Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

massive amount of popups & redirects


  • Please log in to reply
19 replies to this topic

#1 geeknick

geeknick

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 17 September 2014 - 12:13 PM

I am getting a constant barrage of popups and redirects. It was happening with Chrome, so I've tried using IE and Firefox and it happens with them as well.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by R-C House at 12:51:29 on 2014-09-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4003.1820 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\R-C House\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\wbem\unsecapp.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\explorer.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
StartupFolder: C:\Users\R-CHOU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\R-C House\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\R-CHOU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\R-CHOU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SHRINK~1.LNK - C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/BINGAME/POPCAPLOADER_V10.CAB
TCP: NameServer = 24.178.162.3 24.159.64.23 66.189.0.100
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E} : DHCPNameServer = 24.178.162.3 24.159.64.23 66.189.0.100
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\2375942554539353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\2456C6B696E6E233442334 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\24573796E6563737023456E6475627 : DHCPNameServer = 10.71.0.1
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\26F616274627F6F6D60224 : DHCPNameServer = 10.71.0.1
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\35344535F57457563747F575966696 : DHCPNameServer = 8.8.8.8 4.2.2.2
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\D416272796F6474702C4F6262697 : DHCPNameServer = 10.71.0.1
TCP: Interfaces\{D164ED08-73A7-434F-9E85-CD59DCC99E6E}\F616B677F6F64647962756 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\R-C House\AppData\Roaming\Mozilla\Firefox\Profiles\598dct7j.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\R-C House\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\R-C House\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-7-13 55856]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-13 89600]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-13 13336]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [2014-8-27 706864]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-1-20 125584]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-7-13 1692480]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-13 2655768]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2010-11-4 58128]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2011-7-13 176096]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-13 317440]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-3-24 25496]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-9-9 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-3-24 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-7-13 250984]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-2-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-09-17 14:59:01    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{46AFDFB0-68F9-4C88-B368-1350E76D2F81}\gapaengine.dll
2014-09-17 14:58:42    11578928    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE799933-431D-4597-8FC4-2D87E6D7B016}\mpengine.dll
2014-09-16 21:49:17    --------    d-----w-    C:\windows\ERUNT
2014-09-16 21:00:53    536576    ----a-w-    C:\windows\SysWow64\sqlite3.dll
2014-09-16 21:00:02    --------    d-----w-    C:\AdwCleaner
2014-09-16 20:57:04    --------    d-----w-    C:\Users\R-C House\AppData\Local\Macromedia
2014-09-16 11:11:53    11578928    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-10 02:25:06    --------    d-----w-    C:\Users\R-C House\AppData\Roaming\LavasoftStatistics
2014-09-10 02:17:25    --------    d-----w-    C:\Program Files\Lavasoft
2014-09-10 02:15:24    --------    d-----w-    C:\Users\R-C House\AppData\Local\adawarebp
2014-09-10 02:15:23    --------    d-----w-    C:\ProgramData\Ad-Aware Browsing Protection
2014-09-10 02:14:55    --------    d-----w-    C:\Program Files (x86)\Lavasoft
2014-09-10 02:08:10    --------    d-----w-    C:\Program Files\Common Files\Lavasoft
2014-09-10 01:28:47    4    ----a-w-    C:\Users\R-C House\AppData\Roaming\appdataFr2.bin
2014-09-10 00:37:31    2777088    ----a-w-    C:\windows\System32\msmpeg2vdec.dll
2014-09-10 00:37:31    2285056    ----a-w-    C:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 00:34:45    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2014-09-10 00:34:45    728064    ----a-w-    C:\windows\System32\kerberos.dll
2014-09-10 00:34:45    550912    ----a-w-    C:\windows\SysWow64\kerberos.dll
2014-09-10 00:34:45    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2014-09-10 00:34:45    1460736    ----a-w-    C:\windows\System32\lsasrv.dll
2014-09-10 00:34:38    793600    ----a-w-    C:\windows\SysWow64\TSWorkspace.dll
2014-09-10 00:34:38    1031168    ----a-w-    C:\windows\System32\TSWorkspace.dll
2014-09-10 00:34:24    578048    ----a-w-    C:\windows\System32\aepdu.dll
2014-09-10 00:34:23    424448    ----a-w-    C:\windows\System32\aeinv.dll
2014-09-10 00:34:22    2565120    ----a-w-    C:\windows\System32\d3d10warp.dll
2014-09-10 00:34:22    1987584    ----a-w-    C:\windows\SysWow64\d3d10warp.dll
2014-09-03 04:06:20    1169712    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E462186E-CB87-46FD-A767-B94B2465F7DA}\gapaengine.dll
2014-09-03 04:00:00    --------    d-----w-    C:\ProgramData\LuckkySuhOpper
2014-09-03 03:43:51    --------    d-----w-    C:\ProgramData\Avg_Update_0814tb
2014-08-28 12:14:08    404480    ----a-w-    C:\windows\System32\gdi32.dll
2014-08-28 12:14:08    3163648    ----a-w-    C:\windows\System32\win32k.sys
2014-08-28 12:14:06    311808    ----a-w-    C:\windows\SysWow64\gdi32.dll
2014-08-23 14:38:41    99480    ----a-w-    C:\windows\SysWow64\infocardapi.dll
2014-08-23 14:38:41    619672    ----a-w-    C:\windows\SysWow64\icardagt.exe
2014-08-23 14:38:41    171160    ----a-w-    C:\windows\System32\infocardapi.dll
2014-08-23 14:38:41    1389208    ----a-w-    C:\windows\System32\icardagt.exe
2014-08-23 14:38:39    8856    ----a-w-    C:\windows\SysWow64\icardres.dll
2014-08-23 14:38:39    8856    ----a-w-    C:\windows\System32\icardres.dll
2014-08-23 14:38:18    35480    ----a-w-    C:\windows\SysWow64\TsWpfWrp.exe
2014-08-23 14:38:18    35480    ----a-w-    C:\windows\System32\TsWpfWrp.exe
2014-08-23 03:22:19    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2014-08-23 03:22:19    2048    ----a-w-    C:\windows\System32\tzres.dll
2014-08-23 03:21:52    3241984    ----a-w-    C:\windows\System32\msi.dll
2014-08-23 03:21:51    2363392    ----a-w-    C:\windows\SysWow64\msi.dll
2014-08-23 03:21:51    1941504    ----a-w-    C:\windows\System32\authui.dll
2014-08-23 03:21:51    1805824    ----a-w-    C:\windows\SysWow64\authui.dll
2014-08-23 03:21:51    112064    ----a-w-    C:\windows\System32\consent.exe
2014-08-23 03:21:50    504320    ----a-w-    C:\windows\System32\msihnd.dll
2014-08-23 03:21:50    337408    ----a-w-    C:\windows\SysWow64\msihnd.dll
2014-08-23 03:21:29    985536    ----a-w-    C:\windows\System32\drivers\dxgkrnl.sys
2014-08-23 03:15:55    1216000    ----a-w-    C:\windows\System32\rpcrt4.dll
2014-08-23 03:15:54    664064    ----a-w-    C:\windows\SysWow64\rpcrt4.dll
2014-08-23 03:05:02    2620928    ----a-w-    C:\windows\System32\wucltux.dll
2014-08-23 03:04:29    97792    ----a-w-    C:\windows\System32\wudriver.dll
2014-08-23 03:04:29    92672    ----a-w-    C:\windows\SysWow64\wudriver.dll
2014-08-23 03:04:03    36864    ----a-w-    C:\windows\System32\wuapp.exe
2014-08-23 03:04:03    33792    ----a-w-    C:\windows\SysWow64\wuapp.exe
2014-08-23 03:04:03    198600    ----a-w-    C:\windows\System32\wuwebv.dll
2014-08-23 03:04:03    179656    ----a-w-    C:\windows\SysWow64\wuwebv.dll
.
==================== Find3M  ====================
.
2014-09-17 04:19:49    122584    ----a-w-    C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-09-09 23:50:58    71344    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-09 23:50:58    701104    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-08-18 22:29:49    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2014-08-18 22:29:35    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53    5833728    ----a-w-    C:\windows\System32\jscript9.dll
2014-08-18 22:15:34    547328    ----a-w-    C:\windows\System32\vbscript.dll
2014-08-18 22:15:09    66048    ----a-w-    C:\windows\System32\iesetup.dll
2014-08-18 22:14:38    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10    83968    ----a-w-    C:\windows\System32\MshtmlDac.dll
2014-08-18 22:08:55    4232704    ----a-w-    C:\windows\SysWow64\jscript9.dll
2014-08-18 22:03:47    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2014-08-18 22:03:37    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2014-08-18 22:03:01    758272    ----a-w-    C:\windows\System32\jscript9diag.dll
2014-08-18 21:57:44    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17    940032    ----a-w-    C:\windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26    454656    ----a-w-    C:\windows\SysWow64\vbscript.dll
2014-08-18 21:45:23    61952    ----a-w-    C:\windows\SysWow64\iesetup.dll
2014-08-18 21:45:12    72704    ----a-w-    C:\windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44    51200    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09    61952    ----a-w-    C:\windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07    112128    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24    597504    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17    2104832    ----a-w-    C:\windows\System32\inetcpl.cpl
2014-08-18 21:23:16    1249280    ----a-w-    C:\windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48    60416    ----a-w-    C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13    2310656    ----a-w-    C:\windows\System32\wininet.dll
2014-08-18 21:08:54    2014208    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44    1068032    ----a-w-    C:\windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48    1812992    ----a-w-    C:\windows\SysWow64\wininet.dll
2014-07-25 06:35:46    875688    ----a-w-    C:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06    869544    ----a-w-    C:\windows\System32\msvcr120_clr0400.dll
2014-07-17 22:05:06    269008    ----a-w-    C:\windows\System32\drivers\MpFilter.sys
2014-07-17 22:05:06    125584    ----a-w-    C:\windows\System32\drivers\NisDrvWFP.sys
2014-07-10 18:09:30    389240    ----a-w-    C:\windows\System32\drivers\Trufos.sys
.
============= FINISH: 12:51:56.86 ===============
 

