.33 GB) (Free:117.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.39 GB) (Free:2.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.55 GB) FAT32
Drive f: (YOGA_X) (CDROM) (Total:3.79 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 27F7617E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by kristy (administrator) on KRISTY-HP on 20-03-2014 13:04:13
Running from C:\Users\kristy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieModeService.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieMode.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Updater) C:\ProgramData\Updater\updater.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(Crawler.com) C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe
() C:\Program Files (x86)\GetPrivate\GetPrivate.exe
() C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook.exe
(Crawler, LLC) C:\Program Files (x86)\PCTechHotline\PCTHHook64.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-09-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2539544 2014-03-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [738496 2013-10-25] ()
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-24] (APN)
HKLM-x32\...\Run: [PCFixSpeed] - C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [379240 2014-02-13] (Crawler.com)
HKLM-x32\...\Run: [PCTechHotline] - C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe [1905000 2014-02-13] (Crawler, LLC)
HKLM-x32\...\Run: [GetPrivate] - C:\Program Files (x86)\GetPrivate\GetPrivate.exe [481704 2013-08-15] ()
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM-x32\...\Run: [dnsshield] - C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe [214016 2013-11-29] ()
HKLM-x32\...\Runonce: [Solid Savings-repairJob] - wscript.exe "C:\Users\kristy\AppData\Local\Solid Savings\repair.js" "Solid Savings-repairJob" [X]
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [WeatherBug] - C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2013-11-13] ()
HKU\S-1-5-21-3592725670-1536567493-3193808415-1002\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-03] (Conduit)
AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-02-16] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)
AppInit_DLLs-x32:  c:\progra~2\optimi~1\optpro~1.dll => C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [2961368 2014-02-16] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: saveRoN - {9346A133-7754-99A2-E959-E3F79E5FFD0C} - C:\ProgramData\saveRoN\tphs5.x64.dll ()
BHO: QueenCouppon - {BC703536-93B5-A795-93AC-4B3C26ED5A3F} - C:\ProgramData\QueenCouppon\Ec.x64.dll ()
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: Perk Prize Panel - {47F3EB15-C230-4A0B-BE4B-D527FF483B48} - C:\Program Files (x86)\Perk Prize Panel\pp.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WordExtra - {8BA97046-C600-4264-B367-5DEFD9FC505F} - C:\Users\kristy\AppData\Roaming\WordExtra\temp.dat ()
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: saveRoN - {9346A133-7754-99A2-E959-E3F79E5FFD0C} - C:\ProgramData\saveRoN\tphs5.dll ()
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.250\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: QueenCouppon - {BC703536-93B5-A795-93AC-4B3C26ED5A3F} - C:\ProgramData\QueenCouppon\Ec.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.250\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll (AVG Secure Search)
Hosts: 54.204.28.26 ojbalidmphhoopheigckkcpldegcohhe
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{4812C5CE-A8E4-4360-BFA2-82D4A6998DB4}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{5B154EA1-6199-4D9D-8F53-0A8BBA93338E}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]184.172.114.130,208.43.110.90
Tcpip\..\Interfaces\{BFAB841B-6C58-4AFC-A412-9338AB343EF7}: [NameServer]184.172.114.130,208.43.110.90
 
FireFox:
========
FF ProfilePath: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default
FF user.js: detected! => C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\user.js
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: about:home
FF SearchEngineOrder.3: Bing 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: TopArcadeHits - C:\Users\kristy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-07-19]
FF Extension: The weDownload - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\ed149b31-2114-4948-bbf4-21fb338a9d9d@87b08077-a2a6-4480-a7a1-ade143a3d21e.com [2014-01-30]
FF Extension: WordExtra - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\korey@markus.me [2014-02-16]
FF Extension: WebCake - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\plugin@getwebcake.com [2013-07-09]
FF Extension: No Name - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\staged [2013-07-19]
FF Extension: Websteroids - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\support@websteroidsapp.com [2014-02-16]
FF Extension: TopArcadeHits - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-07-19]
FF Extension: SaveSense - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2014-01-30]
FF Extension: Snap.Do  - C:\Users\kristy\AppData\Roaming\Mozilla\Firefox\Profiles\ip0ip64k.default\Extensions\{9c2651bc-3966-4420-ad32-99cb6dc4e7bf} [2013-07-19]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org [2013-05-28]
FF Extension: LessTabs - C:\Program Files (x86)\Mozilla Firefox\extensions\lesstabs@lesstabs.com [2013-07-19]
FF Extension: WordExtra - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\korey@markus.me [2014-02-16]
FF HKCU\...\Firefox\Extensions: [pp@perk.com] - C:\Program Files (x86)\Perk Prize Panel\FF\
 
Chrome: 
=======
CHR RestoreOnStartup: "sync": {
      "suppress_start"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Websteroids) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb [2014-03-10]
CHR Extension: (AVG SafeGuard) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-03-19]
CHR Extension: (Solid Savings) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbalidmphhoopheigckkcpldegcohhe [2014-02-10]
CHR Extension: (MySearchDial) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2013-10-25]
CHR Extension: (Ask Toolbar) - C:\Users\kristy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pljcgbedjplidkdjahbaalanadmjfgop [2014-03-01]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.0.0.250\avg.crx [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\kristy\AppData\Local\mysearchdial-speeddial.crx [2013-10-25]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-02-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [186496 2014-02-16] ()
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-24] (APN LLC.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
R2 MovieMode; C:\ProgramData\MovieMode\MovieMode.exe [151184 2014-02-10] (GenTechnologies Apps, LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PCTechHotlineSvc; C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe [701800 2014-02-13] (Crawler, LLC)
R2 vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [1759768 2014-03-02] (AVG Secure Search)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-03-02] (AVG Technologies)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 EraserUtilDrv11310; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S1 lsnfd; system32\drivers\lsnfd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-20 13:04 - 2014-03-20 13:07 - 00026121 _____ () C:\Users\kristy\Downloads\FRST.txt
2014-03-20 13:03 - 2014-03-20 13:04 - 00000000 ____D () C:\FRST
2014-03-20 13:03 - 2014-03-20 13:03 - 02157056 _____ (Farbar) C:\Users\kristy\Downloads\FRST64.exe
2014-03-19 09:34 - 2014-03-19 09:34 - 00000000 ____D () C:\Program Files (x86)\Social Privacy  DNS
2014-03-19 06:02 - 2014-03-19 06:03 - 01699944 _____ (SafeInstall, LLC) C:\Users\kristy\Downloads\Unconfirmed 112302.crdownload
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\QueenCouppon
2014-03-18 10:30 - 2014-03-18 10:30 - 00000000 ____D () C:\ProgramData\ATI
2014-03-14 15:26 - 2014-03-14 15:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-13 07:46 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 07:46 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 07:46 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 07:45 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 07:45 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 07:45 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 07:45 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 07:45 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 07:45 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 07:45 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 07:45 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 07:45 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 07:45 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 07:45 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 07:45 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 07:45 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 07:45 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 07:45 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 07:45 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 07:45 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 07:45 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 07:45 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 07:45 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 07:45 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 07:45 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 07:45 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 07:45 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 07:45 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 07:45 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 07:45 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 07:45 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 07:45 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 07:45 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 07:45 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 07:45 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 07:45 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 07:45 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 07:45 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 07:45 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 07:45 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 07:45 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 07:45 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 07:45 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 07:45 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 07:44 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 07:44 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 07:44 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 07:44 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-07 22:12 - 2014-03-18 10:51 - 00000000 ____D () C:\ProgramData\4bf0f201094769a5
2014-03-07 22:12 - 2014-03-07 22:12 - 00000000 ____D () C:\Users\kristy\AppData\Local\Packages
2014-03-07 22:11 - 2014-03-07 22:12 - 00000000 ____D () C:\ProgramData\saveRoN
2014-03-05 17:37 - 2014-03-05 17:37 - 00000000 ____D () C:\Users\kristy\AppData\Local\Skype
2014-03-02 19:58 - 2014-03-02 19:58 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-01 19:48 - 2014-03-01 19:48 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Optimizer Pro
2014-03-01 19:35 - 2014-03-01 19:36 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PCFixSpeed
2014-03-01 19:04 - 2014-03-01 19:04 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PC Tech Hotline
2014-02-23 23:58 - 2014-02-23 23:58 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
 
==================== One Month Modified Files and Folders =======
 
2014-03-20 13:07 - 2014-03-20 13:04 - 00026121 _____ () C:\Users\kristy\Downloads\FRST.txt
2014-03-20 13:06 - 2009-07-14 00:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:06 - 2009-07-14 00:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 13:04 - 2014-03-20 13:03 - 00000000 ____D () C:\FRST
2014-03-20 13:03 - 2014-03-20 13:03 - 02157056 _____ (Farbar) C:\Users\kristy\Downloads\FRST64.exe
2014-03-20 13:02 - 2014-02-16 16:10 - 00000000 ____D () C:\Users\kristy\AppData\Local\MovieMode
2014-03-20 12:51 - 2014-01-21 22:07 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForkristy
2014-03-20 12:51 - 2014-01-21 22:07 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForkristy.job
2014-03-20 12:51 - 2012-09-12 20:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 12:50 - 2013-07-29 00:45 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 12:46 - 2013-10-25 20:49 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job
2014-03-20 12:15 - 2014-02-10 13:34 - 00000346 _____ () C:\Windows\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002.job
2014-03-20 11:25 - 2012-02-27 08:19 - 00000000 ____D () C:\Users\kristy\AppData\Local\CrashDumps
2014-03-20 11:24 - 2013-10-25 20:49 - 00039303 _____ () C:\Users\kristy\daemonprocess.txt
2014-03-20 11:24 - 2011-12-27 03:25 - 02046308 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 11:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-03-20 09:33 - 2014-02-10 13:34 - 00000346 _____ () C:\Windows\Tasks\bench-sys.job
2014-03-20 08:44 - 2012-08-04 22:22 - 00078595 _____ () C:\Windows\setupact.log
2014-03-20 06:48 - 2014-01-21 21:48 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-20 06:48 - 2013-07-29 00:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 06:48 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 15:23 - 2014-01-22 02:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-19 10:46 - 2012-11-08 19:32 - 00159912 _____ () C:\Windows\PFRO.log
2014-03-19 09:36 - 2009-07-14 01:13 - 00796552 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-19 09:34 - 2014-03-19 09:34 - 00000000 ____D () C:\Program Files (x86)\Social Privacy  DNS
2014-03-19 09:34 - 2014-02-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Perk Prize Panel
2014-03-19 09:33 - 2012-02-29 12:05 - 00771580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-19 09:30 - 2012-02-26 18:29 - 00000000 ___RD () C:\Users\kristy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-19 09:12 - 2011-08-31 14:05 - 00000000 ___HD () C:\HP
2014-03-19 06:03 - 2014-03-19 06:02 - 01699944 _____ (SafeInstall, LLC) C:\Users\kristy\Downloads\Unconfirmed 112302.crdownload
2014-03-18 20:00 - 2013-07-11 00:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 19:54 - 2012-03-22 16:54 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 10:51 - 2014-03-07 22:12 - 00000000 ____D () C:\ProgramData\4bf0f201094769a5
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\QueenCouppon
2014-03-18 10:30 - 2014-03-18 10:30 - 00000000 ____D () C:\ProgramData\ATI
2014-03-18 10:28 - 2012-02-26 18:20 - 00000000 ____D () C:\Users\kristy
2014-03-17 13:27 - 2013-10-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 13:27 - 2011-12-27 03:37 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-17 13:26 - 2013-10-29 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 13:26 - 2011-12-27 03:37 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-03-17 13:26 - 2011-12-27 03:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-17 13:26 - 2011-12-27 03:34 - 00000000 ____D () C:\Program Files\ATI
2014-03-17 13:26 - 2011-12-27 03:34 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-17 13:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-03-16 19:01 - 2011-10-14 16:32 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-16 19:00 - 2011-10-14 17:07 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-14 15:26 - 2014-03-14 15:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-14 15:26 - 2013-07-09 20:23 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-13 18:12 - 2013-01-15 17:37 - 00000450 ____H () C:\Windows\Tasks\Norton Security Scan for kristy.job
2014-03-13 17:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-13 12:05 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 00:50 - 2012-02-28 22:21 - 00000627 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-12 00:49 - 2012-03-06 22:07 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-10 19:22 - 2013-08-16 03:58 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Windows Live Writer
2014-03-10 19:21 - 2014-01-20 22:41 - 00000000 ____D () C:\Users\kristy\AppData\Local\Windows Live
2014-03-07 22:12 - 2014-03-07 22:12 - 00000000 ____D () C:\Users\kristy\AppData\Local\Packages
2014-03-07 22:12 - 2014-03-07 22:11 - 00000000 ____D () C:\ProgramData\saveRoN
2014-03-06 09:26 - 2014-02-16 15:38 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-05 17:58 - 2011-10-14 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 17:55 - 2012-02-28 19:53 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Skype
2014-03-05 17:37 - 2014-03-05 17:37 - 00000000 ____D () C:\Users\kristy\AppData\Local\Skype
2014-03-02 19:58 - 2014-03-02 19:58 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-02 19:55 - 2013-07-09 20:23 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-01 23:15 - 2013-10-25 20:48 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-01 19:48 - 2014-03-01 19:48 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\Optimizer Pro
2014-03-01 19:36 - 2014-03-01 19:35 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PCFixSpeed
2014-03-01 19:04 - 2014-03-01 19:04 - 00000000 ____D () C:\Users\kristy\AppData\Roaming\PC Tech Hotline
2014-03-01 18:35 - 2013-05-26 00:34 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-03-01 18:33 - 2014-02-16 15:41 - 00000000 ____D () C:\ProgramData\PCFixSpeed
2014-03-01 18:33 - 2014-02-16 15:33 - 00000000 ____D () C:\Users\kristy\Documents\BitLord
2014-03-01 18:33 - 2014-02-16 15:31 - 00000000 ___HD () C:\ProgramData\{C6829A37-2437-4FB1-BA29-7FAAC442ACC3}
2014-03-01 18:33 - 2014-02-10 13:34 - 00000000 ____D () C:\Users\kristy\AppData\Local\Solid Savings
2014-03-01 18:33 - 2014-01-29 15:59 - 00000000 ____D () C:\swsetup
2014-03-01 18:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-01 18:32 - 2014-02-16 15:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-01 18:32 - 2014-02-16 15:40 - 00000000 ____D () C:\Program Files (x86)\PCFixSpeed
2014-03-01 18:32 - 2014-02-16 15:32 - 00000000 ____D () C:\Program Files\Earth Networks
2014-03-01 18:32 - 2011-10-14 17:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 18:26 - 2013-09-15 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-01 18:25 - 2014-02-10 13:34 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-03-01 18:25 - 2014-01-29 07:48 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-03-01 02:05 - 2014-03-13 07:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-13 07:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-13 07:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-13 07:45 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-13 07:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-13 07:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-13 07:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-13 07:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-13 07:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-13 07:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-13 07:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-13 07:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-13 07:45 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-13 07:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-13 07:45 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-13 07:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-13 07:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-13 07:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-13 07:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-13 07:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-13 07:45 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-13 07:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-13 07:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-13 07:45 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-13 07:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-13 07:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-13 07:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-13 07:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-13 07:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-13 07:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-13 07:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-13 07:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-13 07:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-13 07:45 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-13 07:45 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-13 07:45 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-13 07:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-13 07:45 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-13 07:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-13 07:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 23:58 - 2014-02-23 23:58 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-02-23 23:55 - 2013-09-15 19:09 - 00000000 ____D () C:\ProgramData\Oracle
 
