Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I've got a virus, and AVG is preventing me from trying to fix it.


  • This topic is locked This topic is locked
17 replies to this topic

#1 Rwhie84

Rwhie84

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 04 June 2014 - 07:23 PM

So AVG was recommended to me as an anti virus and I downloaded it which was a huge mistake. I recently got some adware (I hope this isn't the wrong section to post this in, I apologize if it is) which is particularly stubborn. AVG said it removed it but did nothing, so I tried adwCleaner and Malwarbytes which also did nothing. I deleted those two and thought I deleted AVG, but when I tried to download Kaspersky it essentially said AVG stopped me dfrom downloading, so I went through my hidden files and when I clicked delete on avg in the local section it said I couldn't because I had it open in another program, I have no clue which and have tried it on multiple occasions. I tried to do a system restore and it said my anti-virus stopped it, thanks AVG. I forget the name of the adware that essentially downloaded itself but I think it had surf in the name, it makes me unable t use chrome or firefox because every new page I go to I get a new popup. Internet explorer doesn't have the popup issue but is about a tenth of the speed it was before. What can I do? Any help greatly appreciated, I know you're very busy and I am glad there's a service like this available.

BC AdBot (Login to Remove)

 


m

#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 09 June 2014 - 02:31 PM

Hi Rwhie84 and welcome to BC.

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.


We need to have a good look at your system in order to determine the exact problems.

Note:
There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

If you are unsure what you're system bit type is..... click Here for help.

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
Both reports from FRST


Thanks.

BBPP6nz.png


#3 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 09 June 2014 - 04:30 PM

http://pastebin.com/6y64bcq5 Fist one http://pastebin.com/vgKTqj9W Additional Put both on pastebin so I didn't have a really long post on the forum, thanks a lot for your time!

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 03
Ran by owner (administrator) on EASYHOME on 09-06-2014 17:16:22
Running from C:\Users\owner\Desktop
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Windows\System32\idle-Threads.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\ClassicShell\ClassicShellService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\semaphore-Threads.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\ClassicShell\ClassicStartMenu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
() C:\Users\owner\AppData\Local\MRS\svcsystem.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\owner\AppData\Local\MRS\winsystem.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MRS\pvx\privoxy.exe
(Farbar) C:\Users\owner\Desktop\Virus fixer.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-11-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2993376 2014-05-08] (Nota Inc.)
HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1713416 2013-08-05] (CyberLink Corp.)
HKU\S-1-5-21-2255616114-2979358920-1297510320-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\owner\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=356f40509df447d29d14a151cd177a53-84ad5da3cbbefba1c97e797a60de79166fdaf70c /CMPID=0214c
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {696BEDDC-EDD9-40C1-9534-90D237CEA7EC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 199.166.6.2 209.239.11.98

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\wa9ndnaz.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]

==================== Services (Whitelisted) =================

S2 .Net Crypt; C:\Windows\System32\mutex-Threads.exe [9539184 2013-11-30] ()
R2 .Net Main; C:\Windows\System32\idle-Threads.exe [9361520 2013-11-30] ()
S2 .Net Security; C:\Windows\System32\latch-Threads.exe [9544304 2013-11-30] ()
R2 .Net Semaphore; C:\Windows\System32\semaphore-Threads.exe [480880 2013-11-30] ()
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 ClassicShellService; C:\ClassicShell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SystemUpdatekb70007; C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-11-21] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R0 scssifilter; C:\Windows\System32\Drivers\scssifilter64.sys [18928 2013-11-30] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
R0 usbmp3; C:\Windows\System32\Drivers\usbmp364.sys [18928 2013-11-30] ()
R0 usbvox; C:\Windows\System32\Drivers\usbvox64.sys [20464 2013-11-30] ()
R0 usbwav; C:\Windows\System32\Drivers\usbwav64.sys [15856 2013-11-30] ()
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
2014-06-03 19:49 - 2014-06-03 19:52 - 00000000 ____D () C:\AdwCleaner
2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
2014-06-03 07:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-02 20:35 - 2014-06-03 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
2014-06-02 20:35 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-02 16:24 - 2014-06-02 16:25 - 00000000 ____D () C:\NPE
2014-06-02 16:21 - 2014-06-02 16:30 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
2014-06-02 16:12 - 2014-06-03 17:39 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
2014-06-02 16:12 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
2014-06-02 16:12 - 2014-06-02 16:13 - 00000000 ____D () C:\Program Files (x86)\MRS
2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2014-05-25 21:16 - 2014-06-03 19:13 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-05-25 21:16 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
2014-05-15 00:34 - 2014-04-12 05:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 00:34 - 2014-04-12 05:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 00:34 - 2014-04-12 03:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 00:34 - 2014-03-28 15:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-15 00:34 - 2014-03-28 04:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 00:34 - 2014-03-28 02:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 00:34 - 2014-03-23 18:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-15 00:34 - 2014-03-10 23:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 00:33 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 00:33 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 00:33 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 00:33 - 2014-04-12 05:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 00:33 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 00:33 - 2014-04-12 05:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-15 00:33 - 2014-04-12 05:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-15 00:33 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 00:33 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 00:33 - 2014-04-12 05:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-15 00:33 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 00:33 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 00:33 - 2014-04-12 03:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-15 00:33 - 2014-04-12 03:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-15 00:33 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 00:33 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 00:33 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 00:33 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 00:33 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-15 00:33 - 2014-03-28 04:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-15 00:33 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 00:33 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 00:33 - 2014-03-10 20:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 00:33 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 00:33 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 00:33 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 00:33 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 00:33 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 00:33 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 00:33 - 2014-03-03 19:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-15 00:32 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 00:32 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 00:32 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 00:32 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-15 00:32 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-15 00:32 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-15 00:32 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-15 00:32 - 2014-02-26 19:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 00:32 - 2014-02-26 19:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-15 00:32 - 2014-02-26 19:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-15 00:32 - 2014-02-26 19:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-15 00:32 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
2014-05-11 15:10 - 2014-05-11 15:11 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
2014-05-10 00:23 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys

==================== One Month Modified Files and Folders =======

2014-06-09 17:18 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner\AppData\Local\Temp
2014-06-09 17:16 - 2014-06-09 17:16 - 00016314 _____ () C:\Users\owner\Desktop\FRST.txt
2014-06-09 17:16 - 2014-06-09 17:16 - 00000000 ____D () C:\FRST
2014-06-09 17:10 - 2014-06-09 17:10 - 02080768 _____ (Farbar) C:\Users\owner\Desktop\Virus fixer.exe
2014-06-09 17:02 - 2014-03-29 01:37 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 17:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-09 16:12 - 2013-10-22 17:28 - 01683372 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 15:54 - 2013-11-13 16:28 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
2014-06-09 14:51 - 2014-03-14 22:59 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-09 14:51 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-09 14:45 - 2013-11-17 11:52 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-06-09 14:45 - 2013-11-17 11:52 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-06-09 14:45 - 2013-10-22 17:34 - 00059387 __RSH () C:\Windows\system32\masteraclini.enu
2014-06-09 14:45 - 2013-10-22 17:34 - 00000120 ___RH () C:\Windows\system32\masteraclbini.enu
2014-06-09 14:45 - 2013-09-13 18:20 - 00001017 _____ () C:\Windows\SysWOW64\bscs.ini
2014-06-09 07:17 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-09 01:02 - 2014-03-29 01:37 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 02:34 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-08 01:49 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Local\Battle.net
2014-06-07 16:10 - 2013-12-26 11:31 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForowner
2014-06-07 16:10 - 2013-12-26 11:31 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForowner.job
2014-06-07 16:10 - 2013-10-22 17:29 - 00000000 ____D () C:\Users\owner
2014-06-06 07:18 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\Documents\Youcam
2014-06-06 07:06 - 2014-06-06 07:06 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore
2014-06-06 07:05 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 07:04 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-04 14:51 - 2013-10-22 17:37 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2255616114-2979358920-1297510320-1002
2014-06-03 22:19 - 2014-06-03 22:19 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVG2014
2014-06-03 19:54 - 2012-08-03 18:23 - 00493286 _____ () C:\Windows\PFRO.log
2014-06-03 19:52 - 2014-06-03 19:49 - 00000000 ____D () C:\AdwCleaner
2014-06-03 19:51 - 2013-09-25 13:40 - 00001331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2014-06-03 19:13 - 2014-05-25 21:16 - 00003420 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-06-03 18:22 - 2014-06-03 18:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-03 17:39 - 2014-06-02 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 17:39 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS
2014-06-03 17:39 - 2013-11-17 12:13 - 00000000 ____D () C:\Users\owner\AppData\Local\bluesoleil
2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-06-03 17:39 - 2013-11-07 01:20 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2014-06-03 17:39 - 2013-09-25 14:34 - 00000000 ____D () C:\ProgramData\Norton
2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-03 17:39 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-03 17:38 - 2014-06-02 16:12 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS
2014-06-03 17:38 - 2014-05-25 21:16 - 00000000 ____D () C:\Users\owner\AppData\Roaming\wi_upd
2014-06-03 17:38 - 2014-03-17 00:23 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Battle.net
2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 17:38 - 2013-10-22 17:31 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___RD () C:\Windows\ToastData
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-03 17:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
2014-06-03 17:38 - 2012-07-26 01:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-06-03 16:13 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AppCompat
2014-06-03 15:17 - 2014-06-03 15:17 - 00000905 _____ () C:\Users\owner\Desktop\JRT.txt
2014-06-03 07:15 - 2014-06-03 07:15 - 00000000 ____D () C:\Windows\ERUNT
2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla
2014-06-02 20:37 - 2014-06-02 20:35 - 00000000 ____D () C:\Users\owner\AppData\Local\Mozilla
2014-06-02 20:35 - 2014-06-02 20:35 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-02 20:35 - 2014-06-02 20:35 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-02 20:35 - 2014-06-02 20:35 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-02 16:30 - 2014-06-02 16:21 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
2014-06-02 16:25 - 2014-06-02 16:24 - 00000000 ____D () C:\NPE
2014-06-02 16:13 - 2014-06-02 16:12 - 00000000 ____D () C:\Program Files (x86)\MRS
2014-06-02 16:12 - 2014-06-02 16:12 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-06-02 16:12 - 2014-03-16 18:12 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-01 12:46 - 2014-06-01 12:46 - 11698864 _____ (Nota Inc. ) C:\Users\owner\Downloads\GyazoSetup.exe
2014-06-01 12:46 - 2014-06-01 12:46 - 00003746 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2014-06-01 12:46 - 2013-11-07 01:20 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2014-06-01 00:01 - 2013-11-23 21:17 - 00000000 ____D () C:\Users\owner\Documents\CyberLink
2014-05-31 23:05 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-05-31 23:03 - 2013-10-24 06:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 23:00 - 2013-10-24 06:45 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 01:13 - 2014-03-13 12:37 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-05-29 17:33 - 2014-03-17 00:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-29 07:29 - 2013-11-07 15:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-29 07:29 - 2013-11-07 15:44 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-28 19:24 - 2014-03-17 00:29 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-23 02:26 - 2013-09-25 14:05 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-23 02:24 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup
2014-05-22 20:16 - 2014-03-29 01:38 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 16:30 - 2014-05-15 16:30 - 00000432 _____ () C:\Users\owner\Documents\Drake's application..txt
2014-05-13 16:04 - 2014-05-13 16:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-13 16:04 - 2012-07-26 03:21 - 00431647 _____ () C:\Windows\setupact.log
2014-05-11 16:04 - 2014-03-04 21:10 - 00000000 ____D () C:\Users\owner\.gimp-2.8
2014-05-11 15:50 - 2014-05-11 15:50 - 00015221 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
2014-05-11 15:50 - 2014-03-04 21:17 - 00000000 ____D () C:\Users\owner\AppData\Local\gtk-2.0
2014-05-11 15:11 - 2014-05-11 15:10 - 04366325 _____ () C:\Users\owner\Downloads\GIMP_Arcane_Circles_Brushes_by_Project_GimpBC.zip
2014-05-10 03:50 - 2013-09-25 14:17 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-05-10 00:28 - 2013-09-25 13:48 - 00005396 _____ () C:\Windows\system32\RaCoInst.log
2014-05-10 00:23 - 2014-05-10 00:23 - 00003156 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
2014-05-10 00:23 - 2013-07-20 01:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-05-10 00:07 - 2013-10-22 17:32 - 00000000 ____D () C:\Users\owner\AppData\Local\CyberLink
2014-05-10 00:07 - 2013-09-25 14:16 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-10 00:05 - 2013-09-25 14:08 - 00000000 ____D () C:\ProgramData\CyberLink

Some content of TEMP:
====================
C:\Users\owner\AppData\Local\Temp\COMAP.EXE
C:\Users\owner\AppData\Local\Temp\Extract.exe
C:\Users\owner\AppData\Local\Temp\fh4g5sng.lbl.exe
C:\Users\owner\AppData\Local\Temp\GPUpd.exe
C:\Users\owner\AppData\Local\Temp\Quarantine.exe
C:\Users\owner\AppData\Local\Temp\SP63065.exe
C:\Users\owner\AppData\Local\Temp\SP63285.exe
C:\Users\owner\AppData\Local\Temp\SP63341.exe
C:\Users\owner\AppData\Local\Temp\SP63599.exe
C:\Users\owner\AppData\Local\Temp\SP63752.exe
C:\Users\owner\AppData\Local\Temp\SP63786.exe
C:\Users\owner\AppData\Local\Temp\SP63805.exe
C:\Users\owner\AppData\Local\Temp\SP64082.exe
C:\Users\owner\AppData\Local\Temp\SP64109.exe
C:\Users\owner\AppData\Local\Temp\sp64126.exe
C:\Users\owner\AppData\Local\Temp\SP64156.exe
C:\Users\owner\AppData\Local\Temp\SP64218.exe
C:\Users\owner\AppData\Local\Temp\SP64223.exe
C:\Users\owner\AppData\Local\Temp\SP64224.exe
C:\Users\owner\AppData\Local\Temp\SP64225.exe
C:\Users\owner\AppData\Local\Temp\SP64226.exe
C:\Users\owner\AppData\Local\Temp\SP64480.exe
C:\Users\owner\AppData\Local\Temp\SP64726.exe
C:\Users\owner\AppData\Local\Temp\SP64740.exe
C:\Users\owner\AppData\Local\Temp\SP64741.exe
C:\Users\owner\AppData\Local\Temp\SP64854.exe
C:\Users\owner\AppData\Local\Temp\SP65782.exe
C:\Users\owner\AppData\Local\Temp\SP65787.exe
C:\Users\owner\AppData\Local\Temp\SP65790.exe
C:\Users\owner\AppData\Local\Temp\SP65792.exe
C:\Users\owner\AppData\Local\Temp\SP65795.exe
C:\Users\owner\AppData\Local\Temp\SP65796.exe
C:\Users\owner\AppData\Local\Temp\SP65802.exe
C:\Users\owner\AppData\Local\Temp\SP66089.exe
C:\Users\owner\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\owner\AppData\Local\Temp\vzcizewp.tdi.exe
C:\Users\owner\AppData\Local\Temp\w4c1hlwe.hre.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-04 14:52