 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 20 September 2014 - 07:41 AM

Hi,

Your post is a few days old. If you still need help simply reply back and we can start.


How Can I Reduce My Risk to Malware?


#3 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 20 September 2014 - 10:37 PM

Yes, I still need help. Thanks!



#4 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 21 September 2014 - 09:06 AM

ok We will do two things. You can download and run Malwarebytes and see if it digs up anything. Next we will use FRST:

 

Malwarebytes (MBAM)-

 

Please download the free version of Malwarebytes to your desktop. These direction are slightly old as the MBAM GUI has changed.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click  *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

 

FRST-

Please download Farbar Recovery Scan Tool and save it to your Desktop.

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
    When the tool opens
    click Yes to disclaimer.
    Press the Scan button.
    When finished, it will produce a log called FRST.txt in the same directory the tool was run from, your desktop.
    Please copy and paste the log in your next reply.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.


How Can I Reduce My Risk to Malware?


#5 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 21 September 2014 - 11:29 PM

Thank you very much for your assistance! I'm away from my computer right now, but I'll run those tools and post the logs on Tuesday.



#6 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 22 September 2014 - 07:02 PM

OK.


How Can I Reduce My Risk to Malware?


#7 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 23 September 2014 - 03:15 PM

MBAM did not detect anything. Here are logs you requested:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/23/2014
Scan Time: 3:15:11 PM
Logfile: mbam-log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.23.09
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: R-C House

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 412368
Time Elapsed: 27 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2014
Ran by R-C House (administrator) on R-CHOUSE-PC on 23-09-2014 15:57:33
Running from C:\Users\R-C House\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [3926528 2010-08-23] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1957930714-2037662960-4176245808-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6154008 2013-05-24] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\R-C House\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\R-C House\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\R-C House\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk
ShortcutTarget: Shrink Pic.lnk -> C:\Program Files (x86)\Shrink Pic\shrink_pic.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
SearchScopes: HKCU - {9843D11C-64B3-4DC5-BF8C-A0160210049A} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/BINGAME/POPCAPLOADER_V10.CAB
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 24.178.162.3 24.159.64.23 66.189.0.100