Some content of TEMP:
====================
C:\Users\kristy\AppData\Local\Temp\APNSetup.exe
C:\Users\kristy\AppData\Local\Temp\BackupSetup.exe
C:\Users\kristy\AppData\Local\Temp\BitLord_Installer.exe
C:\Users\kristy\AppData\Local\Temp\contentDATs.exe
C:\Users\kristy\AppData\Local\Temp\ICReinstall_ROM_Setup.exe
C:\Users\kristy\AppData\Local\Temp\mssinstaller.exe
C:\Users\kristy\AppData\Local\Temp\nsc9FEF.exe
C:\Users\kristy\AppData\Local\Temp\nseF866.exe
C:\Users\kristy\AppData\Local\Temp\nsh2764.exe
C:\Users\kristy\AppData\Local\Temp\nsh92F3.exe
C:\Users\kristy\AppData\Local\Temp\nsoA03.exe
C:\Users\kristy\AppData\Local\Temp\nsu45DD.exe
C:\Users\kristy\AppData\Local\Temp\nsx1DB3.exe
C:\Users\kristy\AppData\Local\Temp\nsz392F.exe
C:\Users\kristy\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\kristy\AppData\Local\Temp\sp64126.exe
C:\Users\kristy\AppData\Local\Temp\SPSetup.exe
C:\Users\kristy\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\kristy\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-13 17:20
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by kristy at 2014-03-20 13:09:38
Running from C:\Users\kristy\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0705.1115.18310 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60705.1113 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A03}) (Version: 12.10.3.34 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{B3C4ADC9-637E-DDD9-A66C-782AE5E2E667}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.0.250 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help English (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help French (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help German (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
ccc-utility64 (Version: 2011.0705.1115.18310 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
GetPrivate (HKLM-x32\...\GetPrivate) (Version: 1.0.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 28.0.1500.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version:  - MadMan Theory Games)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{41298BF3-DF6B-449C-BFB7-83663ECB5108}) (Version: 3.1.1.10184 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{288591DE-4151-4E8E-A698-C6EFF5DF00F9}) (Version: 2.0.1 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{AF240B18-034B-4A82-B3FC-0B879C4BAE2E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.0.1526.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.6.63 - GenTechnologies Apps, LLC)
Mozilla Firefox 18.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 18.0.2 (x86 en-US)) (Version: 18.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.7.5.5 - Symantec Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
PC Fix Speed 1.2.0.42 (HKLM-x32\...\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1) (Version: 1.2.0.42 - Crawler, LLC)
PC Tech Hotline (HKLM-x32\...\{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1) (Version: 3.0.0.4 - Crawler, LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QueenCouppon (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version:  - QueaenCoupon) <==== ATTENTION
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6461 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
ROM Manager Packages (HKCU\...\ROM Manager Packages) (Version:  - ) <==== ATTENTION
saveRoN (HKLM-x32\...\{66951628-3E5A-9C96-37EA-490E187974D5}) (Version:  - seaveron)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Social Privacy DNS (HKLM-x32\...\dnsshield) (Version:  - )
Solid Savings (HKLM-x32\...\32910_Solid Savings) (Version: 1.0 - Smart Apps)
Solid Savings (HKLM-x32\...\Solid Savings) (Version: 1.27.153.0 - Innovative Apps)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.5.29 - Earth Networks, Inc.)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WordExtra (HKCU\...\WordExtra) (Version: 1 - http://www.wordextra.com)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
05-03-2014 13:53:11 Windows Update
05-03-2014 21:55:23 Removed Skype™ 6.14
08-03-2014 22:39:06 Windows Update
09-03-2014 20:15:12 Windows Backup
12-03-2014 04:40:46 Windows Update
13-03-2014 15:06:53 Windows Update
16-03-2014 15:53:17 Windows Update
16-03-2014 22:50:38 Removed HP Support Assistant.
16-03-2014 23:02:01 Removed Microsoft Silverlight
18-03-2014 23:53:47 Windows Update
19-03-2014 13:18:38 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2014-03-03 23:01 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.204.28.26 ojbalidmphhoopheigckkcpldegcohhe
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {09C51F47-8630-4D58-BE14-E09947835DB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {153F9573-EB93-426D-9520-0812E0DD6437} - System32\Tasks\{18663FD4-24D8-4C6A-BF1D-FAA36DC80E59} => Chrome.exe 
Task: {1ADF6375-FEF3-4F68-98CF-47FEE9F6E2CF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {23DADE94-FCA3-49C0-95B3-05452C19CCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe
Task: {2CEA68B7-7B38-4761-9573-6403220C2B48} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-01-31] () <==== ATTENTION
Task: {311D49FE-AE8E-4546-A8F0-7269DE590DA9} - System32\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-01-31] () <==== ATTENTION
Task: {42687CA8-0BD3-4790-B65C-B67E7BB3F2D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-26] (Adobe Systems Incorporated)
Task: {77EFC973-2DFF-4369-A509-714534309701} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: {8E10A256-DCA1-4168-84EE-03864CC29363} - System32\Tasks\Updater26278.exe => C:\Users\kristy\AppData\Local\Updater26278\Updater26278.exe [2013-12-25] (Innovative Apps) <==== ATTENTION
Task: {9AAFD396-CC0A-40AA-AC06-2AF798349024} - System32\Tasks\HPCeeScheduleForkristy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AF50C359-DC34-4F3E-9248-F22B49A62B5A} - System32\Tasks\Norton Security Scan for kristy => C:\Program Files (x86)\Norton Security Scan\Engine\3.7.5.5\Nss.exe [2012-10-22] (Symantec Corporation)
Task: {CD9E8E92-0BF5-4DBA-B10A-29A75DD4F761} - System32\Tasks\MySearchDial => C:\Users\kristy\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {F065A3D6-D6AB-4C66-9747-DE8F8126E282} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
Task: {F3765232-24D8-4065-BFE3-52B157819CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-3592725670-1536567493-3193808415-1002.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForkristy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\kristy\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for kristy.job => C:\PROGRA~2\NORTON~2\Engine\375~1.5\Nss.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-16 15:32 - 2014-02-16 15:32 - 02681648 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll
2012-09-12 19:22 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-03-02 19:58 - 2014-03-02 19:55 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
2014-02-16 15:32 - 2013-11-13 15:08 - 00146736 _____ () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-07-28 21:29 - 2014-03-14 15:24 - 02539544 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-10-25 20:49 - 2013-10-25 21:04 - 00738496 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2013-08-15 08:28 - 2013-08-15 08:28 - 00481704 _____ () C:\Program Files (x86)\GetPrivate\GetPrivate.exe
2013-11-29 01:14 - 2013-11-29 01:14 - 00214016 _____ () C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
2011-07-05 15:13 - 2011-07-05 15:13 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 17:42 - 2011-06-17 17:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-16 15:32 - 2014-02-16 15:32 - 02961368 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-02-16 15:32 - 2014-02-16 15:32 - 00186496 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll
2014-03-02 19:58 - 2014-03-02 19:55 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll
2013-08-15 08:28 - 2013-08-15 08:28 - 01005992 _____ () C:\Program Files (x86)\GetPrivate\VPN.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 00601552 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 00123344 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 04052944 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 00396240 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
2013-07-31 16:11 - 2013-07-24 20:48 - 01597392 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
2013-07-31 16:11 - 2013-07-24 20:49 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:ECF54A0E
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMIMaint => 2
MSCONFIG\Services: LogMeIn => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\kristy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\kristy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\kristy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\kristy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/20/2014 11:25:12 AM) (Source: Application Error) (User: )
Description: Faulting application name: cltmngui.exe, version: 2.11.11.7, time stamp: 0x531483bc
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0xa50
Faulting application start time: 0xcltmngui.exe0
Faulting application path: cltmngui.exe1
Faulting module path: cltmngui.exe2
Report Id: cltmngui.exe3
 
Error: (03/20/2014 06:48:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 05:54:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: UPDATE~1.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0013d169
Faulting process id: 0x3434
Faulting application start time: 0xUPDATE~1.EXE0
Faulting application path: UPDATE~1.EXE1
Faulting module path: UPDATE~1.EXE2
Report Id: UPDATE~1.EXE3
 
Error: (03/19/2014 10:48:51 AM) (Source: Application Error) (User: )
Description: Faulting application name: PCFixTray.exe, version: 1.2.0.14, time stamp: 0x520de38f
Faulting module name: VERSION.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x73e74867
Faulting process id: 0xc14
Faulting application start time: 0xPCFixTray.exe0
Faulting application path: PCFixTray.exe1
Faulting module path: PCFixTray.exe2
Report Id: PCFixTray.exe3
 
Error: (03/19/2014 10:48:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 09:26:48 AM) (Source: Application Hang) (User: )
Description: The program WeatherBug.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f24
 
Start Time: 01cf435208b7bbca
 
Termination Time: 921
 
Application Path: C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
 
Report Id:
 
Error: (03/19/2014 05:03:42 AM) (Source: Application Error) (User: )
Description: Faulting application name: PCFixTray.exe, version: 1.2.0.14, time stamp: 0x520de38f
Faulting module name: VERSION.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x737d4867
Faulting process id: 0x10c0
Faulting application start time: 0xPCFixTray.exe0
Faulting application path: PCFixTray.exe1
Faulting module path: PCFixTray.exe2
Report Id: PCFixTray.exe3
 
Error: (03/19/2014 05:02:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 04:13:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: cltmngui.exe, version: 2.11.11.7, time stamp: 0x531483bc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00bbec48
Faulting process id: 0xa7c
Faulting application start time: 0xcltmngui.exe0
Faulting application path: cltmngui.exe1
Faulting module path: cltmngui.exe2
Report Id: cltmngui.exe3
 
Error: (03/18/2014 11:03:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: GetPrivate.exe, version: 1.0.0.1, time stamp: 0x520cc902
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x10f4
Faulting application start time: 0xGetPrivate.exe0
Faulting application path: GetPrivate.exe1
Faulting module path: GetPrivate.exe2
Report Id: GetPrivate.exe3
 
 
System errors:
=============
Error: (03/20/2014 06:50:41 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/20/2014 06:50:41 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/20/2014 06:49:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/20/2014 06:48:38 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
lsnfd
 
Error: (03/20/2014 06:48:25 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
Error: (03/19/2014 04:45:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MovieMode service.
 