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014 03
Ran by owner at 2014-06-09 17:19:30
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30416 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{301D3AA1-5DCC-FCFD-622E-3C7CBA87C80F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
AMD Start Now (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0416.2337.40605 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0416.2338.40605 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.6.7225 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.5.3606 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.4.4824 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.4.3202 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.5.3304 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3.3709 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.3.3907 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Gyazo 2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{61245005-66F1-4001-AEE8-2E2D36F65C28}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 11.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LibreOffice 4.0.3.3 (HKLM-x32\...\{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}) (Version: 4.0.3.3 - The Document Foundation)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
System Update kb70007 (x32 Version: 1.0.0 - MRS) Hidden
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

18-05-2014 19:02:55 Scheduled Checkpoint
23-05-2014 06:11:56 HPSF Applying updates
29-05-2014 18:36:55 HPSF Applying updates
03-06-2014 02:06:27 Restore Operation

==================== Hosts content: ==========================

2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C2C57A8-6AE6-4426-8312-CAD58BC43CDA} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3744B4E0-92A4-4408-B7E8-FD014EB14F70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {394E694D-DD97-4CBF-A7B7-882AE8D13D3B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {3DCECDB0-0ACB-4B2C-9EE0-9D2840C2255B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {56A73511-3502-4717-A638-FA8CEB683D92} - \GPUpdate No Task File <==== ATTENTION
Task: {6F0E125C-BD82-4C1F-BB2A-D3A3ACB0544C} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-05-08] ()
Task: {6FB492EC-231E-43F2-ACF5-ED8F4AC8B0D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8E9E7DBD-5F4C-47C0-AC38-E1846526FBB2} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A9C88A26-E97E-4239-BC6B-76FB320251CB} - System32\Tasks\GPUpdateCheck => C:\Users\owner\AppData\Roaming\GetPrivate\gp_upd.exe
Task: {BA1E9D5C-6F80-49A0-B82C-DFF707CA50ED} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {BD43A6CC-D0E1-48BF-89A8-8642D26A39F1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C0639D13-4BCA-4DCA-BFC8-C1C257B67D06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {C39FBD02-039D-461B-91E1-0E8DA5E593E1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C87AB76A-87B3-41D4-9F74-30598CC7BB6F} - System32\Tasks\HPCeeScheduleForowner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {EADD3001-264F-4854-B172-BF0255A030A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F71EC349-23C5-4BEC-B038-911F09AADA56} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-28] (Synaptics Incorporated)
Task: {FBA5A762-D3A7-41ED-BE3A-CD4B7F603281} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForowner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-10-22 17:34 - 2013-11-30 01:15 - 09361520 ___RH () C:\Windows\system32\idle-Threads.exe
2013-10-22 17:34 - 2013-11-30 01:15 - 00480880 ___SH () C:\Windows\system32\semaphore-Threads.exe
2013-04-17 02:51 - 2013-04-17 02:51 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-04-17 02:50 - 2013-04-17 02:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00029184 _____ () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
2014-06-02 16:12 - 2014-05-29 17:59 - 02322944 _____ () C:\Users\owner\AppData\Local\MRS\svcsystem.exe
2013-05-14 18:33 - 2013-05-14 18:33 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-04-17 02:51 - 2013-04-17 02:51 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2013-04-17 02:50 - 2013-04-17 02:50 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00021504 _____ () C:\Users\owner\AppData\Local\MRS\winsystem.exe
2013-05-14 18:33 - 2013-05-14 18:33 - 00029432 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2013-05-14 18:33 - 2013-05-14 18:33 - 00016632 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-05-14 18:33 - 2013-05-14 18:33 - 00062200 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-05-24 11:22 - 2013-05-24 11:22 - 00334648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 11:53 - 2011-07-05 11:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\ConfigurationData.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\BaseLibrary.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00015360 _____ () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\Installer.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00054784 _____ () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\InstallerLibrary.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\owner\AppData\Local\MRS\ConfigurationData.dll
2014-06-02 16:12 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\owner\AppData\Local\MRS\BaseLibrary.dll
2014-02-13 15:39 - 2013-08-05 03:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-13 15:39 - 2013-08-05 04:51 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2014-02-13 15:39 - 2013-03-05 23:04 - 01321944 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
2014-02-13 15:39 - 2013-08-05 04:51 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2013-05-14 18:33 - 2013-05-14 18:33 - 00080120 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2013-05-14 18:33 - 2013-05-14 18:33 - 00371448 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-22 20:16 - 2014-05-13 19:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
2014-06-02 16:13 - 2014-06-09 17:04 - 00086528 _____ () C:\Program Files (x86)\MRS\pvx\mgwz.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2014 05:14:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: easyhome)
Description: Activation of app DefaultBrowser_NOPUBLISHERID!Microsoft.Windows.Desktop failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/09/2014 03:53:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16537, time stamp: 0x512347f7
Faulting module name: atidxx32.dll, version: 8.17.10.519, time stamp: 0x5242bb0c
Exception code: 0xc0000005
Fault offset: 0x00072e57
Faulting process id: 0x5b40
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1622

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1622

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12888631

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12888631

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2014 03:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1887

Error: (06/09/2014 03:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1887


System errors:
=============
Error: (06/06/2014 06:33:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AdaptiveSleepService service.

Error: (06/05/2014 00:54:47 AM) (Source: DCOM) (EventID: 10016) (User: easyhome)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}easyhomeownerS-1-5-21-2255616114-2979358920-1297510320-1002LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/03/2014 07:19:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Lab Driver service failed to start due to the following error:
%%193

Error: (06/03/2014 06:27:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Lab Driver service failed to start due to the following error:
%%193

Error: (06/03/2014 05:44:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The SystemUpdatekb70007 service hung on starting.


Microsoft Office Sessions:
=========================
Error: (06/09/2014 05:14:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: easyhome)
Description: DefaultBrowser_NOPUBLISHERID!Microsoft.Windows.Desktop-2144927148

Error: (06/09/2014 03:53:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7atidxx32.dll8.17.10.5195242bb0cc000000500072e575b4001cf83ab9090ff60C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\atidxx32.dllcaa5737d-f00f-11e3-bed8-70188bf393a0

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1622

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1622

Error: (06/09/2014 07:32:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12888631

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12888631

Error: (06/09/2014 07:01:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2014 03:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1887

Error: (06/09/2014 03:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1887


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 5602.07 MB
Available physical RAM: 2070.56 MB
Total Pagefile: 6498.07 MB
Available Pagefile: 2252.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:440.95 GB) (Free:354.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.04 GB) (Free:2.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: BC9E3119)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=407 MB) - (Type=00)

==================== End Of Log ============================


Edited by Starbuck, 09 June 2014 - 05:05 PM.


#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 09 June 2014 - 05:07 PM

Hi Rwhie84

I have added the reports to your post as they are difficult to work with when added on pastebin.
I'll go through the reports and write a fix for you.
Back soon.

BBPP6nz.png


#5 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 09 June 2014 - 06:15 PM

Hi Rwhie84

Question:
What exactly do these relate to:

S2 .Net Crypt; C:\Windows\System32\mutex-Threads.exe [9539184 2013-11-30] ()
R2 .Net Main; C:\Windows\System32\idle-Threads.exe [9361520 2013-11-30] ()
S2 .Net Security; C:\Windows\System32\latch-Threads.exe [9544304 2013-11-30] ()
R2 .Net Semaphore; C:\Windows\System32\semaphore-Threads.exe [480880 2013-11-30] ()

I get very mixed reports from my searches.
All installed on the same date.


Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

frstfix_zps7db0c905.png

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.

Also let me know if the system runs any differently after the fix.