FireFox:
========
FF ProfilePath: C:\Users\R-C House\AppData\Roaming\Mozilla\Firefox\Profiles\598dct7j.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\R-C House\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @microsoft.com/Office on Demand;version=1 -> C:\Users\R-C House\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> securesearch
CHR DefaultSearchProvider: Default -> SecureSearch
CHR DefaultSearchURL: Default -> http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-09&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\R-C House\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 urvpndrv; system32\DRIVERS\covpnv64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 15:57 - 2014-09-23 15:58 - 00017252 _____ () C:\Users\R-C House\Desktop\FRST.txt
2014-09-23 15:57 - 2014-09-23 15:57 - 00000000 ____D () C:\FRST
2014-09-23 15:54 - 2014-09-23 15:54 - 02106368 _____ (Farbar) C:\Users\R-C House\Desktop\FRST64.exe
2014-09-23 15:06 - 2014-09-23 15:06 - 03675824 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-19 20:22 - 2014-09-19 20:26 - 00002040 _____ () C:\Users\R-C House\Desktop\Rkill.txt
2014-09-18 14:01 - 2014-09-18 14:01 - 00000000 _____ () C:\windows\setuperr.log
2014-09-18 14:01 - 2014-09-18 14:01 - 00000000 _____ () C:\windows\setupact.log
2014-09-16 23:16 - 2014-09-16 23:16 - 01373475 _____ () C:\Users\R-C House\Downloads\AdwCleaner(1).exe
2014-09-16 23:12 - 2014-09-16 23:12 - 01373475 _____ () C:\Users\R-C House\Downloads\AdwCleaner.exe
2014-09-16 23:07 - 2014-09-16 23:07 - 00001510 _____ () C:\Users\R-C House\Desktop\iExplore - Shortcut.lnk
2014-09-16 23:06 - 2014-09-16 23:06 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\R-C House\Downloads\iExplore.exe
2014-09-16 17:49 - 2014-09-16 17:49 - 00000000 ____D () C:\windows\ERUNT
2014-09-16 17:00 - 2014-09-16 17:29 - 00000000 ____D () C:\AdwCleaner
2014-09-16 17:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-09-16 16:57 - 2014-09-16 16:57 - 00000000 ____D () C:\Users\R-C House\AppData\Local\Macromedia
2014-09-16 14:14 - 2014-09-16 15:54 - 00000000 ____D () C:\Users\R-C House\AppData\Local\Mozilla
2014-09-16 14:14 - 2014-09-16 14:14 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-16 14:14 - 2014-09-16 14:14 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-16 14:11 - 2014-09-16 14:11 - 00244056 _____ () C:\Users\R-C House\Downloads\Firefox Setup Stub 32.0.1.exe
2014-09-16 12:40 - 2014-09-16 12:40 - 00013876 _____ () C:\Users\R-C House\Downloads\ZFM_CTA and RESSERV Validation Inspection_09-09-2014.xlsx
2014-09-16 11:34 - 2014-09-16 11:34 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\Lavasoft
2014-09-16 10:38 - 2014-09-16 10:39 - 10375024 _____ () C:\Users\R-C House\Downloads\Attachments_2014916.zip
2014-09-14 15:17 - 2014-09-14 15:17 - 00018432 ___SH () C:\Users\R-C House\Documents\Thumbs.db
2014-09-09 22:25 - 2014-09-17 18:48 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-09 22:25 - 2014-09-09 22:25 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\LavasoftStatistics
2014-09-09 22:25 - 2014-09-09 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-09 22:17 - 2014-09-09 22:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-09-09 22:15 - 2014-09-18 09:49 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-09-09 22:15 - 2014-09-09 22:15 - 00000061 _____ () C:\prefs.js
2014-09-09 22:15 - 2014-09-09 22:15 - 00000000 ____D () C:\Users\R-C House\AppData\Local\adawarebp
2014-09-09 22:14 - 2014-09-09 22:14 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-09-09 22:08 - 2014-09-09 22:08 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-09 22:03 - 2014-09-09 22:03 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-09-09 22:02 - 2014-09-09 22:03 - 02806920 _____ () C:\Users\R-C House\Downloads\Adaware_Installer.exe
2014-09-09 21:28 - 2014-09-09 21:28 - 00000004 _____ () C:\Users\R-C House\AppData\Roaming\appdataFr2.bin
2014-09-09 20:47 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-09 20:47 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-09 20:47 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-09 20:47 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-09 20:47 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-09 20:47 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-09 20:47 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-09 20:47 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-09 20:47 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-09 20:47 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-09 20:47 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-09 20:47 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-09 20:47 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-09 20:47 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-09 20:47 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-09 20:47 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-09 20:47 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-09 20:47 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-09 20:47 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-09 20:47 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-09 20:47 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-09 20:47 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-09 20:47 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-09 20:47 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-09 20:47 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-09 20:47 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-09 20:47 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-09 20:47 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-09 20:47 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-09 20:47 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-09 20:47 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-09 20:47 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-09 20:47 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-09 20:47 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-09 20:47 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-09 20:47 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-09 20:47 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-09 20:47 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-09 20:47 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-09 20:47 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-09 20:47 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-09 20:47 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 20:47 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-09 20:47 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-09 20:47 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-09 20:47 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-09 20:47 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-09 20:47 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-09 20:47 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-09 20:47 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-09 20:47 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-09 20:47 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-09 20:47 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-09 20:47 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-09 20:47 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-09 20:46 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-09 20:37 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-09 20:37 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 20:34 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-09 20:34 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-09 20:34 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-09 20:34 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-09 20:34 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-09 20:34 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-09 20:34 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-09 20:34 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-09 20:34 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 20:34 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-09 20:34 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-09 19:51 - 2014-09-23 15:45 - 00259208 _____ () C:\windows\WindowsUpdate.log
2014-09-03 00:00 - 2014-09-07 20:51 - 00000000 ____D () C:\ProgramData\LuckkySuhOpper
2014-09-02 23:44 - 2014-09-18 09:48 - 00000376 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
2014-09-02 23:44 - 2014-09-18 09:48 - 00000376 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
2014-09-02 23:44 - 2014-09-02 23:44 - 00002670 _____ () C:\windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv
2014-09-02 23:44 - 2014-09-02 23:44 - 00002668 _____ () C:\windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rel
2014-09-02 23:43 - 2014-09-02 23:43 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 08:20 - 2014-08-28 08:20 - 00417973 _____ () C:\Users\R-C House\Downloads\ZFM_URC A-D Validation Inspection_08-14-2014.xlsx
2014-08-28 08:17 - 2014-08-28 08:17 - 01381654 _____ () C:\Users\R-C House\Downloads\Attachments_2014828.zip
2014-08-28 08:14 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 08:14 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 08:14 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-25 22:54 - 2014-08-25 22:54 - 00283076 _____ () C:\Users\R-C House\Downloads\Transactions.csv
2014-08-24 15:07 - 2014-08-24 15:07 - 00000000 ____D () C:\Users\R-C House\Documents\Vacations