Error: (03/19/2014 10:50:30 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053
 
Error: (03/19/2014 10:50:30 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (03/19/2014 10:48:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/19/2014 10:47:56 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
lsnfd
 
 
Microsoft Office Sessions:
=========================
Error: (03/20/2014 11:25:12 AM) (Source: Application Error)(User: )
Description: cltmngui.exe2.11.11.7531483bcole32.dll6.1.7601.175144ce7b96fc000000500039342a5001cf4429f171c583C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exeC:\Windows\syswow64\ole32.dlld3967df8-b043-11e3-af19-ec9a74fb5df5
 
Error: (03/20/2014 06:48:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2014 05:54:11 AM) (Source: Application Error)(User: )
Description: UPDATE~1.EXE0.0.0.02a425e19ole32.dll6.1.7601.175144ce7b96fc00000050013d169343401cf44220faaab1dC:\Users\kristy\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXEC:\Windows\syswow64\ole32.dll95746936-b015-11e3-8f3b-ec9a74fb5df5
 
Error: (03/19/2014 10:48:51 AM) (Source: Application Error)(User: )
Description: PCFixTray.exe1.2.0.14520de38fVERSION.dll_unloaded0.0.0.04a5bdb2bc000000573e74867c1401cf43824e884706C:\Program Files (x86)\PCFixSpeed\PCFixTray.exeVERSION.dll9539c8ae-af75-11e3-8f3b-ec9a74fb5df5
 
Error: (03/19/2014 10:48:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2014 09:26:48 AM) (Source: Application Hang)(User: )
Description: WeatherBug.exe1.0.0.0f2401cf435208b7bbca921C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
 
Error: (03/19/2014 05:03:42 AM) (Source: Application Error)(User: )
Description: PCFixTray.exe1.2.0.14520de38fVERSION.dll_unloaded0.0.0.04a5bdb2bc0000005737d486710c001cf435214bf28b9C:\Program Files (x86)\PCFixSpeed\PCFixTray.exeVERSION.dll5df0fc8b-af45-11e3-ae97-ec9a74fb5df5
 
Error: (03/19/2014 05:02:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/18/2014 04:13:12 PM) (Source: Application Error)(User: )
Description: cltmngui.exe2.11.11.7531483bcunknown0.0.0.000000000c000000500bbec48a7c01cf42b64d361bd9C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exeunknownbab558df-aed9-11e3-afca-ec9a74fb5df5
 
Error: (03/18/2014 11:03:44 AM) (Source: Application Error)(User: )
Description: GetPrivate.exe1.0.0.1520cc902unknown0.0.0.000000000c00000050000000010f401cf42b678a9a5fdC:\Program Files (x86)\GetPrivate\GetPrivate.exeunknown7f1cc80f-aeae-11e3-afca-ec9a74fb5df5
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 1642.91 MB
Available physical RAM: 554.36 MB
Total Pagefile: 3285.81 MB
Available Pagefile: 1354.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:209.33 GB) (Free:117.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.39 GB) (Free:2.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.55 GB) FAT32
Drive f: (YOGA_X) (CDROM) (Total:3.79 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 27F7617E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End Of Log ============================


#6 jenrtris

jenrtris
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 20 March 2014 - 12:46 PM