Thanks

Attached Files


BBPP6nz.png


#6 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 09 June 2014 - 08:53 PM

Wow my computer is already doing a lot better, thanks so much. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-06-2014 03 Ran by owner at 2014-06-09 21:18:40 Run:1 Running from C:\Users\owner\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** () C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe () C:\Users\owner\AppData\Local\MRS\svcsystem.exe () C:\Users\owner\AppData\Local\MRS\winsystem.exe (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MRS\pvx\privoxy.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118 FF NetworkProxy: "http", "127.0.0.1" FF NetworkProxy: "http_port", 8118 FF NetworkProxy: "ssl", "127.0.0.1" FF NetworkProxy: "ssl_port", 8118 FF NetworkProxy: "type", 1 R2 SystemUpdatekb70007; C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] () U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; 2014-06-02 16:12 - 2014-06-03 17:39 - 00000000 ____D () C:\Users\owner\AppData\Local\MRS 2014-06-02 16:12 - 2014-06-03 17:38 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MRS 2014-06-02 16:12 - 2014-06-02 16:13 - 00000000 ____D () C:\Program Files (x86)\MRS C:\Users\owner\AppData\Local\Temp\COMAP.EXE C:\Users\owner\AppData\Local\Temp\Extract.exe C:\Users\owner\AppData\Local\Temp\fh4g5sng.lbl.exe C:\Users\owner\AppData\Local\Temp\GPUpd.exe C:\Users\owner\AppData\Local\Temp\Quarantine.exe C:\Users\owner\AppData\Local\Temp\SP63065.exe C:\Users\owner\AppData\Local\Temp\SP63285.exe C:\Users\owner\AppData\Local\Temp\SP63341.exe C:\Users\owner\AppData\Local\Temp\SP63599.exe C:\Users\owner\AppData\Local\Temp\SP63752.exe C:\Users\owner\AppData\Local\Temp\SP63786.exe C:\Users\owner\AppData\Local\Temp\SP63805.exe C:\Users\owner\AppData\Local\Temp\SP64082.exe C:\Users\owner\AppData\Local\Temp\SP64109.exe C:\Users\owner\AppData\Local\Temp\sp64126.exe C:\Users\owner\AppData\Local\Temp\SP64156.exe C:\Users\owner\AppData\Local\Temp\SP64218.exe C:\Users\owner\AppData\Local\Temp\SP64223.exe C:\Users\owner\AppData\Local\Temp\SP64224.exe C:\Users\owner\AppData\Local\Temp\SP64225.exe C:\Users\owner\AppData\Local\Temp\SP64226.exe C:\Users\owner\AppData\Local\Temp\SP64480.exe C:\Users\owner\AppData\Local\Temp\SP64726.exe C:\Users\owner\AppData\Local\Temp\SP64740.exe C:\Users\owner\AppData\Local\Temp\SP64741.exe C:\Users\owner\AppData\Local\Temp\SP64854.exe C:\Users\owner\AppData\Local\Temp\SP65782.exe C:\Users\owner\AppData\Local\Temp\SP65787.exe C:\Users\owner\AppData\Local\Temp\SP65790.exe C:\Users\owner\AppData\Local\Temp\SP65792.exe C:\Users\owner\AppData\Local\Temp\SP65795.exe C:\Users\owner\AppData\Local\Temp\SP65796.exe C:\Users\owner\AppData\Local\Temp\SP65802.exe C:\Users\owner\AppData\Local\Temp\SP66089.exe C:\Users\owner\AppData\Local\Temp\UninstallHPSA.exe C:\Users\owner\AppData\Local\Temp\vzcizewp.tdi.exe C:\Users\owner\AppData\Local\Temp\w4c1hlwe.hre.exe Task: {56A73511-3502-4717-A638-FA8CEB683D92} - \GPUpdate No Task File <==== ATTENTION Task: {A9C88A26-E97E-4239-BC6B-76FB320251CB} - System32\Tasks\GPUpdateCheck => C:\Users\owner\AppData\Roaming\GetPrivate\gp_upd.exe Hosts: Reboot: ***************** [2200] C:\Users\owner\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe => Process closed successfully. [3424] C:\Users\owner\AppData\Local\MRS\svcsystem.exe => Process closed successfully. [15464] C:\Users\owner\AppData\Local\MRS\winsystem.exe => Process closed successfully. [41076] C:\Program Files (x86)\MRS\pvx\privoxy.exe => Process closed successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. Firefox Proxy settings were reset. Firefox Proxy settings were reset. Firefox Proxy settings were reset. Firefox Proxy settings were reset. Firefox Proxy settings were reset. SystemUpdatekb70007 => Service deleted successfully. BthAvrcpTg => Service deleted successfully. BthHFEnum => Service deleted successfully. bthhfhid => Service deleted successfully. C:\Users\owner\AppData\Local\MRS => Moved successfully. C:\Users\owner\AppData\Roaming\MRS => Moved successfully. C:\Program Files (x86)\MRS => Moved successfully. C:\Users\owner\AppData\Local\Temp\COMAP.EXE => Moved successfully. C:\Users\owner\AppData\Local\Temp\Extract.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\fh4g5sng.lbl.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\GPUpd.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63065.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63285.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63341.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63599.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63752.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63786.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP63805.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64082.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64109.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\sp64126.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64156.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64218.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64223.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64224.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64225.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64226.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64480.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64726.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64740.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64741.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP64854.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65782.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65787.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65790.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65792.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65795.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65796.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP65802.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\SP66089.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\vzcizewp.tdi.exe => Moved successfully. C:\Users\owner\AppData\Local\Temp\w4c1hlwe.hre.exe => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56A73511-3502-4717-A638-FA8CEB683D92}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56A73511-3502-4717-A638-FA8CEB683D92}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUpdate' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9C88A26-E97E-4239-BC6B-76FB320251CB}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9C88A26-E97E-4239-BC6B-76FB320251CB}' => Key deleted successfully. C:\Windows\System32\Tasks\GPUpdateCheck => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUpdateCheck' => Key deleted successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. The system needed a reboot. ==== End of Fixlog ====

#7 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 10 June 2014 - 10:50 AM

Hi Rwhie84

Wow my computer is already doing a lot better,

That's good to hear. :)

The reason for the jumbled fixlog.txt you posted, is that Wordwrap is turned on with Notepad.
Open a Notepad document, Click the Format tab, UNtick Wordwrap.
That should sort it in the future.

Step 1

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 5 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 5".
  • Click the "Download JRE " button.
  • Accept the license agreement.
  • select 'Windows x64.exe' from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Please uninstall all older versions of Java.
    .
    Java™ 6 Update 29
    .
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.
Step 2
Download RogueKiller and save it to your desktop.
  • Close all running processes (security programs etc )
  • Double click RogueKiller icon to run the program
    Vista/Win7/Win8 users should right click the icon and select Run as Administrator.
  • Wait for the Prescan to finish.
  • Now click the Scan button.
  • Please copy and paste the report in your next reply.
A copy of the RKreport.txt can be found on your desktop.

Note:
If RogueKiller is blocked, do not hesitate to try running it again.
If it still fails to run, right click on the downloaded icon and select 'Rename'.....rename it to winlogon and try again.


In your next reply, please submit:
RKreport.txt

also let me know if you still want to remove Avg... if so what alternative do you have in mind.


Thanks.

BBPP6nz.png


#8 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 10 June 2014 - 05:49 PM

Which of these http://gyazo.com/4b5a59c883110e4e9062ac4ccdead403 do I download?

#9 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 11 June 2014 - 12:24 AM

Which of these do I download?


javacap_zpsb31b18ce.png

BBPP6nz.png


#10 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 11 June 2014 - 01:19 AM

Okay thanks, now when I click the roguekiller link it says the page can't be displayed, doesn't work on chrome or i.e. Sorry if I'm doing something dumb, I'm not very good with computers.

#11 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 11 June 2014 - 03:46 PM

Hi Rwhie84

I see what you mean.
Sorry about that.