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 15:58 - 2014-09-23 15:57 - 00017252 _____ () C:\Users\R-C House\Desktop\FRST.txt
2014-09-23 15:57 - 2014-09-23 15:57 - 00000000 ____D () C:\FRST
2014-09-23 15:54 - 2014-09-23 15:54 - 02106368 _____ (Farbar) C:\Users\R-C House\Desktop\FRST64.exe
2014-09-23 15:50 - 2012-04-04 08:41 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 15:45 - 2014-09-09 19:51 - 00259208 _____ () C:\windows\WindowsUpdate.log
2014-09-23 15:28 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\tracing
2014-09-23 15:24 - 2012-07-03 16:43 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-23 15:14 - 2013-05-25 15:09 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2014-09-23 15:08 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 15:07 - 2014-07-06 17:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 15:06 - 2014-09-23 15:06 - 03675824 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-23 15:06 - 2012-04-04 08:41 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 15:06 - 2012-04-04 08:41 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 15:06 - 2012-02-27 00:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 15:05 - 2012-07-03 16:43 - 00000900 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 02:42 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-09-19 20:38 - 2012-08-24 16:32 - 00000000 ___RD () C:\Users\R-C House\Dropbox
2014-09-19 20:26 - 2014-09-19 20:22 - 00002040 _____ () C:\Users\R-C House\Desktop\Rkill.txt
2014-09-19 20:14 - 2009-07-14 00:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 20:14 - 2009-07-14 00:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 14:01 - 2014-09-18 14:01 - 00000000 _____ () C:\windows\setuperr.log
2014-09-18 14:01 - 2014-09-18 14:01 - 00000000 _____ () C:\windows\setupact.log
2014-09-18 09:50 - 2012-08-24 16:11 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\Dropbox
2014-09-18 09:49 - 2014-09-09 22:15 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-09-18 09:49 - 2011-07-13 15:10 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-09-18 09:49 - 2011-07-13 15:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-09-18 09:49 - 2011-07-13 14:58 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-09-18 09:48 - 2014-09-02 23:44 - 00000376 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
2014-09-18 09:48 - 2014-09-02 23:44 - 00000376 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
2014-09-17 18:48 - 2014-09-09 22:25 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-17 18:47 - 2013-09-10 11:29 - 00131072 _____ () C:\windows\system32\Ikeext.etl
2014-09-17 18:47 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-16 23:16 - 2014-09-16 23:16 - 01373475 _____ () C:\Users\R-C House\Downloads\AdwCleaner(1).exe
2014-09-16 23:12 - 2014-09-16 23:12 - 01373475 _____ () C:\Users\R-C House\Downloads\AdwCleaner.exe
2014-09-16 23:07 - 2014-09-16 23:07 - 00001510 _____ () C:\Users\R-C House\Desktop\iExplore - Shortcut.lnk
2014-09-16 23:06 - 2014-09-16 23:06 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\R-C House\Downloads\iExplore.exe
2014-09-16 17:49 - 2014-09-16 17:49 - 00000000 ____D () C:\windows\ERUNT
2014-09-16 17:29 - 2014-09-16 17:00 - 00000000 ____D () C:\AdwCleaner
2014-09-16 16:57 - 2014-09-16 16:57 - 00000000 ____D () C:\Users\R-C House\AppData\Local\Macromedia
2014-09-16 15:54 - 2014-09-16 14:14 - 00000000 ____D () C:\Users\R-C House\AppData\Local\Mozilla
2014-09-16 15:54 - 2012-02-18 23:53 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\Mozilla
2014-09-16 14:14 - 2014-09-16 14:14 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-16 14:14 - 2014-09-16 14:14 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-16 14:14 - 2014-09-16 14:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-16 14:11 - 2014-09-16 14:11 - 00244056 _____ () C:\Users\R-C House\Downloads\Firefox Setup Stub 32.0.1.exe
2014-09-16 12:40 - 2014-09-16 12:40 - 00013876 _____ () C:\Users\R-C House\Downloads\ZFM_CTA and RESSERV Validation Inspection_09-09-2014.xlsx
2014-09-16 12:02 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat
2014-09-16 11:34 - 2014-09-16 11:34 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\Lavasoft
2014-09-16 10:39 - 2014-09-16 10:38 - 10375024 _____ () C:\Users\R-C House\Downloads\Attachments_2014916.zip
2014-09-14 15:17 - 2014-09-14 15:17 - 00018432 ___SH () C:\Users\R-C House\Documents\Thumbs.db
2014-09-14 15:17 - 2012-06-20 10:31 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\shrink_pic
2014-09-09 23:30 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-09-09 22:25 - 2014-09-09 22:25 - 00000000 ____D () C:\Users\R-C House\AppData\Roaming\LavasoftStatistics
2014-09-09 22:25 - 2014-09-09 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-09 22:17 - 2014-09-09 22:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-09-09 22:15 - 2014-09-09 22:15 - 00000061 _____ () C:\prefs.js
2014-09-09 22:15 - 2014-09-09 22:15 - 00000000 ____D () C:\Users\R-C House\AppData\Local\adawarebp
2014-09-09 22:14 - 2014-09-09 22:14 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-09-09 22:08 - 2014-09-09 22:08 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-09 22:03 - 2014-09-09 22:03 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-09-09 22:03 - 2014-09-09 22:02 - 02806920 _____ () C:\Users\R-C House\Downloads\Adaware_Installer.exe
2014-09-09 21:28 - 2014-09-09 21:28 - 00000004 _____ () C:\Users\R-C House\AppData\Roaming\appdataFr2.bin
2014-09-09 20:46 - 2012-02-19 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 20:45 - 2011-07-13 14:32 - 00775084 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-09 20:44 - 2013-07-31 02:02 - 00000000 ____D () C:\windows\system32\MRT
2014-09-09 20:44 - 2013-03-09 16:54 - 00002010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-09 20:44 - 2013-03-09 16:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-09 20:44 - 2013-03-09 16:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-09 20:44 - 2013-03-09 16:34 - 00001945 _____ () C:\windows\epplauncher.mif
2014-09-09 20:38 - 2012-03-03 15:14 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-09 20:37 - 2014-05-24 19:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-09 19:38 - 2014-02-11 14:53 - 00000000 ____D () C:\Users\R-C House\AppData\Local\Citrix
2014-09-09 19:32 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Help
2014-09-07 20:53 - 2013-10-04 21:12 - 00000000 ____D () C:\windows\TempCDCD6262-0F78-FCFE-3B3F-8E4C4E8621D7-Signatures
2014-09-07 20:51 - 2014-09-03 00:00 - 00000000 ____D () C:\ProgramData\LuckkySuhOpper
2014-09-04 22:10 - 2014-09-09 20:34 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-04 22:05 - 2014-09-09 20:34 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-03 22:21 - 2012-05-11 15:00 - 00000000 ____D () C:\ProgramData\F5 Networks
2014-09-03 03:18 - 2009-07-14 00:45 - 00463104 _____ () C:\windows\system32\FNTCACHE.DAT
2014-09-02 23:44 - 2014-09-02 23:44 - 00002670 _____ () C:\windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv
2014-09-02 23:44 - 2014-09-02 23:44 - 00002668 _____ () C:\windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rel
2014-09-02 23:44 - 2011-07-13 14:47 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-02 23:43 - 2014-09-02 23:43 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-28 08:20 - 2014-08-28 08:20 - 00417973 _____ () C:\Users\R-C House\Downloads\ZFM_URC A-D Validation Inspection_08-14-2014.xlsx
2014-08-28 08:17 - 2014-08-28 08:17 - 01381654 _____ () C:\Users\R-C House\Downloads\Attachments_2014828.zip
2014-08-25 22:54 - 2014-08-25 22:54 - 00283076 _____ () C:\Users\R-C House\Downloads\Transactions.csv
2014-08-25 22:44 - 2013-11-05 21:58 - 00000000 ____D () C:\windows\SysWOW64\cache
2014-08-24 15:18 - 2012-06-19 22:27 - 00000000 ____D () C:\Users\R-C House\Files from removable jump drive 061912
2014-08-24 15:07 - 2014-08-24 15:07 - 00000000 ____D () C:\Users\R-C House\Documents\Vacations