13:40:44.0300 11644  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:40:54.0145 11644  ============================================================
13:40:54.0146 11644  Current date / time: 2014/03/20 13:40:54.0145
13:40:54.0146 11644  SystemInfo:
13:40:54.0146 11644  
13:40:54.0146 11644  OS Version: 6.1.7601 ServicePack: 1.0
13:40:54.0146 11644  Product type: Workstation
13:40:54.0146 11644  ComputerName: KRISTY-HP
13:40:54.0174 11644  UserName: kristy
13:40:54.0174 11644  Windows directory: C:\Windows
13:40:54.0174 11644  System windows directory: C:\Windows
13:40:54.0174 11644  Running under WOW64
13:40:54.0174 11644  Processor architecture: Intel x64
13:40:54.0174 11644  Number of processors: 2
13:40:54.0174 11644  Page size: 0x1000
13:40:54.0174 11644  Boot type: Normal boot
13:40:54.0175 11644  ============================================================
13:40:56.0719 11644  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:40:56.0741 11644  ============================================================
13:40:56.0741 11644  \Device\Harddisk0\DR0:
13:40:56.0741 11644  MBR partitions:
13:40:56.0741 11644  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:40:56.0741 11644  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1A2AA800
13:40:56.0741 11644  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1A30E800, BlocksNum 0x26C7000
13:40:56.0741 11644  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1C9D5800, BlocksNum 0x7EF800
13:40:56.0741 11644  ============================================================
13:40:56.0744 11644  C: <-> \Device\Harddisk0\DR0\Partition2
13:40:56.0802 11644  D: <-> \Device\Harddisk0\DR0\Partition3
13:40:56.0823 11644  E: <-> \Device\Harddisk0\DR0\Partition4
13:40:56.0824 11644  ============================================================
13:40:56.0824 11644  Initialize success
13:40:56.0824 11644  ============================================================
13:41:06.0900 14428  ============================================================
13:41:06.0900 14428  Scan started
13:41:06.0901 14428  Mode: Manual; 
13:41:06.0901 14428  ============================================================
13:41:07.0232 14428  ================ Scan system memory ========================
13:41:07.0232 14428  System memory - ok
13:41:07.0242 14428  ================ Scan services =============================
13:41:07.0526 14428  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:41:07.0533 14428  1394ohci - ok
13:41:07.0616 14428  [ DD81D91FF3B0763C392422865C9AC12E ] 70e6ca8c        C:\Windows\system32\rundll32.exe
13:41:07.0623 14428  70e6ca8c - ok
13:41:07.0650 14428  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:41:07.0665 14428  ACPI - ok
13:41:07.0695 14428  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:41:07.0698 14428  AcpiPmi - ok
13:41:07.0831 14428  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:41:07.0838 14428  AdobeFlashPlayerUpdateSvc - ok
13:41:07.0898 14428  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:41:07.0926 14428  adp94xx - ok
13:41:07.0977 14428  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:41:07.0988 14428  adpahci - ok
13:41:08.0023 14428  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:41:08.0029 14428  adpu320 - ok
13:41:08.0083 14428  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:41:08.0087 14428  AeLookupSvc - ok
13:41:08.0153 14428  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:41:08.0158 14428  AERTFilters - ok
13:41:08.0202 14428  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
13:41:08.0213 14428  AFD - ok
13:41:08.0311 14428  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:41:08.0315 14428  agp440 - ok
13:41:08.0349 14428  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:41:08.0353 14428  ALG - ok
13:41:08.0382 14428  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:41:08.0386 14428  aliide - ok
13:41:08.0426 14428  [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:41:08.0432 14428  AMD External Events Utility - ok
13:41:08.0477 14428  AMD FUEL Service - ok
13:41:08.0525 14428  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:41:08.0528 14428  amdide - ok
13:41:08.0568 14428  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
13:41:08.0572 14428  amdiox64 - ok
13:41:08.0618 14428  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:41:08.0622 14428  AmdK8 - ok
13:41:08.0895 14428  [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:41:09.0136 14428  amdkmdag - ok
13:41:09.0208 14428  [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:41:09.0215 14428  amdkmdap - ok
13:41:09.0254 14428  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:41:09.0258 14428  AmdPPM - ok
13:41:09.0297 14428  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:41:09.0303 14428  amdsata - ok
13:41:09.0365 14428  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:41:09.0372 14428  amdsbs - ok
13:41:09.0412 14428  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:41:09.0416 14428  amdxata - ok
13:41:09.0440 14428  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
13:41:09.0442 14428  amd_sata - ok
13:41:09.0458 14428  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
13:41:09.0466 14428  amd_xata - ok
13:41:09.0633 14428  [ B342CD9AA44E4AE99E2368EBDBC2E17A ] APNMCP          C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
13:41:09.0638 14428  APNMCP - ok
13:41:09.0700 14428  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:41:09.0704 14428  AppID - ok
13:41:09.0747 14428  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:41:09.0750 14428  AppIDSvc - ok
13:41:09.0811 14428  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
13:41:09.0814 14428  Appinfo - ok
13:41:09.0855 14428  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:41:09.0860 14428  arc - ok
13:41:09.0904 14428  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:41:09.0908 14428  arcsas - ok
13:41:10.0101 14428  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:41:10.0150 14428  aspnet_state - ok
13:41:10.0193 14428  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:41:10.0198 14428  AsyncMac - ok
13:41:10.0240 14428  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:41:10.0243 14428  atapi - ok
13:41:10.0305 14428  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:41:10.0330 14428  AudioEndpointBuilder - ok
13:41:10.0382 14428  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:41:10.0391 14428  AudioSrv - ok
13:41:10.0470 14428  [ D23F69FA8C0C94C4FE57B57D50F6DB66 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
13:41:10.0487 14428  avgtp - ok
13:41:10.0514 14428  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:41:10.0519 14428  AxInstSV - ok
13:41:10.0621 14428  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:41:10.0633 14428  b06bdrv - ok
13:41:10.0689 14428  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:41:10.0698 14428  b57nd60a - ok
13:41:10.0779 14428  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:41:10.0814 14428  BCM43XX - ok
13:41:10.0845 14428  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:41:10.0852 14428  BDESVC - ok
13:41:10.0884 14428  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:41:10.0887 14428  Beep - ok
13:41:10.0964 14428  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:41:10.0987 14428  BFE - ok
13:41:11.0062 14428  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:41:11.0100 14428  BITS - ok
13:41:11.0126 14428  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:41:11.0131 14428  blbdrive - ok
13:41:11.0178 14428  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:41:11.0188 14428  Bonjour Service - ok
13:41:11.0237 14428  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:41:11.0241 14428  bowser - ok
13:41:11.0272 14428  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:41:11.0275 14428  BrFiltLo - ok
13:41:11.0313 14428  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:41:11.0316 14428  BrFiltUp - ok
13:41:11.0348 14428  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:41:11.0353 14428  Browser - ok
13:41:11.0390 14428  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:41:11.0398 14428  Brserid - ok
13:41:11.0429 14428  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:41:11.0433 14428  BrSerWdm - ok
13:41:11.0456 14428  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:41:11.0460 14428  BrUsbMdm - ok
13:41:11.0487 14428  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:41:11.0490 14428  BrUsbSer - ok
13:41:11.0528 14428  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:41:11.0532 14428  BTHMODEM - ok
13:41:11.0585 14428  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:41:11.0589 14428  bthserv - ok
13:41:11.0626 14428  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:41:11.0632 14428  cdfs - ok
13:41:11.0663 14428  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:41:11.0670 14428  cdrom - ok
13:41:11.0715 14428  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:41:11.0719 14428  CertPropSvc - ok
13:41:11.0771 14428  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:41:11.0774 14428  circlass - ok
13:41:11.0819 14428  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:41:11.0828 14428  CLFS - ok
13:41:11.0917 14428  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:41:11.0924 14428  clr_optimization_v2.0.50727_32 - ok
13:41:11.0986 14428  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:41:11.0995 14428  clr_optimization_v2.0.50727_64 - ok
13:41:12.0127 14428  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:41:12.0188 14428  clr_optimization_v4.0.30319_32 - ok
13:41:12.0245 14428  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:41:12.0329 14428  clr_optimization_v4.0.30319_64 - ok
13:41:12.0643 14428  [ C1816A6EFA5286773126F2743BC1ED56 ] CltMngSvc       C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
13:41:12.0693 14428  CltMngSvc - ok
13:41:12.0717 14428  clwvd - ok
13:41:12.0778 14428  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:41:12.0781 14428  CmBatt - ok
13:41:12.0811 14428  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:41:12.0815 14428  cmdide - ok
13:41:12.0873 14428  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:41:12.0884 14428  CNG - ok
13:41:12.0912 14428  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:41:12.0916 14428  Compbatt - ok
13:41:12.0967 14428  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:41:12.0971 14428  CompositeBus - ok
13:41:12.0989 14428  COMSysApp - ok
13:41:13.0033 14428  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:41:13.0036 14428  crcdisk - ok
13:41:13.0083 14428  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:41:13.0088 14428  CryptSvc - ok
13:41:13.0166 14428  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:41:13.0189 14428  DcomLaunch - ok
13:41:13.0235 14428  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:41:13.0244 14428  defragsvc - ok
13:41:13.0299 14428  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:41:13.0304 14428  DfsC - ok
13:41:13.0354 14428  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:41:13.0362 14428  Dhcp - ok
13:41:13.0398 14428  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:41:13.0403 14428  discache - ok
13:41:13.0478 14428  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:41:13.0482 14428  Disk - ok
13:41:13.0560 14428  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:41:13.0566 14428  Dnscache - ok
13:41:13.0616 14428  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:41:13.0624 14428  dot3svc - ok
13:41:13.0654 14428  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:41:13.0660 14428  DPS - ok
13:41:13.0732 14428  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:41:13.0735 14428  drmkaud - ok
13:41:13.0796 14428  [ 53BD875C7C0808235BFB803C1A8BE009 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:41:13.0829 14428  DXGKrnl - ok
13:41:13.0870 14428  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:41:13.0875 14428  EapHost - ok
13:41:14.0001 14428  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:41:14.0111 14428  ebdrv - ok
13:41:14.0172 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
13:41:14.0177 14428  EFS - ok
13:41:14.0270 14428  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:41:14.0296 14428  ehRecvr - ok
13:41:14.0332 14428  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:41:14.0337 14428  ehSched - ok
13:41:14.0392 14428  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:41:14.0415 14428  elxstor - ok
13:41:14.0500 14428  EraserUtilDrv11310 - ok
13:41:14.0536 14428  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:41:14.0540 14428  ErrDev - ok
13:41:14.0634 14428  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:41:14.0644 14428  EventSystem - ok
13:41:14.0696 14428  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:41:14.0703 14428  exfat - ok
13:41:14.0732 14428  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:41:14.0738 14428  fastfat - ok
13:41:14.0778 14428  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:41:14.0803 14428  Fax - ok
13:41:14.0832 14428  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:41:14.0836 14428  fdc - ok
13:41:14.0865 14428  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:41:14.0869 14428  fdPHost - ok
13:41:14.0918 14428  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:41:14.0922 14428  FDResPub - ok
13:41:14.0947 14428  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:41:14.0952 14428  FileInfo - ok
13:41:14.0985 14428  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:41:14.0989 14428  Filetrace - ok
13:41:15.0031 14428  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:41:15.0034 14428  flpydisk - ok
13:41:15.0071 14428  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:41:15.0079 14428  FltMgr - ok
13:41:15.0158 14428  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:41:15.0195 14428  FontCache - ok
13:41:15.0258 14428  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:41:15.0262 14428  FontCache3.0.0.0 - ok
13:41:15.0306 14428  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:41:15.0310 14428  FsDepends - ok
13:41:15.0394 14428  [ B3EB502D2C3F47C47415F85387DFAEF1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:41:15.0397 14428  fssfltr - ok
13:41:15.0488 14428  [ B6AB40819ECEC4BA07266EC0EBBC85A7 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:41:15.0547 14428  fsssvc - ok
13:41:15.0637 14428  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:41:15.0640 14428  Fs_Rec - ok
13:41:15.0687 14428  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:41:15.0695 14428  fvevol - ok
13:41:15.0738 14428  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:41:15.0742 14428  gagp30kx - ok
13:41:15.0812 14428  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:41:15.0818 14428  GamesAppService - ok
13:41:15.0866 14428  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:41:15.0894 14428  gpsvc - ok
13:41:15.0962 14428  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:15.0967 14428  gupdate - ok
13:41:15.0988 14428  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:15.0990 14428  gupdatem - ok
13:41:16.0068 14428  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:41:16.0071 14428  hcw85cir - ok
13:41:16.0107 14428  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:41:16.0116 14428  HdAudAddService - ok
13:41:16.0148 14428  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:41:16.0154 14428  HDAudBus - ok
13:41:16.0191 14428  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:41:16.0194 14428  HidBatt - ok
13:41:16.0225 14428  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:41:16.0230 14428  HidBth - ok
13:41:16.0262 14428  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:41:16.0265 14428  HidIr - ok
13:41:16.0302 14428  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:41:16.0307 14428  hidserv - ok
13:41:16.0357 14428  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:41:16.0360 14428  HidUsb - ok
13:41:16.0394 14428  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:41:16.0400 14428  hkmsvc - ok
13:41:16.0439 14428  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:41:16.0447 14428  HomeGroupListener - ok
13:41:16.0481 14428  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:41:16.0489 14428  HomeGroupProvider - ok
13:41:16.0552 14428  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:41:16.0561 14428  HPClientSvc - ok
13:41:16.0680 14428  [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:41:16.0715 14428  hpqwmiex - ok
13:41:16.0758 14428  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:41:16.0777 14428  HpSAMD - ok
13:41:16.0850 14428  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:41:16.0853 14428  HPWMISVC - ok
13:41:16.0931 14428  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:41:16.0959 14428  HTTP - ok
13:41:17.0006 14428  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:41:17.0009 14428  hwpolicy - ok
13:41:17.0087 14428  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:41:17.0096 14428  i8042prt - ok
13:41:17.0163 14428  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:41:17.0172 14428  iaStorV - ok
13:41:17.0303 14428  [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:41:21.0086 14428  IconMan_R - ok
13:41:21.0258 14428  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:41:21.0263 14428  IDriverT - ok
13:41:21.0366 14428  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:41:21.0463 14428  idsvc - ok
13:41:21.0525 14428  IEEtwCollectorService - ok
13:41:21.0593 14428  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:41:21.0596 14428  iirsp - ok
13:41:21.0667 14428  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:41:21.0701 14428  IKEEXT - ok
13:41:21.0811 14428  [ E395D888EF6D3777134A9E09FF7582C2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:41:21.0892 14428  IntcAzAudAddService - ok
13:41:22.0028 14428  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:41:22.0044 14428  intelide - ok
13:41:22.0103 14428  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:41:22.0106 14428  intelppm - ok
13:41:22.0160 14428  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:41:22.0165 14428  IPBusEnum - ok
13:41:22.0195 14428  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:22.0199 14428  IpFilterDriver - ok
13:41:22.0284 14428  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:41:22.0309 14428  iphlpsvc - ok
13:41:22.0344 14428  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:41:22.0350 14428  IPMIDRV - ok
13:41:22.0382 14428  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:41:22.0387 14428  IPNAT - ok
13:41:22.0412 14428  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:41:22.0415 14428  IRENUM - ok
13:41:22.0457 14428  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:41:22.0461 14428  isapnp - ok
13:41:22.0503 14428  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:41:22.0512 14428  iScsiPrt - ok
13:41:22.0542 14428  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:41:22.0546 14428  kbdclass - ok
13:41:22.0587 14428  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:41:22.0591 14428  kbdhid - ok
13:41:22.0636 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
13:41:22.0640 14428  KeyIso - ok
13:41:22.0672 14428  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:41:22.0676 14428  KSecDD - ok
13:41:22.0743 14428  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:41:22.0749 14428  KSecPkg - ok
13:41:22.0774 14428  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:41:22.0780 14428  ksthunk - ok
13:41:22.0843 14428  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:41:22.0867 14428  KtmRm - ok
13:41:22.0914 14428  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:41:22.0929 14428  LanmanServer - ok
13:41:22.0951 14428  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:41:22.0961 14428  LanmanWorkstation - ok
13:41:23.0013 14428  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:41:23.0017 14428  lltdio - ok
13:41:23.0063 14428  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:41:23.0073 14428  lltdsvc - ok
13:41:23.0115 14428  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:41:23.0120 14428  lmhosts - ok
13:41:23.0165 14428  LMIGuardianSvc - ok
13:41:23.0189 14428  LMIInfo - ok
13:41:23.0239 14428  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
13:41:23.0242 14428  lmimirr - ok
13:41:23.0268 14428  LMIRfsClientNP - ok
13:41:23.0297 14428  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
13:41:23.0300 14428  LMIRfsDriver - ok
13:41:23.0371 14428  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:41:23.0376 14428  LSI_FC - ok
13:41:23.0395 14428  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:41:23.0399 14428  LSI_SAS - ok
13:41:23.0421 14428  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:41:23.0425 14428  LSI_SAS2 - ok
13:41:23.0466 14428  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:41:23.0470 14428  LSI_SCSI - ok
13:41:23.0503 14428  lsnfd - ok
13:41:23.0549 14428  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:41:23.0553 14428  luafv - ok
13:41:23.0597 14428  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:41:23.0603 14428  Mcx2Svc - ok
13:41:23.0643 14428  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:41:23.0647 14428  megasas - ok
13:41:23.0681 14428  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:41:23.0689 14428  MegaSR - ok
13:41:23.0721 14428  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:41:23.0727 14428  MMCSS - ok
13:41:23.0755 14428  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:41:23.0759 14428  Modem - ok
13:41:23.0803 14428  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:41:23.0806 14428  monitor - ok
13:41:23.0843 14428  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:41:23.0847 14428  mouclass - ok
13:41:23.0893 14428  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:41:23.0897 14428  mouhid - ok
13:41:23.0929 14428  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:41:23.0934 14428  mountmgr - ok
13:41:24.0105 14428  [ D3BBF70D390C9B8090DC4A7D53E73AC7 ] MovieMode       C:\ProgramData\MovieMode\MovieModeService.exe
13:41:24.0109 14428  MovieMode - ok
13:41:24.0169 14428  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:41:24.0175 14428  MpFilter - ok
13:41:24.0206 14428  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:41:24.0212 14428  mpio - ok
13:41:24.0239 14428  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:41:24.0244 14428  mpsdrv - ok
13:41:24.0303 14428  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:41:24.0337 14428  MpsSvc - ok
13:41:24.0409 14428  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:41:24.0415 14428  MRxDAV - ok
13:41:24.0459 14428  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:24.0465 14428  mrxsmb - ok
13:41:24.0494 14428  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:41:24.0501 14428  mrxsmb10 - ok
13:41:24.0528 14428  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:41:24.0533 14428  mrxsmb20 - ok
13:41:24.0600 14428  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:41:24.0603 14428  msahci - ok
13:41:24.0647 14428  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:41:24.0652 14428  msdsm - ok
13:41:24.0683 14428  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:41:24.0727 14428  MSDTC - ok
13:41:24.0832 14428  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:41:24.0846 14428  Msfs - ok
13:41:24.0882 14428  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:41:24.0885 14428  mshidkmdf - ok
13:41:24.0914 14428  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:41:24.0917 14428  msisadrv - ok
13:41:24.0960 14428  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:41:24.0967 14428  MSiSCSI - ok
13:41:24.0984 14428  msiserver - ok
13:41:25.0019 14428  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:41:25.0022 14428  MSKSSRV - ok
13:41:25.0085 14428  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:41:25.0088 14428  MsMpSvc - ok
13:41:25.0101 14428  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:41:25.0104 14428  MSPCLOCK - ok
13:41:25.0127 14428  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:41:25.0130 14428  MSPQM - ok
13:41:25.0170 14428  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:41:25.0179 14428  MsRPC - ok
13:41:25.0220 14428  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:41:25.0224 14428  mssmbios - ok
13:41:25.0236 14428  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:41:25.0239 14428  MSTEE - ok
13:41:25.0273 14428  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:41:25.0277 14428  MTConfig - ok
13:41:25.0312 14428  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:41:25.0315 14428  Mup - ok
13:41:25.0363 14428  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:41:25.0389 14428  napagent - ok
13:41:25.0442 14428  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:41:25.0449 14428  NativeWifiP - ok