I just tried this link and it worked fine.
Rogue Killer

BBPP6nz.png


#12 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 11 June 2014 - 07:34 PM

Okay this is what I got and I think I will keep AVG since I do think it helps me figure out when something I'm doing is no good. RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 8 (6.2.9200 ) 64 bits version Started in : Normal mode User : owner [Admin rights] Mode : Scan -- Date : 06/11/2014 19:34:47 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 22 ¤¤¤ [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0214c : C:\Users\owner\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=356f40509df447d29d14a151cd177a53-84ad5da3cbbefba1c97e797a60de79166fdaf70c /CMPID=0214c -> FOUND [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0214c : C:\Users\owner\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=356f40509df447d29d14a151cd177a53-84ad5da3cbbefba1c97e797a60de79166fdaf70c /CMPID=0214c -> FOUND [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8118;https=127.0.0.1:8118 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2255616114-2979358920-1297510320-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 762 ¤¤¤ [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_GetBlockedDriverInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfb7e [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_GetServerSideDeviceInstallFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfba0 [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_Init_Detection : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfbcd [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_Report_LogOn : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfbe9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_WaitNoPendingInstallEvents : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfc03 [EAT:Addr] (iexplore.exe) imagehlp.dll - CMP_WaitServicesAvailable : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfc2b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Driver_PackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfc4e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Empty_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfc6e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Empty_Log_Conf_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfc8d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_IDA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfcaf [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_IDW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfcc3 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_ID_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfcd7 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_ID_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfcee [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Range : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd05 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd1b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Add_Res_Des_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd33 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Apply_PowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Connect_MachineA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd4e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Connect_MachineW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd6b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Create_DevNodeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfd88 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Create_DevNodeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfda4 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Create_DevNode_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfdc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Create_DevNode_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfddf [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Create_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfdfe [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Class_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfe1c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Class_Key_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfe39 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_DevNode_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfe59 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_DevNode_Key_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfe78 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Device_Interface_KeyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfe9a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Device_Interface_KeyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfec3 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Device_Interface_Key_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcfeec [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Device_Interface_Key_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcff18 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Driver_PackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcff44 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_PowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Delete_Range : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcff67 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Detect_Resource_Conflict : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcff80 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Detect_Resource_Conflict_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcffa5 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Disable_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcffcd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Disable_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bcffe9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Disconnect_Machine : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0008 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Dup_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0027 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Duplicate_PowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enable_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0042 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enable_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd005d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_Classes : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd007b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_Classes_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0099 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_EnumeratorsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd00ba [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_EnumeratorsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd00dd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_Enumerators_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0100 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Enumerate_Enumerators_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0126 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Find_Range : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd014c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_First_Range : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0163 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd017b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Log_Conf_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0195 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Log_Conf_Handle : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd01b2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd01d3 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd01ef [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Res_Des_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0208 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Res_Des_Handle : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0224 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Free_Resource_Conflict_Handle : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0244 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Child : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd026e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Child_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0284 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Key_NameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd029d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Key_NameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd02bd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Key_Name_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd02dd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Key_Name_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0300 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_NameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0323 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_NameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd033f [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Name_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd035b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Name_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd037a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Registry_PropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0399 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Class_Registry_PropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd03c2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Depth : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd03eb [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Depth_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0401 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Custom_PropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd041a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Custom_PropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0443 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Custom_Property_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd046c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Custom_Property_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0498 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Registry_PropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd04c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Registry_PropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd04ef [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Registry_Property_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd051a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Registry_Property_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0548 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Status : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0576 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_DevNode_Status_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0595 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_IDA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd05b7 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_IDW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd05d2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd05ed [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd060b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_ListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0629 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_ListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0649 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0669 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd068c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_SizeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd06af [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_SizeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd06d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_Size_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd06f9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_List_Size_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0721 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0749 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_ID_Size_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0768 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_AliasA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd078a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_AliasW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd07b2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_Alias_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd07da [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_Alias_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0805 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_ListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0830 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_ListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0857 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd087e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd08a8 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_SizeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd08d2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_SizeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd08fe [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_Size_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd092a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Device_Interface_List_Size_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0959 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_First_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0988 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_First_Log_Conf_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd09a7 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Global_State : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd09c9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Global_State_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd09e6 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_HW_Prof_FlagsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0a06 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_HW_Prof_FlagsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0a25 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_HW_Prof_Flags_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0a44 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_HW_Prof_Flags_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0a66 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Hardware_Profile_InfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0a88 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Hardware_Profile_InfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0aaf [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Hardware_Profile_Info_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0ad6 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Hardware_Profile_Info_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0b00 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Log_Conf_Priority : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0b2a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Log_Conf_Priority_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0b4c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Next_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0b71 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Next_Log_Conf_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0b8f [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Next_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0bb0 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Next_Res_Des_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0bcd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Parent : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0bed [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Parent_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0c04 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Res_Des_Data : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0c1e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Res_Des_Data_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0c3b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Res_Des_Data_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0c5b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Res_Des_Data_Size_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0c7d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Resource_Conflict_Count : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0ca2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Resource_Conflict_DetailsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0cca [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Resource_Conflict_DetailsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0cf5 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Sibling : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0d20 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Sibling_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0d38 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Version : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0d53 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Get_Version_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0d6b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Import_PowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Install_DevNodeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0d86 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Install_DevNode_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0da3 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Intersect_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0dc3 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Invert_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0de4 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Is_Dock_Station_Present : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0e02 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Is_Dock_Station_Present_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0e26 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Is_Version_Available : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0e4d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Is_Version_Available_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0e6e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Locate_DevNodeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0e92 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Locate_DevNodeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0eae [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Locate_DevNode_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0eca [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Locate_DevNode_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0ee9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Merge_Range_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f08 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Modify_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f25 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Modify_Res_Des_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f40 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Move_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f5e [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Move_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f77 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Next_Range : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0f93 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Class_KeyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0faa [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Class_KeyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0fc6 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Class_Key_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd0fe2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Class_Key_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1001 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_DevNode_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1020 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_DevNode_Key_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd103d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Device_Interface_KeyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd105d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Device_Interface_KeyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1084 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Device_Interface_Key_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd10ab [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Open_Device_Interface_Key_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd10d5 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_And_Remove_SubTreeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd10ff [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_And_Remove_SubTreeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1125 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_And_Remove_SubTree_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd114b [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_And_Remove_SubTree_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1174 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Arbitrator_Free_Data : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd119d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Arbitrator_Free_Data_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd11c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Arbitrator_Free_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd11ee [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Arbitrator_Free_Size_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1215 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Remove_SubTree : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd123f [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Remove_SubTree_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1260 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Query_Resource_Conflict_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1284 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Reenumerate_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd12ad [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Reenumerate_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd12cd [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_Driver : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd12f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_Driver_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1313 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_InterfaceA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1339 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_InterfaceW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1360 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_Interface_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1387 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Register_Device_Interface_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd13b1 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Remove_SubTree : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd13db [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Remove_SubTree_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd13f6 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Device_EjectA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1414 