Files to move or delete:
====================
C:\Users\R-C House\install_reader10_en_gtba_aih.exe
C:\Users\R-C House\shrink_pic18.exe


Some content of TEMP:
====================
C:\Users\R-C House\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzngpuz.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 07:30

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2014
Ran by R-C House at 2014-09-23 15:58:38
Running from C:\Users\R-C House\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C309a (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{FEFD4E74-85EE-4BA6-AD02-E0F99BC3F51E}) (Version: 1.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Fax (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{71C4F928-136A-4222-A191-310E081FB96B}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
InstallConverter bundle uninstaller (HKLM-x32\...\InstallConverter bundle uninstaller) (Version: 2.0.0.5 - InstallConverter)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java™ 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office on Demand Browser Add-ons (HKCU\...\Microsoft Office on Demand Browser Add-ons) (Version: 15.0.4517.1005 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PS_AIO_05_C309_Software_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shrink Pic (remove) (HKLM-x32\...\Shrink Pic) (Version:  - )
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.1.53.g876fa9df - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TaxACT 2011 Georgia Preparer's - 1040 Edition (HKLM-x32\...\TaxACT 2011 Georgia Preparer's - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
TaxACT 2011 Preparer's - 1040 Edition (HKLM-x32\...\TaxACT 2011 Preparer's - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
TurboYourPC (HKLM-x32\...\{A1FD3B37-9600-4065-B8DA-4C02D3641BEA}) (Version: 1.0.0.6 - turboyourpc.com)
uCeritify IC3-EXAM-1 - IC3 Computing Fundamentals (HKCU\...\uCertify IC3-EXAM-1) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version:  - )
Yahoo! Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version:  - )
Yahoo! Mail Advisor (HKLM-x32\...\Yahoo! Mail Advisor) (Version:  - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{225F8CFE-1B76-48E6-8E75-62CC471AFA28}\InprocServer32 -> C:\Users\R-C House\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\RoamingOfficeActiveX.64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1957930714-2037662960-4176245808-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R-C House\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