13:41:25.0518 14428  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:41:25.0552 14428  NDIS - ok
13:41:25.0621 14428  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:41:25.0625 14428  NdisCap - ok
13:41:25.0669 14428  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:41:25.0672 14428  NdisTapi - ok
13:41:25.0710 14428  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:41:25.0714 14428  Ndisuio - ok
13:41:25.0753 14428  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:25.0758 14428  NdisWan - ok
13:41:25.0790 14428  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:41:25.0794 14428  NDProxy - ok
13:41:25.0821 14428  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:41:25.0826 14428  NetBIOS - ok
13:41:25.0862 14428  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:41:25.0869 14428  NetBT - ok
13:41:25.0915 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
13:41:25.0918 14428  Netlogon - ok
13:41:25.0949 14428  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:41:25.0961 14428  Netman - ok
13:41:26.0125 14428  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:41:26.0170 14428  NetMsmqActivator - ok
13:41:26.0207 14428  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:41:26.0210 14428  NetPipeActivator - ok
13:41:26.0267 14428  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:41:26.0291 14428  netprofm - ok
13:41:26.0385 14428  [ 9C745041E72576251BC93709633E89FF ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
13:41:26.0446 14428  netr28x - ok
13:41:26.0495 14428  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:41:26.0498 14428  NetTcpActivator - ok
13:41:26.0528 14428  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:41:26.0531 14428  NetTcpPortSharing - ok
13:41:26.0597 14428  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:41:26.0603 14428  nfrd960 - ok
13:41:26.0670 14428  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:41:26.0675 14428  NisDrv - ok
13:41:26.0733 14428  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:41:26.0741 14428  NisSrv - ok
13:41:26.0815 14428  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:41:26.0824 14428  NlaSvc - ok
13:41:26.0859 14428  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:41:26.0863 14428  Npfs - ok
13:41:26.0904 14428  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:41:26.0909 14428  nsi - ok
13:41:26.0952 14428  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:41:26.0956 14428  nsiproxy - ok
13:41:27.0055 14428  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:41:27.0104 14428  Ntfs - ok
13:41:27.0145 14428  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:41:27.0167 14428  Null - ok
13:41:27.0230 14428  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
13:41:27.0240 14428  NVENETFD - ok
13:41:27.0284 14428  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:41:27.0289 14428  nvraid - ok
13:41:27.0330 14428  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:41:27.0336 14428  nvstor - ok
13:41:27.0385 14428  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:41:27.0390 14428  nv_agp - ok
13:41:27.0437 14428  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:41:27.0442 14428  ohci1394 - ok
13:41:27.0490 14428  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:41:27.0501 14428  p2pimsvc - ok
13:41:27.0549 14428  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:41:27.0572 14428  p2psvc - ok
13:41:27.0601 14428  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:41:27.0606 14428  Parport - ok
13:41:27.0648 14428  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:41:27.0653 14428  partmgr - ok
13:41:27.0681 14428  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:41:27.0689 14428  PcaSvc - ok
13:41:27.0747 14428  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:41:27.0753 14428  pci - ok
13:41:27.0786 14428  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:41:27.0789 14428  pciide - ok
13:41:27.0820 14428  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:41:27.0827 14428  pcmcia - ok
13:41:27.0948 14428  [ 2503031F72CA4D2C300E2868B265934A ] PCTechHotlineSvc C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe
13:41:27.0977 14428  PCTechHotlineSvc - ok
13:41:28.0023 14428  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:41:28.0028 14428  pcw - ok
13:41:28.0068 14428  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:41:28.0093 14428  PEAUTH - ok
13:41:28.0195 14428  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:41:28.0250 14428  PerfHost - ok
13:41:28.0395 14428  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:41:28.0442 14428  pla - ok
13:41:28.0499 14428  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:41:28.0522 14428  PlugPlay - ok
13:41:28.0596 14428  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:41:28.0617 14428  PNRPAutoReg - ok
13:41:28.0765 14428  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:41:28.0773 14428  PNRPsvc - ok
13:41:28.0830 14428  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:41:28.0866 14428  PolicyAgent - ok
13:41:28.0964 14428  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:41:28.0974 14428  Power - ok
13:41:29.0026 14428  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:41:29.0031 14428  PptpMiniport - ok
13:41:29.0071 14428  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:41:29.0075 14428  Processor - ok
13:41:29.0144 14428  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:41:29.0155 14428  ProfSvc - ok
13:41:29.0220 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
13:41:29.0226 14428  ProtectedStorage - ok
13:41:29.0289 14428  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:41:29.0297 14428  Psched - ok
13:41:29.0442 14428  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:41:29.0484 14428  ql2300 - ok
13:41:29.0549 14428  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:41:29.0557 14428  ql40xx - ok
13:41:29.0599 14428  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:41:29.0609 14428  QWAVE - ok
13:41:29.0650 14428  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:41:29.0654 14428  QWAVEdrv - ok
13:41:29.0727 14428  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:41:29.0731 14428  RasAcd - ok
13:41:29.0762 14428  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:41:29.0776 14428  RasAgileVpn - ok
13:41:29.0867 14428  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:41:29.0874 14428  RasAuto - ok
13:41:29.0934 14428  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:41:29.0941 14428  Rasl2tp - ok
13:41:29.0990 14428  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:41:30.0029 14428  RasMan - ok
13:41:30.0069 14428  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:30.0074 14428  RasPppoe - ok
13:41:30.0119 14428  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:41:30.0123 14428  RasSstp - ok
13:41:30.0198 14428  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:41:30.0216 14428  rdbss - ok
13:41:30.0275 14428  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:41:30.0278 14428  rdpbus - ok
13:41:30.0322 14428  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:41:30.0325 14428  RDPCDD - ok
13:41:30.0368 14428  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:41:30.0371 14428  RDPENCDD - ok
13:41:30.0430 14428  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:41:30.0432 14428  RDPREFMP - ok
13:41:30.0512 14428  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:41:30.0529 14428  RDPWD - ok
13:41:30.0605 14428  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:41:30.0612 14428  rdyboost - ok
13:41:30.0698 14428  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:41:30.0705 14428  RemoteAccess - ok
13:41:30.0742 14428  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:41:30.0751 14428  RemoteRegistry - ok
13:41:30.0779 14428  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:41:30.0785 14428  RpcEptMapper - ok
13:41:30.0814 14428  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:41:30.0820 14428  RpcLocator - ok
13:41:30.0908 14428  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:41:30.0920 14428  RpcSs - ok
13:41:30.0966 14428  [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
13:41:30.0976 14428  RSPCIESTOR - ok
13:41:31.0009 14428  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:41:31.0014 14428  rspndr - ok
13:41:31.0090 14428  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:41:31.0113 14428  RTL8167 - ok
13:41:31.0145 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
13:41:31.0148 14428  SamSs - ok
13:41:31.0192 14428  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:41:31.0197 14428  sbp2port - ok
13:41:31.0241 14428  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:41:31.0264 14428  SCardSvr - ok
13:41:31.0310 14428  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:41:31.0313 14428  scfilter - ok
13:41:31.0383 14428  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:41:31.0429 14428  Schedule - ok
13:41:31.0470 14428  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:41:31.0473 14428  SCPolicySvc - ok
13:41:31.0514 14428  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:41:31.0519 14428  sdbus - ok
13:41:31.0571 14428  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:41:31.0582 14428  SDRSVC - ok
13:41:31.0626 14428  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:41:31.0630 14428  secdrv - ok
13:41:31.0657 14428  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:41:31.0664 14428  seclogon - ok
13:41:31.0699 14428  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:41:31.0705 14428  SENS - ok
13:41:31.0742 14428  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:41:31.0749 14428  SensrSvc - ok
13:41:31.0788 14428  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:41:31.0792 14428  Serenum - ok
13:41:31.0827 14428  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
13:41:31.0831 14428  Serial - ok
13:41:31.0887 14428  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:41:31.0913 14428  sermouse - ok
13:41:31.0990 14428  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:41:31.0997 14428  SessionEnv - ok
13:41:32.0039 14428  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:41:32.0043 14428  sffdisk - ok
13:41:32.0118 14428  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:41:32.0121 14428  sffp_mmc - ok
13:41:32.0149 14428  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:41:32.0152 14428  sffp_sd - ok
13:41:32.0184 14428  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:41:32.0187 14428  sfloppy - ok
13:41:32.0334 14428  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:41:32.0344 14428  SharedAccess - ok
13:41:32.0470 14428  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:41:32.0497 14428  ShellHWDetection - ok
13:41:32.0582 14428  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:41:32.0586 14428  SiSRaid2 - ok
13:41:32.0632 14428  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:41:32.0637 14428  SiSRaid4 - ok
13:41:32.0690 14428  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:41:32.0694 14428  Smb - ok
13:41:32.0758 14428  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:41:32.0765 14428  SNMPTRAP - ok
13:41:32.0786 14428  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:41:32.0789 14428  spldr - ok
13:41:32.0867 14428  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:41:32.0982 14428  Spooler - ok
13:41:33.0138 14428  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:41:33.0276 14428  sppsvc - ok
13:41:33.0318 14428  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:41:33.0325 14428  sppuinotify - ok
13:41:33.0370 14428  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:41:33.0397 14428  srv - ok
13:41:33.0427 14428  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:41:33.0437 14428  srv2 - ok
13:41:33.0519 14428  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:41:33.0563 14428  SrvHsfHDA - ok
13:41:33.0662 14428  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:41:33.0709 14428  SrvHsfV92 - ok
13:41:33.0773 14428  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:41:33.0796 14428  SrvHsfWinac - ok
13:41:33.0837 14428  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:41:33.0844 14428  srvnet - ok
13:41:33.0997 14428  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
13:41:34.0004 14428  ssadbus - ok
13:41:34.0067 14428  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:41:34.0071 14428  ssadmdfl - ok
13:41:34.0098 14428  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
13:41:34.0104 14428  ssadmdm - ok
13:41:34.0163 14428  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
13:41:34.0168 14428  ssadserd - ok
13:41:34.0220 14428  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:41:34.0229 14428  SSDPSRV - ok
13:41:34.0257 14428  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:41:34.0265 14428  SstpSvc - ok
13:41:34.0426 14428  [ 5FFDA96330357A914A69D79BE1988A38 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:41:34.0451 14428  Steam Client Service - ok
13:41:34.0499 14428  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:41:34.0532 14428  stexstor - ok
13:41:34.0623 14428  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:41:34.0651 14428  stisvc - ok
13:41:34.0693 14428  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:41:34.0696 14428  swenum - ok
13:41:34.0743 14428  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:41:34.0766 14428  swprv - ok
13:41:34.0829 14428  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:41:34.0851 14428  SynTP - ok
13:41:35.0006 14428  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:41:35.0063 14428  SysMain - ok
13:41:35.0095 14428  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:41:35.0104 14428  TabletInputService - ok
13:41:35.0143 14428  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:41:35.0166 14428  TapiSrv - ok
13:41:35.0199 14428  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:41:35.0207 14428  TBS - ok
13:41:35.0305 14428  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:41:35.0356 14428  Tcpip - ok
13:41:35.0463 14428  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:41:35.0484 14428  TCPIP6 - ok
13:41:35.0570 14428  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:41:35.0575 14428  tcpipreg - ok
13:41:35.0680 14428  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:41:35.0683 14428  TDPIPE - ok
13:41:35.0732 14428  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:41:35.0735 14428  TDTCP - ok
13:41:35.0787 14428  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:41:35.0792 14428  tdx - ok
13:41:35.0830 14428  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:41:35.0837 14428  TermDD - ok
13:41:35.0898 14428  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:41:35.0930 14428  TermService - ok
13:41:35.0966 14428  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:41:35.0974 14428  Themes - ok
13:41:36.0055 14428  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:41:36.0061 14428  THREADORDER - ok
13:41:36.0109 14428  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:41:36.0122 14428  TrkWks - ok
13:41:36.0210 14428  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:41:36.0216 14428  TrustedInstaller - ok
13:41:36.0293 14428  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:41:36.0296 14428  tssecsrv - ok
13:41:36.0388 14428  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:41:36.0393 14428  TsUsbFlt - ok
13:41:36.0430 14428  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:41:36.0433 14428  TsUsbGD - ok
13:41:36.0463 14428  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:41:36.0468 14428  tunnel - ok
13:41:36.0509 14428  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:41:36.0513 14428  uagp35 - ok
13:41:36.0633 14428  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:41:36.0642 14428  udfs - ok
13:41:36.0721 14428  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:41:36.0728 14428  UI0Detect - ok
13:41:36.0767 14428  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:41:36.0772 14428  uliagpkx - ok
13:41:36.0811 14428  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:41:36.0815 14428  umbus - ok
13:41:36.0875 14428  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:41:36.0878 14428  UmPass - ok
13:41:36.0941 14428  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:41:36.0967 14428  upnphost - ok
13:41:37.0021 14428  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:41:37.0025 14428  USBAAPL64 - ok
13:41:37.0073 14428  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:41:37.0077 14428  usbccgp - ok
13:41:37.0145 14428  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:41:37.0151 14428  usbcir - ok
13:41:37.0193 14428  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:41:37.0197 14428  usbehci - ok
13:41:37.0261 14428  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:41:37.0265 14428  usbfilter - ok
13:41:37.0315 14428  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:41:37.0332 14428  usbhub - ok
13:41:37.0379 14428  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:41:37.0383 14428  usbohci - ok
13:41:37.0432 14428  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:41:37.0435 14428  usbprint - ok
13:41:37.0518 14428  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:41:37.0523 14428  USBSTOR - ok
13:41:37.0547 14428  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:41:37.0569 14428  usbuhci - ok
13:41:37.0635 14428  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:41:37.0641 14428  usbvideo - ok
13:41:37.0675 14428  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:41:37.0682 14428  UxSms - ok
13:41:37.0707 14428  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
13:41:37.0712 14428  VaultSvc - ok
13:41:37.0748 14428  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:41:37.0752 14428  vdrvroot - ok
13:41:37.0788 14428  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:41:37.0811 14428  vds - ok
13:41:37.0834 14428  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:41:37.0839 14428  vga - ok
13:41:37.0875 14428  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:41:37.0879 14428  VgaSave - ok
13:41:37.0931 14428  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:41:38.0009 14428  vhdmp - ok
13:41:38.0050 14428  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:41:38.0054 14428  viaide - ok
13:41:38.0093 14428  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:41:38.0097 14428  volmgr - ok
13:41:38.0136 14428  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:41:38.0145 14428  volmgrx - ok
13:41:38.0173 14428  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:41:38.0180 14428  volsnap - ok
13:41:38.0223 14428  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:41:38.0230 14428  vsmraid - ok
13:41:38.0319 14428  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:41:38.0407 14428  VSS - ok
13:41:38.0641 14428  [ 0CC549BD6670CF12B30A470F107E5159 ] vToolbarUpdater18.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
13:41:38.0699 14428  vToolbarUpdater18.0.0 - ok
13:41:38.0747 14428  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:41:38.0751 14428  vwifibus - ok
13:41:38.0797 14428  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:41:38.0801 14428  vwififlt - ok
13:41:38.0854 14428  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:41:38.0857 14428  vwifimp - ok
13:41:38.0932 14428  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:41:38.0945 14428  W32Time - ok
13:41:39.0061 14428  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:41:39.0064 14428  WacomPen - ok
13:41:39.0106 14428  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:41:39.0112 14428  WANARP - ok
13:41:39.0142 14428  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:41:39.0145 14428  Wanarpv6 - ok
13:41:39.0230 14428  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:41:39.0265 14428  WatAdminSvc - ok
13:41:39.0353 14428  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:41:39.0399 14428  wbengine - ok
13:41:39.0446 14428  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:41:39.0456 14428  WbioSrvc - ok
13:41:39.0504 14428  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:41:39.0526 14428  wcncsvc - ok
13:41:39.0613 14428  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:41:39.0621 14428  WcsPlugInService - ok
13:41:39.0659 14428  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:41:39.0662 14428  Wd - ok
13:41:39.0762 14428  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:41:39.0796 14428  Wdf01000 - ok
13:41:39.0860 14428  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:41:39.0868 14428  WdiServiceHost - ok
13:41:39.0896 14428  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:41:39.0902 14428  WdiSystemHost - ok
13:41:39.0971 14428  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
13:41:39.0989 14428  WebClient - ok
13:41:40.0089 14428  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:41:40.0099 14428  Wecsvc - ok
13:41:40.0140 14428  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:41:40.0148 14428  wercplsupport - ok
13:41:40.0185 14428  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:41:40.0193 14428  WerSvc - ok
13:41:40.0230 14428  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:41:40.0233 14428  WfpLwf - ok
13:41:40.0273 14428  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:41:40.0279 14428  WIMMount - ok
13:41:40.0337 14428  WinDefend - ok
13:41:40.0414 14428  WinHttpAutoProxySvc - ok
13:41:40.0491 14428  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:41:40.0504 14428  Winmgmt - ok
13:41:40.0602 14428  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:41:40.0682 14428  WinRM - ok
13:41:40.0774 14428  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:41:40.0778 14428  WinUsb - ok
13:41:40.0937 14428  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:41:40.0987 14428  Wlansvc - ok
13:41:41.0160 14428  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:41:41.0220 14428  wlidsvc - ok
13:41:41.0259 14428  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:41:41.0263 14428  WmiAcpi - ok
13:41:41.0314 14428  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:41:41.0321 14428  wmiApSrv - ok
13:41:41.0344 14428  WMPNetworkSvc - ok
13:41:41.0420 14428  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:41:41.0426 14428  WPCSvc - ok
13:41:41.0482 14428  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:41:41.0492 14428  WPDBusEnum - ok
13:41:41.0553 14428  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:41:41.0557 14428  ws2ifsl - ok
13:41:41.0582 14428  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:41:41.0591 14428  wscsvc - ok
13:41:41.0632 14428  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
13:41:41.0635 14428  WSDPrintDevice - ok
13:41:41.0654 14428  WSearch - ok
13:41:41.0830 14428  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:41:41.0954 14428  wuauserv - ok
13:41:42.0003 14428  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:41:42.0008 14428  WudfPf - ok
13:41:42.0046 14428  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:42.0053 14428  WUDFRd - ok
13:41:42.0112 14428  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:41:42.0157 14428  wudfsvc - ok
13:41:42.0217 14428  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:41:42.0240 14428  WwanSvc - ok
13:41:42.0376 14428  ================ Scan global ===============================
13:41:42.0475 14428  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:41:42.0525 14428  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
13:41:42.0561 14428  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
13:41:42.0604 14428  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:41:42.0643 14428  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:41:42.0654 14428  [Global] - ok
13:41:42.0676 14428  ================ Scan MBR ==================================
13:41:42.0693 14428  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:41:43.0019 14428  \Device\Harddisk0\DR0 - ok
13:41:43.0027 14428  ================ Scan VBR ==================================
13:41:43.0055 14428  [ D9F534064AD9F0CF1A65A2CACA1CB6A2 ] \Device\Harddisk0\DR0\Partition1
13:41:43.0059 14428  \Device\Harddisk0\DR0\Partition1 - ok
13:41:43.0088 14428  [ A1FC4A82EB9759440B089103D84ADEDE ] \Device\Harddisk0\DR0\Partition2
13:41:43.0092 14428  \Device\Harddisk0\DR0\Partition2 - ok
13:41:43.0149 14428  [ 549818430C6DEAB35D50AFEE32B3E6D8 ] \Device\Harddisk0\DR0\Partition3
13:41:43.0154 14428  \Device\Harddisk0\DR0\Partition3 - ok
13:41:43.0193 14428  [ 914BE9E01FF624E75788D613749EFCB7 ] \Device\Harddisk0\DR0\Partition4
13:41:43.0196 14428  \Device\Harddisk0\DR0\Partition4 - ok
13:41:43.0207 14428  ============================================================
13:41:43.0207 14428  Scan finished
13:41:43.0207 14428  ============================================================
13:41:43.0282 12408  Detected object count: 0
13:41:43.0282 12408  Actual detected object count: 0