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Device_EjectW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1436 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Device_Eject_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1458 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Device_Eject_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd147d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Eject_PC : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd14a2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Request_Eject_PC_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd14bf [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_RestoreAll_DefaultPowerSchemes : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Restore_DefaultPowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Run_Detection : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd14df [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Run_Detection_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd14f9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_ActiveScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_Class_Registry_PropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1516 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_Class_Registry_PropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd153f [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Problem : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1568 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Problem_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1588 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Registry_PropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd15ab [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Registry_PropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd15d6 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Registry_Property_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1601 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_DevNode_Registry_Property_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd162f [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd165d [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1675 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof_FlagsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1690 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof_FlagsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd16af [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof_Flags_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd16ce [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Set_HW_Prof_Flags_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd16f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Setup_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1712 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Setup_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd172c [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Test_Range_Available : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1749 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Uninstall_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd176a [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Uninstall_DevNode_Ex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1788 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Unregister_Device_InterfaceA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd17a9 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Unregister_Device_InterfaceW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd17d2 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Unregister_Device_Interface_ExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd17fb [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Unregister_Device_Interface_ExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1827 [EAT:Addr] (iexplore.exe) imagehlp.dll - CM_Write_UserPowerKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - DoesUserHavePrivilege : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69baacf0 [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreAddDriverPackageA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7b94 [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreAddDriverPackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7d3c [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreDeleteDriverPackageA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7abc [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreDeleteDriverPackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7b28 [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreEnumDriverPackageA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba74cc [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreEnumDriverPackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7570 [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreFindDriverPackageA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7830 [EAT:Addr] (iexplore.exe) imagehlp.dll - DriverStoreFindDriverPackageW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba79e8 [EAT:Addr] (iexplore.exe) imagehlp.dll - ExtensionPropSheetPageProc : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b431d0 [EAT:Addr] (iexplore.exe) imagehlp.dll - InstallCatalog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b750 [EAT:Addr] (iexplore.exe) imagehlp.dll - InstallHinfSection : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b73cc8 [EAT:Addr] (iexplore.exe) imagehlp.dll - InstallHinfSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b73cc8 [EAT:Addr] (iexplore.exe) imagehlp.dll - InstallHinfSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7358c [EAT:Addr] (iexplore.exe) imagehlp.dll - IsUserAdmin : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bab294 [EAT:Addr] (iexplore.exe) imagehlp.dll - Local_CM_Add_Driver_Package_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9d2e4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Local_CM_Delete_Driver_Package_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9d058 [EAT:Addr] (iexplore.exe) imagehlp.dll - Local_CM_Install_DevNode_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9d63c [EAT:Addr] (iexplore.exe) imagehlp.dll - MyFree : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b788 [EAT:Addr] (iexplore.exe) imagehlp.dll - MyMalloc : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b774 [EAT:Addr] (iexplore.exe) imagehlp.dll - MyRealloc : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b760 [EAT:Addr] (iexplore.exe) imagehlp.dll - PnpEnumDrpFile : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b64304 [EAT:Addr] (iexplore.exe) imagehlp.dll - PnpIsFileAclIntact : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b64e28 [EAT:Addr] (iexplore.exe) imagehlp.dll - PnpIsFileContentIntact : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b64d0c [EAT:Addr] (iexplore.exe) imagehlp.dll - PnpIsFilePnpDriver : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b15640 [EAT:Addr] (iexplore.exe) imagehlp.dll - PnpRepairWindowsProtectedDriver : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b64554 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CMP_GetServerSideDeviceInstallFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2770 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CMP_WaitServicesAvailable : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2858 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Add_Empty_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3570 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Add_ID : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba42b8 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Add_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9ed10 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Connect_Machine_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2dfc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Create_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4ffc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Delete_Class_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f5c8 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Delete_DevNode_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba01fc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Delete_Device_Interface_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9fd7c [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Disable_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4d30 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Disconnect_Machine_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2d98 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Enable_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4c10 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Enumerate_Classes : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f8cc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Enumerate_Enumerators : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9df88 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Free_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3424 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Free_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9ebe4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Child : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e1a4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Class_Name : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f708 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Class_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba19d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Class_Property_Keys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba1be0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Class_Registry_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba0ecc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Depth : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9db64 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_DevNode_Custom_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9eeb4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_DevNode_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2408 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_DevNode_Property_Keys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba25e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_DevNode_Registry_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba167c [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_DevNode_Status : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4b00 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_ID_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9dde0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_ID_List_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9dc58 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_Interface_Alias : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f490 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_Interface_List : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f364 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_Interface_List_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f268 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_Interface_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba1f20 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Device_Interface_Property_Keys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba20ec [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_First_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3328 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Global_State : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2cb0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_HW_Prof_Flags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3dec [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Hardware_Profile_Info : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3ac4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Log_Conf_Priority : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3100 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Next_Log_Conf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3220 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Next_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9ea6c [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Parent : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e2b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Res_Des_Data : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e904 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Res_Des_Data_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e794 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Sibling : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e090 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Get_Version : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3044 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Install_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3684 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Is_Dock_Station_Present : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba40a0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Is_Version_Available : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2ff8 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Locate_DevNode_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e3d0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Modify_Res_Des : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9e600 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Open_Class_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9fa50 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Open_DevNode_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba0510 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Open_Device_Interface_Key : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9ff64 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Query_And_Remove_SubTree : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba46f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Query_Arbitrator_Free_Data : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2a44 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Query_Arbitrator_Free_Size : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2934 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Query_Resource_Conflict_List_Worker : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba5198 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Reenumerate_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4880 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Register_Device_Driver : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4178 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Register_Device_Interface : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f120 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Request_Device_Eject : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba43b0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Request_Eject_PC : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3fa4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Run_Detection : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2b84 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_Class_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba1820 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_Class_Registry_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba09c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_DevNode_Problem : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba49b0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_DevNode_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba2280 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_DevNode_Registry_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba1240 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_Device_Interface_Property : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba1da0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_HW_Prof : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba39a4 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Set_HW_Prof_Flags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba3bc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Setup_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4ecc [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Uninstall_DevNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba4544 [EAT:Addr] (iexplore.exe) imagehlp.dll - Remote_CM_Unregister_Device_Interface : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9f038 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddInstallSectionToDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60de0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddInstallSectionToDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60ef8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddSectionToDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b610d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddSectionToDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61000 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddToDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6142c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddToDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61564 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddToSourceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8a32c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAddToSourceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8a25c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAdjustDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61710 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupAdjustDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61834 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupBackupErrorA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8ce4c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupBackupErrorW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b91364 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCancelTemporarySourceList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8a794 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCloseFileQueue : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc5b14 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCloseInfFile : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b21d70 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCloseLog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2798c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCommitFileQueue : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6ac54 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCommitFileQueueA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6ad20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCommitFileQueueW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6ab88 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupConfigureWmiFromInfSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5bdf0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupConfigureWmiFromInfSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5c03c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCopyErrorA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8d294 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCopyErrorW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b90804 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCopyOEMInfA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b82908 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCopyOEMInfW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b82f24 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCreateDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61e28 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupCreateDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61ed0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDecompressOrCopyFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2c430 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDecompressOrCopyFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2c340 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDefaultQueueCallback : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6d93c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDefaultQueueCallbackA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6b658 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDefaultQueueCallbackW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6d93c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDeleteErrorA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8cfd0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDeleteErrorW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b90e8c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDestroyDiskSpaceList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b619cc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiApplyPowerScheme : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b7bc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiAskForOEMDisk : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b42f84 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiBuildClassInfoList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2de88 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiBuildClassInfoListExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2dd1c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiBuildClassInfoListExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2d9c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiBuildDriverInfoList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc7544 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCallClassInstaller : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b12258 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCancelDriverInfoSearch : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2f63c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiChangeState : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b4175c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassGuidsFromNameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e924 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassGuidsFromNameExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e670 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassGuidsFromNameExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e540 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassGuidsFromNameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e800 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassNameFromGuidA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2ef14 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassNameFromGuidExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2ebe8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassNameFromGuidExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2ea70 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiClassNameFromGuidW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2edf0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDevRegKeyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46610 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDevRegKeyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46a5c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b353b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInfoList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4ee0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInfoListExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b356f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInfoListExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc416c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b35060 