03-09-2014 04:03:52 Windows Update
03-09-2014 07:00:29 Windows Update
07-09-2014 19:39:37 Windows Update
10-09-2014 00:35:54 Windows Update
10-09-2014 02:03:19 AA11
14-09-2014 19:03:50 Windows Update
18-09-2014 21:43:45 Windows Update
23-09-2014 19:28:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-05-11 15:02 - 2013-09-13 11:12 - 00000822 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BA08B39-ACAF-4F21-BD6E-710C147FBF88} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {0D72C857-C627-42B6-B4DD-CBD18DC06CDF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {0E77EE5B-33EC-4DF7-A326-CCF4E579A55B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {35E06052-CADF-445A-851F-0E31817FC2F5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {3A8DF813-5BC7-4D50-9F26-2DE054E79D0A} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {3EB90563-8FE0-47B5-9CFE-355A97C75CF5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {63922B8D-5FD9-42C1-9901-1BFA7C7BDC86} - System32\Tasks\{EDCFFE50-2C98-4F5B-9724-99EFC7CE9111} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.)
Task: {6DF9D43D-03B4-4A53-8419-5386A7A7D1EA} - System32\Tasks\{49913A89-A047-42F5-92D8-E3963B5259DD} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.)
Task: {8D1EF6E2-2C7E-4FD1-A152-6A5BC5B8343E} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: {8D4C38FD-171A-4A74-800C-B2B3998C2F3D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {92B79D02-D566-4E78-B2A6-4D3AA28EBFB1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {94543FC9-0944-4658-A8A5-7A4ECFC902B9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C7DD4190-7779-4EBB-AC93-8BCB3BE3B567} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {C89355D2-B2E3-4509-9ECA-EEFDC7D65FEC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {D7749F47-1F83-45FC-A9C8-0C1E884C5CDB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {DFAF326F-A803-4989-8E48-E9EE43498E8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {E817FD70-1A00-44C7-8293-299964516C03} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {EA930EBD-3197-4923-B0F8-30894F747E6C} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rel => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: {F267C45F-9547-4700-BF57-4F0CE4B93FA7} - System32\Tasks\{5E4B4E0E-CAC3-478D-BDC9-0526EA8420A0} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-08-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-08-27 12:32 - 2014-08-27 12:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02745168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2011-07-13 14:58 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-07-13 16:59 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 14:53 - 2010-12-17 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-09 22:10 - 2014-09-09 22:10 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f0322cce99ffb4609aaaec5e37048cf3\IsdiInterop.ni.dll
2011-07-13 14:30 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\R-C House\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\R-C House\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: YMailAdvisor => "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 00:23:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2014 07:18:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2014 06:47:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/18/2014 03:14:36 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.210.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (09/18/2014 09:49:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (09/18/2014 09:49:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (09/16/2014 06:07:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/19/2014 00:23:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (09/17/2014 07:18:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (09/17/2014 06:47:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-01-29 22:34:14.522
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-29 22:34:14.475
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 4003.18 MB
Available physical RAM: 1783.35 MB
Total Pagefile: 8004.53 MB
Available Pagefile: 5954.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:498.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7E4453C4)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#8 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 24 September 2014 - 05:28 PM

ok, more downloads to start with, 3 to be exact:

 

1)    Please download Adwcleaner.exe to your desktop.
    Double click on AdwCleaner.exe, Accept the disclaimer.
    Click on the Scan button
    Once its done click on the Clean button.

    Machine may prompt you for a reboot to finish.

    Upon restart a log will be displayed.
    Copy and paste the contents of the log file in your reply

 

Looks like you Antivirus is outdated. Please update it and run a full scan also with that.
   

 

2) Please download Junkware Removal Tool to your desktop.

http://thisisudax.org/downloads/JRT.exe

    Double click the icon or Right click for Vista/W7,8 and select Run as administrator
    The tool will open and start scanning.
    Please be patient as this can take a while to complete.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message

3)  Download

TDSSkiller.exe to your desktop

http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Click the icon, accept the disclaimer  then click on Change Parameters. Check the option: Detect TDLFS file system, then click ok and Start Scan

 

If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". (TDSSKiller.3.0.0.40_24.09.2014_17.18.25_log.txt)

Please copy and paste the contents of the log in your reply.


Looks like you AV, Ad-Aware is outdated. Outdated AV will soon be worthless.


 


How Can I Reduce My Risk to Malware?


#9 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 24 September 2014 - 07:22 PM

9/25 edit: Just want to note that I've been using Firefox for any browsing needs and it's behaving. The problems on this computer were initially seen in Chrome and it still seems to be hosed up. This morning when I tried browsing to a site with Chrome, it showed WildWestCoupon popup ads and a new tab started to open up for some other ad site.

============================================================

 

I'm using Microsoft Security Essentials for AV. Ad-Aware was downloaded and installed in an effort to deal with the popup invasion, but not using the real-time protection part of it.

 

 

Here's the logs you requested:

# AdwCleaner v3.310 - Report created 24/09/2014 at 19:27:43
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : R-C House - R-CHOUSE-PC
# Running from : C:\Users\R-C House\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.1 (x86 en-US)

[ File : C:\Users\R-C House\AppData\Roaming\Mozilla\Firefox\Profiles\598dct7j.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\R-C House\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11311 octets] - [16/09/2014 17:00:15]
AdwCleaner[R1].txt - [1409 octets] - [16/09/2014 17:27:25]
AdwCleaner[R2].txt - [1258 octets] - [24/09/2014 19:25:22]
AdwCleaner[S0].txt - [10870 octets] - [16/09/2014 17:01:23]
AdwCleaner[S1].txt - [1476 octets] - [16/09/2014 17:29:19]
AdwCleaner[S2].txt - [1182 octets] - [24/09/2014 19:27:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1242 octets] ##########