13:42:05.0670 14796  Deinitialize success
13:42:13.0369 10676  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:42:17.0824 10676  ============================================================
13:42:17.0824 10676  Current date / time: 2014/03/20 13:42:17.0824
13:42:17.0824 10676  SystemInfo:
13:42:17.0824 10676  
13:42:17.0824 10676  OS Version: 6.1.7601 ServicePack: 1.0
13:42:17.0824 10676  Product type: Workstation
13:42:17.0825 10676  ComputerName: KRISTY-HP
13:42:17.0834 10676  UserName: kristy
13:42:17.0834 10676  Windows directory: C:\Windows
13:42:17.0834 10676  System windows directory: C:\Windows
13:42:17.0834 10676  Running under WOW64
13:42:17.0834 10676  Processor architecture: Intel x64
13:42:17.0834 10676  Number of processors: 2
13:42:17.0834 10676  Page size: 0x1000
13:42:17.0835 10676  Boot type: Normal boot
13:42:17.0835 10676  ============================================================
13:42:19.0311 10676  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:19.0332 10676  ============================================================
13:42:19.0332 10676  \Device\Harddisk0\DR0:
13:42:19.0332 10676  MBR partitions:
13:42:19.0332 10676  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:42:19.0332 10676  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1A2AA800
13:42:19.0332 10676  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1A30E800, BlocksNum 0x26C7000
13:42:19.0332 10676  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1C9D5800, BlocksNum 0x7EF800
13:42:19.0333 10676  ============================================================
13:42:19.0368 10676  C: <-> \Device\Harddisk0\DR0\Partition2
13:42:19.0517 10676  D: <-> \Device\Harddisk0\DR0\Partition3
13:42:19.0547 10676  E: <-> \Device\Harddisk0\DR0\Partition4
13:42:19.0547 10676  ============================================================
13:42:19.0580 10676  Initialize success
13:42:19.0580 10676  ============================================================
13:42:22.0175 13816  ============================================================
13:42:22.0175 13816  Scan started
13:42:22.0175 13816  Mode: Manual; 
13:42:22.0175 13816  ============================================================
13:42:22.0544 13816  ================ Scan system memory ========================
13:42:22.0544 13816  System memory - ok
13:42:22.0553 13816  ================ Scan services =============================
13:42:22.0895 13816  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:42:22.0899 13816  1394ohci - ok
13:42:23.0006 13816  [ DD81D91FF3B0763C392422865C9AC12E ] 70e6ca8c        C:\Windows\system32\rundll32.exe
13:42:23.0011 13816  70e6ca8c - ok
13:42:23.0073 13816  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:42:23.0078 13816  ACPI - ok
13:42:23.0108 13816  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:42:23.0109 13816  AcpiPmi - ok
13:42:23.0244 13816  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:42:23.0248 13816  AdobeFlashPlayerUpdateSvc - ok
13:42:23.0311 13816  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:42:23.0318 13816  adp94xx - ok
13:42:23.0379 13816  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:42:23.0384 13816  adpahci - ok
13:42:23.0436 13816  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:42:23.0439 13816  adpu320 - ok
13:42:23.0507 13816  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:42:23.0509 13816  AeLookupSvc - ok
13:42:23.0632 13816  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:42:23.0634 13816  AERTFilters - ok
13:42:23.0692 13816  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
13:42:23.0730 13816  AFD - ok
13:42:23.0812 13816  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:42:23.0814 13816  agp440 - ok
13:42:23.0838 13816  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:42:23.0841 13816  ALG - ok
13:42:23.0883 13816  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:42:23.0884 13816  aliide - ok
13:42:23.0927 13816  [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:42:23.0930 13816  AMD External Events Utility - ok
13:42:23.0977 13816  AMD FUEL Service - ok
13:42:24.0004 13816  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:42:24.0005 13816  amdide - ok
13:42:24.0036 13816  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
13:42:24.0038 13816  amdiox64 - ok
13:42:24.0086 13816  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:42:24.0087 13816  AmdK8 - ok
13:42:24.0411 13816  [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:42:24.0526 13816  amdkmdag - ok
13:42:24.0577 13816  [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:42:24.0581 13816  amdkmdap - ok
13:42:24.0611 13816  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:42:24.0612 13816  AmdPPM - ok
13:42:24.0643 13816  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:42:24.0645 13816  amdsata - ok
13:42:24.0690 13816  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:42:24.0693 13816  amdsbs - ok
13:42:24.0737 13816  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:42:24.0738 13816  amdxata - ok
13:42:24.0778 13816  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
13:42:24.0781 13816  amd_sata - ok
13:42:24.0805 13816  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
13:42:24.0807 13816  amd_xata - ok
13:42:24.0969 13816  [ B342CD9AA44E4AE99E2368EBDBC2E17A ] APNMCP          C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
13:42:24.0972 13816  APNMCP - ok
13:42:25.0036 13816  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:42:25.0038 13816  AppID - ok
13:42:25.0105 13816  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:42:25.0106 13816  AppIDSvc - ok
13:42:25.0168 13816  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
13:42:25.0171 13816  Appinfo - ok
13:42:25.0224 13816  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:42:25.0226 13816  arc - ok
13:42:25.0273 13816  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:42:25.0278 13816  arcsas - ok
13:42:25.0481 13816  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:25.0483 13816  aspnet_state - ok
13:42:25.0518 13816  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:25.0520 13816  AsyncMac - ok
13:42:25.0570 13816  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:42:25.0572 13816  atapi - ok
13:42:25.0652 13816  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:25.0660 13816  AudioEndpointBuilder - ok
13:42:25.0707 13816  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:42:25.0715 13816  AudioSrv - ok
13:42:25.0795 13816  [ D23F69FA8C0C94C4FE57B57D50F6DB66 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
13:42:25.0797 13816  avgtp - ok
13:42:25.0850 13816  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:42:25.0853 13816  AxInstSV - ok
13:42:25.0924 13816  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:42:25.0962 13816  b06bdrv - ok
13:42:26.0037 13816  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:26.0041 13816  b57nd60a - ok
13:42:26.0136 13816  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:42:26.0152 13816  BCM43XX - ok
13:42:26.0192 13816  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:42:26.0194 13816  BDESVC - ok
13:42:26.0231 13816  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:42:26.0232 13816  Beep - ok
13:42:26.0300 13816  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:42:26.0312 13816  BFE - ok
13:42:26.0422 13816  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:42:26.0461 13816  BITS - ok
13:42:26.0506 13816  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:42:26.0507 13816  blbdrive - ok
13:42:26.0568 13816  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:42:26.0585 13816  Bonjour Service - ok
13:42:26.0672 13816  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:42:26.0674 13816  bowser - ok
13:42:26.0739 13816  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:42:26.0741 13816  BrFiltLo - ok
13:42:26.0781 13816  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:42:26.0782 13816  BrFiltUp - ok
13:42:26.0843 13816  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:42:26.0846 13816  Browser - ok
13:42:26.0900 13816  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:42:26.0905 13816  Brserid - ok
13:42:26.0951 13816  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:26.0953 13816  BrSerWdm - ok
13:42:27.0001 13816  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:27.0002 13816  BrUsbMdm - ok
13:42:27.0044 13816  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:27.0045 13816  BrUsbSer - ok
13:42:27.0095 13816  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:42:27.0097 13816  BTHMODEM - ok
13:42:27.0140 13816  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:42:27.0143 13816  bthserv - ok
13:42:27.0173 13816  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:42:27.0176 13816  cdfs - ok
13:42:27.0217 13816  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:42:27.0220 13816  cdrom - ok
13:42:27.0260 13816  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:42:27.0264 13816  CertPropSvc - ok
13:42:27.0305 13816  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:42:27.0307 13816  circlass - ok
13:42:27.0362 13816  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:42:27.0368 13816  CLFS - ok
13:42:27.0494 13816  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:27.0496 13816  clr_optimization_v2.0.50727_32 - ok
13:42:27.0563 13816  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:27.0565 13816  clr_optimization_v2.0.50727_64 - ok
13:42:27.0682 13816  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:27.0684 13816  clr_optimization_v4.0.30319_32 - ok
13:42:27.0713 13816  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:27.0716 13816  clr_optimization_v4.0.30319_64 - ok
13:42:28.0044 13816  [ C1816A6EFA5286773126F2743BC1ED56 ] CltMngSvc       C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
13:42:28.0074 13816  CltMngSvc - ok
13:42:28.0097 13816  clwvd - ok
13:42:28.0157 13816  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:42:28.0160 13816  CmBatt - ok
13:42:28.0201 13816  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:42:28.0224 13816  cmdide - ok
13:42:28.0273 13816  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:42:28.0284 13816  CNG - ok
13:42:28.0335 13816  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:42:28.0338 13816  Compbatt - ok
13:42:28.0433 13816  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:42:28.0438 13816  CompositeBus - ok
13:42:28.0457 13816  COMSysApp - ok
13:42:28.0489 13816  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:42:28.0492 13816  crcdisk - ok
13:42:28.0560 13816  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:42:28.0565 13816  CryptSvc - ok
13:42:28.0655 13816  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:42:28.0665 13816  DcomLaunch - ok
13:42:28.0712 13816  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:42:28.0720 13816  defragsvc - ok
13:42:28.0755 13816  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:42:28.0760 13816  DfsC - ok
13:42:28.0820 13816  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:42:28.0828 13816  Dhcp - ok
13:42:28.0858 13816  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:42:28.0862 13816  discache - ok
13:42:28.0911 13816  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:42:28.0915 13816  Disk - ok
13:42:28.0960 13816  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:42:28.0967 13816  Dnscache - ok
13:42:29.0005 13816  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:42:29.0014 13816  dot3svc - ok
13:42:29.0063 13816  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:42:29.0069 13816  DPS - ok
13:42:29.0132 13816  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:42:29.0135 13816  drmkaud - ok
13:42:29.0196 13816  [ 53BD875C7C0808235BFB803C1A8BE009 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:42:29.0230 13816  DXGKrnl - ok
13:42:29.0270 13816  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:42:29.0276 13816  EapHost - ok
13:42:29.0408 13816  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:42:29.0502 13816  ebdrv - ok
13:42:29.0539 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
13:42:29.0544 13816  EFS - ok
13:42:29.0645 13816  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:42:29.0673 13816  ehRecvr - ok
13:42:29.0711 13816  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:42:29.0716 13816  ehSched - ok
13:42:29.0771 13816  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:42:29.0797 13816  elxstor - ok
13:42:29.0861 13816  EraserUtilDrv11310 - ok
13:42:29.0883 13816  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:42:29.0890 13816  ErrDev - ok
13:42:30.0006 13816  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:42:30.0025 13816  EventSystem - ok
13:42:30.0064 13816  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:42:30.0070 13816  exfat - ok
13:42:30.0100 13816  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:42:30.0107 13816  fastfat - ok
13:42:30.0265 13816  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:42:30.0292 13816  Fax - ok
13:42:30.0331 13816  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:42:30.0336 13816  fdc - ok
13:42:30.0365 13816  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:42:30.0368 13816  fdPHost - ok
13:42:30.0406 13816  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:42:30.0410 13816  FDResPub - ok
13:42:30.0457 13816  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:42:30.0461 13816  FileInfo - ok
13:42:30.0495 13816  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:42:30.0499 13816  Filetrace - ok
13:42:30.0531 13816  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:42:30.0534 13816  flpydisk - ok
13:42:30.0582 13816  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:42:30.0590 13816  FltMgr - ok
13:42:30.0702 13816  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:42:30.0739 13816  FontCache - ok
13:42:30.0800 13816  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:30.0803 13816  FontCache3.0.0.0 - ok
13:42:30.0872 13816  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:42:30.0876 13816  FsDepends - ok
13:42:30.0959 13816  [ B3EB502D2C3F47C47415F85387DFAEF1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:42:30.0963 13816  fssfltr - ok
13:42:31.0096 13816  [ B6AB40819ECEC4BA07266EC0EBBC85A7 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:42:31.0134 13816  fsssvc - ok
13:42:31.0180 13816  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:42:31.0183 13816  Fs_Rec - ok
13:42:31.0220 13816  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:42:31.0227 13816  fvevol - ok
13:42:31.0293 13816  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:42:31.0297 13816  gagp30kx - ok
13:42:31.0345 13816  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:42:31.0350 13816  GamesAppService - ok
13:42:31.0398 13816  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:42:31.0442 13816  gpsvc - ok
13:42:31.0495 13816  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:31.0499 13816  gupdate - ok
13:42:31.0514 13816  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:31.0516 13816  gupdatem - ok
13:42:31.0557 13816  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:42:31.0560 13816  hcw85cir - ok
13:42:31.0605 13816  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:31.0614 13816  HdAudAddService - ok
13:42:31.0648 13816  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:42:31.0653 13816  HDAudBus - ok
13:42:31.0690 13816  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:42:31.0694 13816  HidBatt - ok
13:42:31.0725 13816  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:42:31.0729 13816  HidBth - ok
13:42:31.0772 13816  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:42:31.0776 13816  HidIr - ok
13:42:31.0802 13816  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:42:31.0807 13816  hidserv - ok
13:42:31.0846 13816  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:42:31.0849 13816  HidUsb - ok
13:42:31.0883 13816  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:42:31.0889 13816  hkmsvc - ok
13:42:31.0927 13816  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:31.0940 13816  HomeGroupListener - ok
13:42:31.0991 13816  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:31.0999 13816  HomeGroupProvider - ok
13:42:32.0063 13816  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:42:32.0071 13816  HPClientSvc - ok
13:42:32.0169 13816  [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:42:32.0206 13816  hpqwmiex - ok
13:42:32.0236 13816  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:42:32.0241 13816  HpSAMD - ok
13:42:32.0294 13816  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:42:32.0298 13816  HPWMISVC - ok
13:42:32.0343 13816  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:42:32.0371 13816  HTTP - ok
13:42:32.0396 13816  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:42:32.0399 13816  hwpolicy - ok
13:42:32.0444 13816  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:32.0449 13816  i8042prt - ok
13:42:32.0487 13816  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:42:32.0496 13816  iaStorV - ok
13:42:32.0638 13816  [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:42:32.0723 13816  IconMan_R - ok
13:42:32.0910 13816  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:42:32.0914 13816  IDriverT - ok
13:42:32.0992 13816  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:33.0033 13816  idsvc - ok
13:42:33.0066 13816  IEEtwCollectorService - ok
13:42:33.0102 13816  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:42:33.0145 13816  iirsp - ok
13:42:33.0214 13816  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:42:33.0244 13816  IKEEXT - ok
13:42:33.0353 13816  [ E395D888EF6D3777134A9E09FF7582C2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:42:33.0434 13816  IntcAzAudAddService - ok
13:42:33.0483 13816  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:42:33.0486 13816  intelide - ok
13:42:33.0535 13816  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:42:33.0540 13816  intelppm - ok
13:42:33.0592 13816  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:42:33.0598 13816  IPBusEnum - ok
13:42:33.0627 13816  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:33.0631 13816  IpFilterDriver - ok
13:42:33.0711 13816  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:42:33.0741 13816  iphlpsvc - ok
13:42:33.0820 13816  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:42:33.0825 13816  IPMIDRV - ok
13:42:33.0848 13816  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:42:33.0852 13816  IPNAT - ok
13:42:33.0877 13816  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:42:33.0881 13816  IRENUM - ok
13:42:33.0923 13816  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:42:33.0926 13816  isapnp - ok
13:42:33.0957 13816  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:42:33.0965 13816  iScsiPrt - ok
13:42:34.0007 13816  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:34.0012 13816  kbdclass - ok
13:42:34.0061 13816  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:42:34.0064 13816  kbdhid - ok
13:42:34.0090 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
13:42:34.0096 13816  KeyIso - ok
13:42:34.0138 13816  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:42:34.0142 13816  KSecDD - ok
13:42:34.0214 13816  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:42:34.0250 13816  KSecPkg - ok
13:42:34.0284 13816  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:42:34.0287 13816  ksthunk - ok
13:42:34.0354 13816  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:42:34.0364 13816  KtmRm - ok
13:42:34.0412 13816  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:42:34.0421 13816  LanmanServer - ok
13:42:34.0464 13816  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:34.0472 13816  LanmanWorkstation - ok
13:42:34.0512 13816  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:42:34.0516 13816  lltdio - ok
13:42:34.0595 13816  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:42:34.0605 13816  lltdsvc - ok
13:42:34.0636 13816  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:42:34.0652 13816  lmhosts - ok
13:42:34.0697 13816  LMIGuardianSvc - ok
13:42:34.0711 13816  LMIInfo - ok
13:42:34.0759 13816  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
13:42:34.0762 13816  lmimirr - ok
13:42:34.0779 13816  LMIRfsClientNP - ok
13:42:34.0845 13816  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
13:42:34.0848 13816  LMIRfsDriver - ok
13:42:34.0903 13816  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:42:34.0908 13816  LSI_FC - ok
13:42:34.0936 13816  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:42:34.0940 13816  LSI_SAS - ok
13:42:34.0985 13816  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:42:34.0989 13816  LSI_SAS2 - ok
13:42:35.0030 13816  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:42:35.0035 13816  LSI_SCSI - ok
13:42:35.0079 13816  lsnfd - ok
13:42:35.0168 13816  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:42:35.0173 13816  luafv - ok
13:42:35.0227 13816  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:42:35.0234 13816  Mcx2Svc - ok
13:42:35.0273 13816  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:42:35.0277 13816  megasas - ok
13:42:35.0345 13816  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:42:35.0353 13816  MegaSR - ok
13:42:35.0384 13816  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:42:35.0390 13816  MMCSS - ok
13:42:35.0419 13816  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:42:35.0423 13816  Modem - ok
13:42:35.0477 13816  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:42:35.0480 13816  monitor - ok
13:42:35.0519 13816  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:42:35.0523 13816  mouclass - ok
13:42:35.0558 13816  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:42:35.0561 13816  mouhid - ok
13:42:35.0604 13816  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:42:35.0609 13816  mountmgr - ok
13:42:35.0824 13816  [ D3BBF70D390C9B8090DC4A7D53E73AC7 ] MovieMode       C:\ProgramData\MovieMode\MovieModeService.exe
13:42:35.0827 13816  MovieMode - ok
13:42:35.0909 13816  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:42:35.0929 13816  MpFilter - ok
13:42:35.0957 13816  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:42:35.0962 13816  mpio - ok
13:42:35.0990 13816  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:42:35.0994 13816  mpsdrv - ok
13:42:36.0044 13816  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:42:36.0080 13816  MpsSvc - ok
13:42:36.0139 13816  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:42:36.0144 13816  MRxDAV - ok
13:42:36.0222 13816  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:36.0228 13816  mrxsmb - ok
13:42:36.0278 13816  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:36.0286 13816  mrxsmb10 - ok
13:42:36.0346 13816  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:36.0351 13816  mrxsmb20 - ok
13:42:36.0395 13816  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:42:36.0398 13816  msahci - ok
13:42:36.0431 13816  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:42:36.0437 13816  msdsm - ok
13:42:36.0456 13816  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:42:36.0463 13816  MSDTC - ok
13:42:36.0517 13816  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:42:36.0521 13816  Msfs - ok
13:42:36.0546 13816  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:42:36.0551 13816  mshidkmdf - ok
13:42:36.0577 13816  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:42:36.0581 13816  msisadrv - ok
13:42:36.0623 13816  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:42:36.0644 13816  MSiSCSI - ok
13:42:36.0662 13816  msiserver - ok
13:42:36.0693 13816  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:42:36.0696 13816  MSKSSRV - ok
13:42:36.0793 13816  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:42:36.0795 13816  MsMpSvc - ok
13:42:36.0822 13816  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:36.0827 13816  MSPCLOCK - ok
13:42:36.0878 13816  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:42:36.0881 13816  MSPQM - ok
13:42:36.0943 13816  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:42:36.0956 13816  MsRPC - ok
13:42:37.0103 13816  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:42:37.0107 13816  mssmbios - ok
13:42:37.0123 13816  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:42:37.0127 13816  MSTEE - ok
13:42:37.0167 13816  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:42:37.0171 13816  MTConfig - ok
13:42:37.0195 13816  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:42:37.0198 13816  Mup - ok
13:42:37.0245 13816  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:42:37.0270 13816  napagent - ok
13:42:37.0303 13816  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:42:37.0311 13816  NativeWifiP - ok
13:42:37.0379 13816  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:42:37.0414 13816  NDIS - ok