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInterfaceA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34710 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInterfaceRegKeyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44718 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInterfaceRegKeyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46f48 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiCreateDeviceInterfaceW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3456c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDeleteDevRegKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44894 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDeleteDeviceInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34c44 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDeleteDeviceInterfaceData : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26e9c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDeleteDeviceInterfaceRegKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b445c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDestroyClassImageList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b31d8c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDestroyDeviceInfoList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc3cb0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDestroyDriverInfoList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26530 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiDrawMiniIcon : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34074 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiEnumDeviceInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4d00 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiEnumDeviceInterfaces : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4590 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiEnumDriverInfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b30a20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiEnumDriverInfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b24ee0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualModelsSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3b694 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualModelsSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3b40c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualSectionToInstallA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3b338 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualSectionToInstallExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3b0c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualSectionToInstallExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b4243c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetActualSectionToInstallW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b42368 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassBitmapIndex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b334b8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDescriptionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e414 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDescriptionExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e0e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDescriptionExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2dfac [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDescriptionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2e2f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevPropertySheetsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b4427c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevPropertySheetsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b4342c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b27a5c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevsExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34f10 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevsExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4400 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassDevsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc46b0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassImageIndex : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b31bdc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassImageList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b329a0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassImageListExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b32868 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassImageListExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b31ee4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b38264 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b380f4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassPropertyExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b129b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassPropertyKeys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44e28 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassPropertyKeysExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44c20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1289c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassRegistryPropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b458dc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetClassRegistryPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45898 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetCustomDevicePropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc8c90 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetCustomDevicePropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44484 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInfoListClass : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b355dc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInfoListDetailA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b354f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInfoListDetailW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc5354 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b384c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26328 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInstanceIdA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3481c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInstanceIdW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc5240 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInterfaceAlias : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2713c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInterfaceDetailA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc87b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInterfaceDetailW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4bc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInterfacePropertyKeys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b452e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceInterfacePropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45114 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDevicePropertyKeys : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45490 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDevicePropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc5460 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceRegistryPropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b464e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDeviceRegistryPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc4f90 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDriverInfoDetailA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b30164 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDriverInfoDetailW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b13650 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDriverInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b30058 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetDriverInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2fe94 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileFriendlyNameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36a74 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileFriendlyNameExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36734 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileFriendlyNameExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b364fc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileFriendlyNameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36950 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b363d8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileListExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36264 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetHwProfileListExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36050 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetINFClassA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2f340 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetINFClassW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2f038 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetSelectedDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5ae20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetSelectedDriverA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3092c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetSelectedDriverW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b12440 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiGetWizardPage : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5af60 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallClassA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36cc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallClassExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b37b48 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallClassExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36e14 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallClassW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b36b98 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b406dc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallDeviceInterfaces : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b40ffc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiInstallDriverFiles : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1257c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiLoadClassIcon : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b337e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiLoadDeviceIcon : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b33678 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiMoveDuplicateDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3c3dc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenClassRegKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46900 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenClassRegKeyExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46798 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenClassRegKeyExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b46f28 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDevRegKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc5630 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDeviceInfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc89f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDeviceInfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc575c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDeviceInterfaceA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc86d0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDeviceInterfaceRegKey : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26ffc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiOpenDeviceInterfaceW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc8178 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiRegisterCoDeviceInstallers : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b410a0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiRegisterDeviceInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b349d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiRemoveDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b41144 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiRemoveDeviceInterface : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34450 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportAdditionalSoftwareRequested : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b97b10 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportDeviceInstallError : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b99278 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportDriverNotFoundError : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b98504 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportDriverPackageImportationError : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b97680 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportGenericDriverInstalled : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b98160 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiReportPnPDeviceProblem : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b98a20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiRestartDevices : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3c458 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSelectBestCompatDrv : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b3fe78 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSelectDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5b270 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSelectOEMDrv : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b42e7c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b37e2c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b37cc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassPropertyExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44a04 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b473b0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassRegistryPropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45678 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetClassRegistryPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b4564c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b37fc4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b25300 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceInterfaceDefault : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b34d78 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceInterfacePropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b44f58 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDevicePropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b276c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceRegistryPropertyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45e84 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDeviceRegistryPropertyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b45d70 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDriverInstallParamsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2fd88 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetDriverInstallParamsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2fc00 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetSelectedDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5ace8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetSelectedDriverA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b307f4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiSetSelectedDriverW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc6c04 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDiUnremoveDevice : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b41390 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDuplicateDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61b3c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupDuplicateDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b61bf4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupEnumInfSectionsA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f54c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupEnumInfSectionsW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f48c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupEnumPublishedInfA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba71e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupEnumPublishedInfW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba7170 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFindFirstLineA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f268 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFindFirstLineW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f468 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFindNextLine : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f3d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFindNextMatchLineA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f188 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFindNextMatchLineW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f478 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFreeSourceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b89490 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupFreeSourceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b893b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetBackupInformationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a150 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetBackupInformationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a0d0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetBinaryField : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1d528 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFieldCount : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1d7f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileCompressionInfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2cae8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileCompressionInfoExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2c704 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileCompressionInfoExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2c520 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileCompressionInfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2c91c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileQueueCount : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68344 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetFileQueueFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68a28 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfDriverStoreLocationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b84b90 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfDriverStoreLocationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc7e04 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfFileListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b842ec [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfFileListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b841c8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfInformationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85b84 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfInformationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85810 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfPublishedNameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b849bc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfPublishedNameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd3470 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetInfSections : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85ff0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetIntField : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1c898 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineByIndexA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f0a0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineByIndexW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7f080 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineCountA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7efa8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineCountW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b27b20 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineTextA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8678c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetLineTextW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b86434 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetMultiSzFieldA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b860a8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetMultiSzFieldW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b86dac [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetNonInteractiveMode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b701ec [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceFileLocationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72e38 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceFileLocationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72c50 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceFileSizeA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72a94 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceFileSizeW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b728d8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceInfoA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85d94 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetSourceInfoW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85cc4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetStringFieldA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b86bc4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetStringFieldW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1c684 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetTargetPathA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72700 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetTargetPathW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc68b0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupGetThreadLogToken : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1853 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInitDefaultQueueCallback : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6b70c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInitDefaultQueueCallbackEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6d7b8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInitializeFileLogA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67f3c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInitializeFileLogW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67d40 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a6f8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFileExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2aa4c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFileExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a7ec [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a604 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFilesFromInfSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b75b68 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFilesFromInfSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b75a08 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFromInfSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b75dd0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallFromInfSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b75c9c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallLogCloseEventGroup : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bab4c8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallLogCreateEventGroup : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bab67c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallServicesFromInfSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b74320 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallServicesFromInfSectionExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b74158 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallServicesFromInfSectionExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b73d38 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupInstallServicesFromInfSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b74264 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupIterateCabinetA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5c5f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupIterateCabinetW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b5c524 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupLogErrorA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b87bc0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupLogErrorW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b87b48 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupLogFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67b3c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupLogFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67990 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenAppendInfFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b83e64 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenAppendInfFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b230f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenFileQueue : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26ab8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenInfFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b84068 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenInfFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b13c30 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenLog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1e808 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupOpenMasterInf : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b83f80 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupPrepareQueueForRestoreA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b2a054 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupPrepareQueueForRestoreW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b29fd8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupPromptForDiskA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8d7c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupPromptForDiskW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b915c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupPromptReboot : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6de48 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryDrivesInDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b600e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryDrivesInDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60020 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryFileLogA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67610 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryFileLogW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67424 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfFileInformationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b855b8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfFileInformationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85750 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfOriginalFileInformationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b853b4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfOriginalFileInformationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b851a4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfVersionInformationA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b84f48 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueryInfVersionInformationW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b84d9c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQuerySourceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b89ad0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQuerySourceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b89524 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQuerySpaceRequiredOnDriveA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6019c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQuerySpaceRequiredOnDriveW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6028c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b695ac [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopyIndirectA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b69228 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopyIndirectW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b69128 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopySectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68fe8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopySectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1c320 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueCopyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b69498 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDefaultCopyA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68e70 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDefaultCopyW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68c10 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDeleteA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a8f8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDeleteSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a714 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDeleteSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a4ac [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueDeleteW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a7f8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueRenameA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a320 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueRenameSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a0c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueRenameSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b69e40 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupQueueRenameW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6a1a4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFileLogEntryA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b678bc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFileLogEntryW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b677e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFromDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60b2c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFromDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60c50 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFromSourceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b89d3c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveFromSourceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b89c6c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveInstallSectionFromDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b604fc [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveInstallSectionFromDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60614 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveSectionFromDiskSpaceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b607ec [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRemoveSectionFromDiskSpaceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b60718 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRenameErrorA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8d110 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupRenameErrorW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b910e8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupScanFileQueue : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b27428 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupScanFileQueueA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6dd54 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupScanFileQueueW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b27428 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetDirectoryIdA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72488 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetDirectoryIdExA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b725f8 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetDirectoryIdExW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b72540 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetDirectoryIdW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b723d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetFileQueueAlternatePlatformA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68908 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetFileQueueAlternatePlatformW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68630 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetFileQueueFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67fb4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetNonInteractiveMode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b7020c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetPlatformPathOverrideA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b699c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetPlatformPathOverrideW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6984c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetSourceListA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8aa50 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetSourceListW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8a87c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupSetThreadLogToken : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1872 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupTermDefaultQueueCallback : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6dc9c [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupTerminateFileLog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b67cec [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupUninstallNewlyCopiedInfs : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b738 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupUninstallOEMInfA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b82800 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupUninstallOEMInfW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b825d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupVerifyInfFileA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b83c40 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupVerifyInfFileW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b83964 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupWriteTextLog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd1891 [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupWriteTextLogError : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd18ab [EAT:Addr] (iexplore.exe) imagehlp.dll - SetupWriteTextLogInfLine : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26cac [EAT:Addr] (iexplore.exe) imagehlp.dll - UnicodeToMultiByte : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69babee8 [EAT:Addr] (iexplore.exe) imagehlp.dll - VerifyCatalogFile : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b96284 [EAT:Addr] (iexplore.exe) imagehlp.dll - pGetDriverPackageHash : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b93fe4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupAccessRunOnceNodeList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b93604 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupAddMiniIconToList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b32bac [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupAddTagToGroupOrderListEntry : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b50a50 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupAppendPath : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1dba4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupCaptureAndConvertAnsiArg : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc8ad0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupCenterWindowRelativeToParent : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b88f3c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupCloseTextLogSection : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd18ca [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupConcatenatePaths : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b163f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupCreateTextLogSectionA : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd18eb [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupCreateTextLogSectionW : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bd190e [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDestroyRunOnceNodeList : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b93544 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDiBuildInfoDataFromStrongName : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b31220 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDiCrimsonLogDeviceInstall : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9c968 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDiGetStrongNameForDriverNode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6205c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDiInvalidateHelperModules : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc3a70 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDoLastKnownGoodBackup : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b870c0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDoesUserHavePrivilege : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69baacf0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupDuplicateString : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69babf8c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupEnablePrivilege : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69baaea4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupFree : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69baccd0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetCurrentDriverSigningPolicy : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b738 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetDriverDate : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1d3f0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetDriverVersion : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1c068 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetField : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1c944 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetFileTitle : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc80e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetGlobalFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b702e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetIndirectStringsFromDriverInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b0e8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetInfSections : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b85f38 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetQueueFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b684d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGetRealSystemTime : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b744 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupGuidFromString : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bacd28 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupHandleFailedVerification : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b72c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupInfGetDigitalSignatureInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b93d60 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupInfIsInbox : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b278e0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupInfSetDigitalSignatureInfo : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b93bd8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupInstallCatalog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b966e8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupIsBiDiLocalizedSystemEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b324d4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupIsGuidNull : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69baccf0 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupIsLocalSystem : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1d240 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupIsUserAdmin : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bab294 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupIsUserTrustedInstaller : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b6526c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupLoadIndirectString : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8af10 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupMakeSurePathExists : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1d910 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupMalloc : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bacc64 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupModifyGlobalFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b70260 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupMultiByteToUnicode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69babbe8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupOpenAndMapFileForRead : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bac714 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupOutOfMemory : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b88750 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupQueryMultiSzValueToArray : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b919f8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupRealloc : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bacc80 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupRegistryDelnode : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad098 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupRetrieveServiceConfig : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b50e0c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupSetArrayToMultiSzValue : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b9186c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupSetDriverPackageRestorePoint : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba84ac [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupSetGlobalFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b70250 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupSetQueueFlags : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b68570 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupShouldDeviceBeExcluded : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b30c0c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringFromGuid : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bc7000 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableAddString : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b17860 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableAddStringEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b16788 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableDestroy : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad718 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableDuplicate : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad0a8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableEnum : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad3a8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableGetExtraData : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad778 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableInitialize : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26a64 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableInitializeEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b26bec [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableLookUpString : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad664 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableLookUpStringEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b1510c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableSetExtraData : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b15030 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableStringFromId : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad31c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupStringTableStringFromIdEx : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bad144 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupUnicodeToMultiByte : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69babee8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupUninstallCatalog : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b962b8 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupUnmapAndCloseFile : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69bac7c4 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupValidateDriverPackage : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69ba8980 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupVerifyCatalogFile : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b96284 [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupVerifyQueuedCatalogs : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b72c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupWriteLogEntry : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b72c [EAT:Addr] (iexplore.exe) imagehlp.dll - pSetupWriteLogError : C:\Windows\system32\SETUPAPI.dll @ 0x7ff69b8b744 [EAT:Addr] (explorer.exe) StructuredQuery.dll - DllCanUnloadNow : C:\Windows\system32\SearchFolder.dll @ 0x7ff551a1010 [EAT:Addr] (explorer.exe) StructuredQuery.dll - DllGetClassObject : C:\Windows\system32\SearchFolder.dll @ 0x7ff551a1f20 [EAT:Addr] (explorer.exe) StructuredQuery.dll - DllRegisterServer : C:\Windows\system32\SearchFolder.dll @ 0x7ff551abb40 [EAT:Addr] (explorer.exe) StructuredQuery.dll - DllUnregisterServer : C:\Windows\system32\SearchFolder.dll @ 0x7ff551abb40 ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD50 00LPVX-60V0TT0 SATA Disk Device +++++ --- User --- [MBR] 8f44dbcfab59045136d4f2e8cef456e8 [BSP] d67c072289c56e14fdca40d9e8230d4f : Unknown MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 476940 MB 1 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 250 | Size: 406 MB User = LL1 ... OK User = LL2 ... OK

#13 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:04:40 AM

Posted 12 June 2014 - 12:14 PM

Hi Rwhie84

Did you turn off Wordwrap as per my instructions in post #7 ?
The Rogue Killer report is very hard to understand.

If you didn't turn of Wordwrap, here's the instructions again>
  • Open a Notepad document,
  • Click the Format tab,
  • UNtick Wordwrap.
Once you have done this, please run another Rogue Killer scan using the original instructions.
Hopefully the report will be easier to read then.

Thanks

BBPP6nz.png


#14 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 12 June 2014 - 03:56 PM

Oh sorry, it didn't make the report in my notepad, I clicked report after the scan and copied from there.

#15 Rwhie84

Rwhie84
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 12 June 2014 - 03:57 PM

Nothing was saved either, that's all I got from it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users