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows 7 Home Premium x64
Ran by R-C House on Wed 09/24/2014 at 19:50:44.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\R-C House\appdata\local\adawarebp"



~~~ FireFox

Emptied folder: C:\Users\R-C House\AppData\Roaming\mozilla\firefox\profiles\598dct7j.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/24/2014 at 19:53:48.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



19:58:21.0660 0x0458  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:58:33.0914 0x0458  ============================================================
19:58:33.0914 0x0458  Current date / time: 2014/09/24 19:58:33.0914
19:58:33.0914 0x0458  SystemInfo:
19:58:33.0914 0x0458  
19:58:33.0914 0x0458  OS Version: 6.1.7601 ServicePack: 1.0
19:58:33.0914 0x0458  Product type: Workstation
19:58:33.0914 0x0458  ComputerName: R-CHOUSE-PC
19:58:33.0924 0x0458  UserName: R-C House
19:58:33.0924 0x0458  Windows directory: C:\windows
19:58:33.0924 0x0458  System windows directory: C:\windows
19:58:33.0924 0x0458  Running under WOW64
19:58:33.0924 0x0458  Processor architecture: Intel x64
19:58:33.0924 0x0458  Number of processors: 4
19:58:33.0924 0x0458  Page size: 0x1000
19:58:33.0924 0x0458  Boot type: Normal boot
19:58:33.0924 0x0458  ============================================================
19:58:34.0084 0x0458  KLMD registered as C:\windows\system32\drivers\79794439.sys
19:58:34.0624 0x0458  System UUID: {DED34FC8-6BF3-1E91-8583-D063B8A0DB20}
19:58:35.0356 0x0458  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:58:36.0127 0x0458  ============================================================
19:58:36.0127 0x0458  \Device\Harddisk0\DR0:
19:58:36.0137 0x0458  MBR partitions:
19:58:36.0137 0x0458  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
19:58:36.0137 0x0458  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
19:58:36.0137 0x0458  ============================================================
19:58:36.0167 0x0458  C: <-> \Device\Harddisk0\DR0\Partition2
19:58:36.0167 0x0458  ============================================================
19:58:36.0167 0x0458  Initialize success
19:58:36.0167 0x0458  ============================================================
19:59:53.0610 0x159c  ============================================================
19:59:53.0610 0x159c  Scan started
19:59:53.0610 0x159c  Mode: Manual; TDLFS;
19:59:53.0610 0x159c  ============================================================
19:59:53.0610 0x159c  KSN ping started
20:00:08.0814 0x159c  KSN ping finished: true
20:00:09.0395 0x159c  ================ Scan system memory ========================
20:00:09.0395 0x159c  System memory - ok
20:00:09.0395 0x159c  ================ Scan services =============================
20:00:09.0595 0x159c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
20:00:09.0605 0x159c  1394ohci - ok
20:00:09.0645 0x159c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:00:09.0655 0x159c  ACPI - ok
20:00:09.0655 0x159c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
20:00:09.0655 0x159c  AcpiPmi - ok
20:00:09.0795 0x159c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:00:09.0795 0x159c  AdobeARMservice - ok
20:00:09.0965 0x159c  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:00:09.0965 0x159c  AdobeFlashPlayerUpdateSvc - ok
20:00:10.0015 0x159c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
20:00:10.0025 0x159c  adp94xx - ok
20:00:10.0085 0x159c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
20:00:10.0095 0x159c  adpahci - ok
20:00:10.0155 0x159c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
20:00:10.0165 0x159c  adpu320 - ok
20:00:10.0185 0x159c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:00:10.0195 0x159c  AeLookupSvc - ok
20:00:10.0275 0x159c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
20:00:10.0285 0x159c  AESTFilters - ok
20:00:10.0325 0x159c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
20:00:10.0335 0x159c  AFD - ok
20:00:10.0365 0x159c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
20:00:10.0375 0x159c  agp440 - ok
20:00:10.0395 0x159c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
20:00:10.0395 0x159c  ALG - ok
20:00:10.0445 0x159c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
20:00:10.0445 0x159c  aliide - ok
20:00:10.0475 0x159c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
20:00:10.0475 0x159c  amdide - ok
20:00:10.0495 0x159c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
20:00:10.0495 0x159c  AmdK8 - ok
20:00:10.0495 0x159c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
20:00:10.0495 0x159c  AmdPPM - ok
20:00:10.0535 0x159c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:00:10.0535 0x159c  amdsata - ok
20:00:10.0545 0x159c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:00:10.0555 0x159c  amdsbs - ok
20:00:10.0565 0x159c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:00:10.0565 0x159c  amdxata - ok
20:00:10.0625 0x159c  [ 24ED0EB2B2558970176ECEE680F8F806, 262473534CBFB6DBA5258A981025BA4AB86BB06D9031A7379F1DFE48F69D789D ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
20:00:10.0635 0x159c  ApfiltrService - ok
20:00:10.0665 0x159c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
20:00:10.0665 0x159c  AppID - ok
20:00:10.0695 0x159c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:00:10.0695 0x159c  AppIDSvc - ok
20:00:10.0725 0x159c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
20:00:10.0745 0x159c  Appinfo - ok
20:00:10.0835 0x159c  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:00:10.0835 0x159c  Apple Mobile Device - ok
20:00:10.0855 0x159c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
20:00:10.0855 0x159c  arc - ok
20:00:10.0865 0x159c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:00:10.0875 0x159c  arcsas - ok
20:00:10.0985 0x159c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:00:11.0025 0x159c  aspnet_state - ok
20:00:11.0055 0x159c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:00:11.0055 0x159c  AsyncMac - ok
20:00:11.0095 0x159c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
20:00:11.0095 0x159c  atapi - ok
20:00:11.0155 0x159c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:00:11.0185 0x159c  AudioEndpointBuilder - ok
20:00:11.0205 0x159c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
20:00:11.0215 0x159c  AudioSrv - ok
20:00:11.0255 0x159c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:00:11.0265 0x159c  AxInstSV - ok
20:00:11.0315 0x159c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:00:11.0325 0x159c  b06bdrv - ok
20:00:11.0365 0x159c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
20:00:11.0375 0x159c  b57nd60a - ok
20:00:11.0385 0x159c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
20:00:11.0395 0x159c  BDESVC - ok
20:00:11.0425 0x159c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
20:00:11.0425 0x159c  Beep - ok
20:00:11.0465 0x159c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
20:00:11.0505 0x159c  BFE - ok
20:00:11.0555 0x159c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
20:00:11.0585 0x159c  BITS - ok
20:00:11.0615 0x159c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
20:00:11.0615 0x159c  blbdrive - ok
20:00:11.0715 0x159c  [ 093B1B419EF25B15D3A1CA6953F41AFB, 52B7AD47CE65BEA723ED361E67781E237EE85D71D8233BF965F69B1C6353ADE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:00:12.0145 0x159c  Bluetooth Device Monitor - ok
20:00:12.0196 0x159c  [ 03A7341E94ACD92E0831336D4F3ACE92, B7BF8B549F2E1508E13568A735C20E799751143DE7D58728100E0EB527D39AC6 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:00:12.0646 0x159c  Bluetooth Media Service - ok