13:42:37.0450 13816  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:37.0453 13816  NdisCap - ok
13:42:37.0497 13816  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:37.0500 13816  NdisTapi - ok
13:42:37.0538 13816  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:37.0542 13816  Ndisuio - ok
13:42:37.0571 13816  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:37.0576 13816  NdisWan - ok
13:42:37.0618 13816  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:42:37.0623 13816  NDProxy - ok
13:42:37.0650 13816  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:42:37.0653 13816  NetBIOS - ok
13:42:37.0756 13816  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:42:37.0771 13816  NetBT - ok
13:42:37.0828 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
13:42:37.0831 13816  Netlogon - ok
13:42:37.0899 13816  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:42:37.0909 13816  Netman - ok
13:42:38.0129 13816  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:38.0132 13816  NetMsmqActivator - ok
13:42:38.0195 13816  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:38.0198 13816  NetPipeActivator - ok
13:42:38.0239 13816  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:42:38.0272 13816  netprofm - ok
13:42:38.0376 13816  [ 9C745041E72576251BC93709633E89FF ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
13:42:38.0423 13816  netr28x - ok
13:42:38.0492 13816  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:38.0495 13816  NetTcpActivator - ok
13:42:38.0569 13816  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:38.0572 13816  NetTcpPortSharing - ok
13:42:38.0635 13816  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:42:38.0638 13816  nfrd960 - ok
13:42:38.0719 13816  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:42:38.0723 13816  NisDrv - ok
13:42:38.0785 13816  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:42:38.0793 13816  NisSrv - ok
13:42:38.0885 13816  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:42:38.0909 13816  NlaSvc - ok
13:42:38.0962 13816  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:42:38.0965 13816  Npfs - ok
13:42:38.0995 13816  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:42:39.0007 13816  nsi - ok
13:42:39.0045 13816  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:42:39.0048 13816  nsiproxy - ok
13:42:39.0158 13816  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:42:39.0205 13816  Ntfs - ok
13:42:39.0238 13816  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:42:39.0241 13816  Null - ok
13:42:39.0290 13816  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
13:42:39.0300 13816  NVENETFD - ok
13:42:39.0333 13816  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:42:39.0338 13816  nvraid - ok
13:42:39.0368 13816  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:42:39.0374 13816  nvstor - ok
13:42:39.0423 13816  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:42:39.0428 13816  nv_agp - ok
13:42:39.0457 13816  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:42:39.0461 13816  ohci1394 - ok
13:42:39.0495 13816  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:42:39.0506 13816  p2pimsvc - ok
13:42:39.0565 13816  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:42:39.0589 13816  p2psvc - ok
13:42:39.0628 13816  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:42:39.0633 13816  Parport - ok
13:42:39.0675 13816  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:42:39.0679 13816  partmgr - ok
13:42:39.0719 13816  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:42:39.0727 13816  PcaSvc - ok
13:42:39.0763 13816  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:42:39.0769 13816  pci - ok
13:42:39.0825 13816  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:42:39.0829 13816  pciide - ok
13:42:39.0869 13816  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:42:39.0875 13816  pcmcia - ok
13:42:40.0019 13816  [ 2503031F72CA4D2C300E2868B265934A ] PCTechHotlineSvc C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe
13:42:40.0053 13816  PCTechHotlineSvc - ok
13:42:40.0095 13816  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:42:40.0100 13816  pcw - ok
13:42:40.0150 13816  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:42:40.0174 13816  PEAUTH - ok
13:42:40.0251 13816  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:42:40.0256 13816  PerfHost - ok
13:42:40.0357 13816  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:42:40.0403 13816  pla - ok
13:42:40.0449 13816  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:42:40.0472 13816  PlugPlay - ok
13:42:40.0502 13816  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:42:40.0510 13816  PNRPAutoReg - ok
13:42:40.0572 13816  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:42:40.0580 13816  PNRPsvc - ok
13:42:40.0649 13816  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:42:40.0685 13816  PolicyAgent - ok
13:42:40.0738 13816  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:42:40.0748 13816  Power - ok
13:42:40.0789 13816  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:42:40.0793 13816  PptpMiniport - ok
13:42:40.0823 13816  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:42:40.0829 13816  Processor - ok
13:42:40.0897 13816  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:42:40.0905 13816  ProfSvc - ok
13:42:40.0929 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
13:42:40.0934 13816  ProtectedStorage - ok
13:42:40.0963 13816  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:42:40.0968 13816  Psched - ok
13:42:41.0050 13816  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:42:41.0098 13816  ql2300 - ok
13:42:41.0146 13816  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:42:41.0151 13816  ql40xx - ok
13:42:41.0196 13816  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:42:41.0206 13816  QWAVE - ok
13:42:41.0247 13816  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:42:41.0252 13816  QWAVEdrv - ok
13:42:41.0291 13816  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:42:41.0294 13816  RasAcd - ok
13:42:41.0337 13816  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:41.0342 13816  RasAgileVpn - ok
13:42:41.0376 13816  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:42:41.0383 13816  RasAuto - ok
13:42:41.0421 13816  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:41.0426 13816  Rasl2tp - ok
13:42:41.0476 13816  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:42:41.0487 13816  RasMan - ok
13:42:41.0524 13816  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:41.0528 13816  RasPppoe - ok
13:42:41.0554 13816  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:42:41.0562 13816  RasSstp - ok
13:42:41.0597 13816  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:42:41.0606 13816  rdbss - ok
13:42:41.0635 13816  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:42:41.0639 13816  rdpbus - ok
13:42:41.0667 13816  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:41.0670 13816  RDPCDD - ok
13:42:41.0700 13816  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:42:41.0704 13816  RDPENCDD - ok
13:42:41.0742 13816  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:42:41.0744 13816  RDPREFMP - ok
13:42:41.0823 13816  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:42:41.0829 13816  RDPWD - ok
13:42:41.0862 13816  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:42:41.0869 13816  rdyboost - ok
13:42:41.0933 13816  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:42:41.0939 13816  RemoteAccess - ok
13:42:41.0977 13816  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:42:41.0985 13816  RemoteRegistry - ok
13:42:42.0025 13816  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:42:42.0031 13816  RpcEptMapper - ok
13:42:42.0071 13816  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:42:42.0076 13816  RpcLocator - ok
13:42:42.0143 13816  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:42:42.0167 13816  RpcSs - ok
13:42:42.0211 13816  [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
13:42:42.0220 13816  RSPCIESTOR - ok
13:42:42.0244 13816  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:42:42.0248 13816  rspndr - ok
13:42:42.0303 13816  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:42:42.0326 13816  RTL8167 - ok
13:42:42.0358 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
13:42:42.0361 13816  SamSs - ok
13:42:42.0393 13816  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:42:42.0397 13816  sbp2port - ok
13:42:42.0421 13816  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:42:42.0430 13816  SCardSvr - ok
13:42:42.0456 13816  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:42:42.0460 13816  scfilter - ok
13:42:42.0508 13816  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:42:42.0555 13816  Schedule - ok
13:42:42.0617 13816  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:42:42.0620 13816  SCPolicySvc - ok
13:42:42.0669 13816  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:42:42.0674 13816  sdbus - ok
13:42:42.0729 13816  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:42:42.0737 13816  SDRSVC - ok
13:42:42.0762 13816  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:42:42.0765 13816  secdrv - ok
13:42:42.0793 13816  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:42:42.0799 13816  seclogon - ok
13:42:42.0824 13816  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:42:42.0830 13816  SENS - ok
13:42:42.0856 13816  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:42:42.0862 13816  SensrSvc - ok
13:42:42.0891 13816  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:42:42.0895 13816  Serenum - ok
13:42:42.0918 13816  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
13:42:42.0923 13816  Serial - ok
13:42:42.0978 13816  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:42:42.0982 13816  sermouse - ok
13:42:43.0049 13816  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:42:43.0056 13816  SessionEnv - ok
13:42:43.0087 13816  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:42:43.0090 13816  sffdisk - ok
13:42:43.0121 13816  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:42:43.0133 13816  sffp_mmc - ok
13:42:43.0175 13816  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:42:43.0178 13816  sffp_sd - ok
13:42:43.0210 13816  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:42:43.0213 13816  sfloppy - ok
13:42:43.0283 13816  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:42:43.0294 13816  SharedAccess - ok
13:42:43.0508 13816  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:42:43.0530 13816  ShellHWDetection - ok
13:42:43.0566 13816  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:42:43.0572 13816  SiSRaid2 - ok
13:42:43.0636 13816  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:42:43.0641 13816  SiSRaid4 - ok
13:42:43.0671 13816  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:42:43.0676 13816  Smb - ok
13:42:43.0729 13816  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:42:43.0736 13816  SNMPTRAP - ok
13:42:43.0768 13816  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:42:43.0771 13816  spldr - ok
13:42:43.0827 13816  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:42:43.0877 13816  Spooler - ok
13:42:44.0009 13816  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:42:44.0117 13816  sppsvc - ok
13:42:44.0168 13816  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:42:44.0175 13816  sppuinotify - ok
13:42:44.0231 13816  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:42:44.0254 13816  srv - ok
13:42:44.0288 13816  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:42:44.0298 13816  srv2 - ok
13:42:44.0336 13816  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:42:44.0344 13816  SrvHsfHDA - ok
13:42:44.0418 13816  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:42:44.0460 13816  SrvHsfV92 - ok
13:42:44.0502 13816  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:42:44.0530 13816  SrvHsfWinac - ok
13:42:44.0566 13816  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:42:44.0572 13816  srvnet - ok
13:42:44.0638 13816  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
13:42:44.0648 13816  ssadbus - ok
13:42:44.0730 13816  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:42:44.0733 13816  ssadmdfl - ok
13:42:44.0761 13816  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
13:42:44.0767 13816  ssadmdm - ok
13:42:44.0803 13816  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
13:42:44.0809 13816  ssadserd - ok
13:42:44.0850 13816  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:42:44.0859 13816  SSDPSRV - ok
13:42:44.0887 13816  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:42:44.0896 13816  SstpSvc - ok
13:42:45.0034 13816  [ 5FFDA96330357A914A69D79BE1988A38 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:42:45.0063 13816  Steam Client Service - ok
13:42:45.0096 13816  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:42:45.0101 13816  stexstor - ok
13:42:45.0154 13816  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:42:45.0182 13816  stisvc - ok
13:42:45.0202 13816  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:42:45.0205 13816  swenum - ok
13:42:45.0252 13816  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:42:45.0276 13816  swprv - ok
13:42:45.0338 13816  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:42:45.0360 13816  SynTP - ok
13:42:45.0472 13816  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:42:45.0543 13816  SysMain - ok
13:42:45.0571 13816  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:42:45.0580 13816  TabletInputService - ok
13:42:45.0620 13816  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:42:45.0642 13816  TapiSrv - ok
13:42:45.0709 13816  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:42:45.0716 13816  TBS - ok
13:42:45.0818 13816  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:42:45.0875 13816  Tcpip - ok
13:42:45.0956 13816  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:42:45.0984 13816  TCPIP6 - ok
13:42:46.0068 13816  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:42:46.0072 13816  tcpipreg - ok
13:42:46.0109 13816  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:42:46.0113 13816  TDPIPE - ok
13:42:46.0176 13816  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:42:46.0179 13816  TDTCP - ok
13:42:46.0230 13816  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:42:46.0235 13816  tdx - ok
13:42:46.0273 13816  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:42:46.0277 13816  TermDD - ok
13:42:46.0339 13816  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:42:46.0373 13816  TermService - ok
13:42:46.0409 13816  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:42:46.0417 13816  Themes - ok
13:42:46.0597 13816  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:42:46.0603 13816  THREADORDER - ok
13:42:46.0631 13816  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:42:46.0638 13816  TrkWks - ok
13:42:46.0708 13816  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:42:46.0714 13816  TrustedInstaller - ok
13:42:46.0780 13816  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:42:46.0783 13816  tssecsrv - ok
13:42:46.0809 13816  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:42:46.0813 13816  TsUsbFlt - ok
13:42:46.0851 13816  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:42:46.0855 13816  TsUsbGD - ok
13:42:46.0884 13816  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:42:46.0889 13816  tunnel - ok
13:42:46.0919 13816  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:42:46.0923 13816  uagp35 - ok
13:42:46.0966 13816  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:42:46.0975 13816  udfs - ok
13:42:47.0065 13816  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:42:47.0075 13816  UI0Detect - ok
13:42:47.0110 13816  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:42:47.0115 13816  uliagpkx - ok
13:42:47.0143 13816  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:42:47.0147 13816  umbus - ok
13:42:47.0230 13816  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:42:47.0249 13816  UmPass - ok
13:42:47.0322 13816  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:42:47.0348 13816  upnphost - ok
13:42:47.0453 13816  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:42:47.0457 13816  USBAAPL64 - ok
13:42:47.0505 13816  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:42:47.0530 13816  usbccgp - ok
13:42:47.0599 13816  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:42:47.0650 13816  usbcir - ok
13:42:47.0834 13816  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:42:47.0839 13816  usbehci - ok
13:42:47.0891 13816  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:42:47.0906 13816  usbfilter - ok
13:42:47.0934 13816  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:42:47.0949 13816  usbhub - ok
13:42:48.0010 13816  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:42:48.0027 13816  usbohci - ok
13:42:48.0082 13816  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:42:48.0086 13816  usbprint - ok
13:42:48.0149 13816  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:42:48.0158 13816  USBSTOR - ok
13:42:48.0210 13816  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:42:48.0213 13816  usbuhci - ok
13:42:48.0320 13816  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:42:48.0326 13816  usbvideo - ok
13:42:48.0383 13816  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:42:48.0389 13816  UxSms - ok
13:42:48.0425 13816  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
13:42:48.0429 13816  VaultSvc - ok
13:42:48.0478 13816  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:42:48.0482 13816  vdrvroot - ok
13:42:48.0539 13816  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:42:48.0569 13816  vds - ok
13:42:48.0618 13816  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:42:48.0621 13816  vga - ok
13:42:48.0692 13816  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:42:48.0696 13816  VgaSave - ok
13:42:48.0750 13816  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:42:48.0782 13816  vhdmp - ok
13:42:48.0834 13816  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:42:48.0838 13816  viaide - ok
13:42:48.0954 13816  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:42:48.0964 13816  volmgr - ok
13:42:49.0008 13816  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:42:49.0017 13816  volmgrx - ok
13:42:49.0045 13816  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:42:49.0053 13816  volsnap - ok
13:42:49.0084 13816  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:42:49.0096 13816  vsmraid - ok
13:42:49.0272 13816  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:42:49.0334 13816  VSS - ok
13:42:49.0590 13816  [ 0CC549BD6670CF12B30A470F107E5159 ] vToolbarUpdater18.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
13:42:49.0808 13816  vToolbarUpdater18.0.0 - ok
13:42:49.0872 13816  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:42:49.0883 13816  vwifibus - ok
13:42:49.0933 13816  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:42:49.0956 13816  vwififlt - ok
13:42:49.0990 13816  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:42:49.0996 13816  vwifimp - ok
13:42:50.0101 13816  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:42:50.0123 13816  W32Time - ok
13:42:50.0196 13816  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:42:50.0214 13816  WacomPen - ok
13:42:50.0253 13816  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:42:50.0258 13816  WANARP - ok
13:42:50.0323 13816  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:42:50.0325 13816  Wanarpv6 - ok
13:42:50.0420 13816  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:42:50.0455 13816  WatAdminSvc - ok
13:42:50.0575 13816  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:42:50.0634 13816  wbengine - ok
13:42:50.0659 13816  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:42:50.0669 13816  WbioSrvc - ok
13:42:50.0727 13816  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:42:50.0750 13816  wcncsvc - ok
13:42:50.0793 13816  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:42:50.0801 13816  WcsPlugInService - ok
13:42:50.0838 13816  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:42:50.0842 13816  Wd - ok
13:42:50.0941 13816  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:42:51.0010 13816  Wdf01000 - ok
13:42:51.0062 13816  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:42:51.0070 13816  WdiServiceHost - ok
13:42:51.0095 13816  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:42:51.0101 13816  WdiSystemHost - ok
13:42:51.0189 13816  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
13:42:51.0201 13816  WebClient - ok
13:42:51.0246 13816  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:42:51.0257 13816  Wecsvc - ok
13:42:51.0309 13816  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:42:51.0320 13816  wercplsupport - ok
13:42:51.0343 13816  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:42:51.0351 13816  WerSvc - ok
13:42:51.0388 13816  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:42:51.0391 13816  WfpLwf - ok
13:42:51.0430 13816  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:42:51.0436 13816  WIMMount - ok
13:42:51.0484 13816  WinDefend - ok
13:42:51.0530 13816  WinHttpAutoProxySvc - ok
13:42:51.0593 13816  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:42:51.0600 13816  Winmgmt - ok
13:42:51.0695 13816  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:42:51.0797 13816  WinRM - ok
13:42:51.0876 13816  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:42:51.0880 13816  WinUsb - ok
13:42:51.0946 13816  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:42:51.0980 13816  Wlansvc - ok
13:42:52.0188 13816  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:42:52.0247 13816  wlidsvc - ok
13:42:52.0296 13816  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:42:52.0300 13816  WmiAcpi - ok
13:42:52.0340 13816  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:42:52.0347 13816  wmiApSrv - ok
13:42:52.0381 13816  WMPNetworkSvc - ok
13:42:52.0434 13816  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:42:52.0441 13816  WPCSvc - ok
13:42:52.0475 13816  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:42:52.0485 13816  WPDBusEnum - ok
13:42:52.0513 13816  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:42:52.0516 13816  ws2ifsl - ok
13:42:52.0553 13816  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:42:52.0561 13816  wscsvc - ok
13:42:52.0624 13816  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
13:42:52.0628 13816  WSDPrintDevice - ok
13:42:52.0657 13816  WSearch - ok
13:42:52.0835 13816  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:42:52.0909 13816  wuauserv - ok
13:42:52.0974 13816  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:42:52.0978 13816  WudfPf - ok
13:42:53.0017 13816  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:42:53.0024 13816  WUDFRd - ok
13:42:53.0061 13816  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:42:53.0070 13816  wudfsvc - ok
13:42:53.0133 13816  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:42:53.0156 13816  WwanSvc - ok
13:42:53.0237 13816  ================ Scan global ===============================
13:42:53.0347 13816  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:42:53.0397 13816  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
13:42:53.0433 13816  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
13:42:53.0476 13816  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:42:53.0526 13816  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:42:53.0534 13816  [Global] - ok
13:42:53.0545 13816  ================ Scan MBR ==================================
13:42:53.0565 13816  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:42:53.0968 13816  \Device\Harddisk0\DR0 - ok
13:42:53.0976 13816  ================ Scan VBR ==================================
13:42:53.0989 13816  [ D9F534064AD9F0CF1A65A2CACA1CB6A2 ] \Device\Harddisk0\DR0\Partition1
13:42:53.0993 13816  \Device\Harddisk0\DR0\Partition1 - ok
13:42:54.0026 13816  [ A1FC4A82EB9759440B089103D84ADEDE ] \Device\Harddisk0\DR0\Partition2
13:42:54.0030 13816  \Device\Harddisk0\DR0\Partition2 - ok
13:42:54.0076 13816  [ 549818430C6DEAB35D50AFEE32B3E6D8 ] \Device\Harddisk0\DR0\Partition3
13:42:54.0081 13816  \Device\Harddisk0\DR0\Partition3 - ok
13:42:54.0120 13816  [ 914BE9E01FF624E75788D613749EFCB7 ] \Device\Harddisk0\DR0\Partition4
13:42:54.0122 13816  \Device\Harddisk0\DR0\Partition4 - ok
13:42:54.0131 13816  ============================================================
13:42:54.0131 13816  Scan finished
13:42:54.0131 13816  ============================================================
13:42:54.0163 8304  Detected object count: 0
13:42:54.0163 8304  Actual detected object count: 0
13:43:02.0021 14412  Deinitialize success
 


#7 jenrtris

jenrtris
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 20 March 2014 - 12:49 PM

I hope this is what you were looking for. I've never run anything like this before. Let me know if there is anything else you need. Thank you



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 20 March 2014 - 03:29 PM

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Ask Toolbar
Mobogenie
Mysearchdial
Optimizer Pro v3.2
PC Fix Speed
QueenCouppon
ROM Manager Packages
saveRoN
Search Protect
Social Privacy
Solid Savings
Updater
WebCake 3.00
Websteroids



Close the window.

 

 

When finished, rescan with FRST (place the checkmark next to addition.txt) and post the new logs.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 23 March 2014 - 01:14 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 23 March 2014 - 01:14 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 23 March 2014 - 01:14 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 24 March 2014 - 11:02 AM

This topic has been re-opened at the request of the person who originally posted.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 jenrtris

jenrtris
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:00 AM

Posted 24 March 2014 - 12:03 PM

On the personal message I got it said to follow the instructions that were listed here on my thread. I don't see any though. Am i looking in the wrong place?



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 24 March 2014 - 12:11 PM

http://www.bleepingcomputer.com/forums/t/528014/error-missing-file-when-trying-to-uninstall-pctech-hotline/#entry3320435


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:00 AM

Posted 27 March 2014 - 04:47 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users