20:00:12.0716 0x159c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:00:12.0736 0x159c  Bonjour Service - ok
20:00:12.0766 0x159c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:00:12.0766 0x159c  bowser - ok
20:00:12.0786 0x159c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
20:00:12.0796 0x159c  BrFiltLo - ok
20:00:12.0806 0x159c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
20:00:12.0806 0x159c  BrFiltUp - ok
20:00:12.0836 0x159c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
20:00:12.0836 0x159c  Browser - ok
20:00:12.0866 0x159c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
20:00:12.0876 0x159c  Brserid - ok
20:00:12.0896 0x159c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:00:12.0896 0x159c  BrSerWdm - ok
20:00:12.0906 0x159c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:00:12.0916 0x159c  BrUsbMdm - ok
20:00:12.0916 0x159c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:00:12.0916 0x159c  BrUsbSer - ok
20:00:12.0966 0x159c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
20:00:12.0976 0x159c  BthEnum - ok
20:00:12.0986 0x159c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
20:00:12.0986 0x159c  BTHMODEM - ok
20:00:13.0016 0x159c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
20:00:13.0016 0x159c  BthPan - ok
20:00:13.0066 0x159c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys
20:00:13.0086 0x159c  BTHPORT - ok
20:00:13.0126 0x159c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
20:00:13.0126 0x159c  bthserv - ok
20:00:13.0146 0x159c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
20:00:13.0146 0x159c  BTHUSB - ok
20:00:13.0186 0x159c  [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A, 0A965D032CF7CCB7297A919D1554433CB57BF3D555B7A002E7A1059BE8AE74A0 ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
20:00:13.0186 0x159c  btmaux - ok
20:00:13.0216 0x159c  [ 40C6FEC49D1CC4D112368A2BCD2BCBB7, E9ECEAA4F740A667C071EDEA1359491B221E5AA43A990744859CA7CC40E67F6C ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
20:00:13.0226 0x159c  btmhsf - ok
20:00:13.0246 0x159c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:00:13.0246 0x159c  cdfs - ok
20:00:13.0276 0x159c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:00:13.0286 0x159c  cdrom - ok
20:00:13.0326 0x159c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
20:00:13.0336 0x159c  CertPropSvc - ok
20:00:13.0356 0x159c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
20:00:13.0356 0x159c  circlass - ok
20:00:13.0386 0x159c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
20:00:13.0396 0x159c  CLFS - ok
20:00:13.0456 0x159c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:00:13.0466 0x159c  clr_optimization_v2.0.50727_32 - ok
20:00:13.0526 0x159c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:00:13.0526 0x159c  clr_optimization_v2.0.50727_64 - ok
20:00:13.0596 0x159c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:00:13.0696 0x159c  clr_optimization_v4.0.30319_32 - ok
20:00:13.0706 0x159c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:00:13.0766 0x159c  clr_optimization_v4.0.30319_64 - ok
20:00:13.0806 0x159c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
20:00:13.0806 0x159c  CmBatt - ok
20:00:13.0836 0x159c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
20:00:13.0846 0x159c  cmdide - ok
20:00:13.0886 0x159c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
20:00:13.0896 0x159c  CNG - ok
20:00:13.0946 0x159c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
20:00:13.0946 0x159c  Compbatt - ok
20:00:13.0976 0x159c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
20:00:13.0976 0x159c  CompositeBus - ok
20:00:14.0006 0x159c  COMSysApp - ok
20:00:14.0026 0x159c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
20:00:14.0026 0x159c  crcdisk - ok
20:00:14.0076 0x159c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:00:14.0076 0x159c  CryptSvc - ok
20:00:14.0136 0x159c  [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
20:00:14.0136 0x159c  CtClsFlt - ok
20:00:14.0186 0x159c  [ BA25D4B9B067248F7CAC416E855D706B, EB00FEC005863284D25AC708CEF65D945A1599801A3FDE4B992C1AD4593E2036 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
20:00:14.0186 0x159c  dc3d - ok
20:00:14.0226 0x159c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:00:14.0236 0x159c  DcomLaunch - ok
20:00:14.0286 0x159c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
20:00:14.0296 0x159c  defragsvc - ok
20:00:14.0306 0x159c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:00:14.0306 0x159c  DfsC - ok
20:00:14.0356 0x159c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:00:14.0366 0x159c  Dhcp - ok
20:00:14.0396 0x159c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
20:00:14.0396 0x159c  discache - ok
20:00:14.0436 0x159c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
20:00:14.0436 0x159c  Disk - ok
20:00:14.0496 0x159c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:00:14.0496 0x159c  Dnscache - ok
20:00:14.0516 0x159c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
20:00:14.0526 0x159c  dot3svc - ok
20:00:14.0566 0x159c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
20:00:14.0566 0x159c  Dot4 - ok
20:00:14.0606 0x159c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
20:00:14.0606 0x159c  Dot4Print - ok
20:00:14.0646 0x159c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
20:00:14.0646 0x159c  dot4usb - ok
20:00:14.0676 0x159c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
20:00:14.0676 0x159c  DPS - ok
20:00:14.0706 0x159c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:00:14.0716 0x159c  drmkaud - ok
20:00:14.0756 0x159c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:00:14.0796 0x159c  DXGKrnl - ok
20:00:14.0836 0x159c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
20:00:14.0836 0x159c  EapHost - ok
20:00:14.0966 0x159c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:00:15.0076 0x159c  ebdrv - ok
20:00:15.0116 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
20:00:15.0116 0x159c  EFS - ok
20:00:15.0186 0x159c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
20:00:15.0216 0x159c  ehRecvr - ok
20:00:15.0236 0x159c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
20:00:15.0236 0x159c  ehSched - ok
20:00:15.0266 0x159c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
20:00:15.0286 0x159c  elxstor - ok
20:00:15.0306 0x159c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
20:00:15.0306 0x159c  ErrDev - ok
20:00:15.0386 0x159c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
20:00:15.0396 0x159c  EventSystem - ok
20:00:15.0536 0x159c  [ 8B6C9924B0D333DBF76086B8258A0891, 61A629A0BF00040F8E2B0588657FFA8C78C137B1B0F6CB92CFCC9B9E29630E0C ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:00:15.0606 0x159c  EvtEng - ok
20:00:15.0626 0x159c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
20:00:15.0626 0x159c  exfat - ok
20:00:15.0666 0x159c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:00:15.0666 0x159c  fastfat - ok
20:00:15.0726 0x159c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
20:00:15.0756 0x159c  Fax - ok
20:00:15.0796 0x159c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
20:00:15.0796 0x159c  fdc - ok
20:00:15.0826 0x159c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
20:00:15.0826 0x159c  fdPHost - ok
20:00:15.0836 0x159c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
20:00:15.0836 0x159c  FDResPub - ok
20:00:15.0866 0x159c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:00:15.0866 0x159c  FileInfo - ok
20:00:15.0876 0x159c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:00:15.0876 0x159c  Filetrace - ok
20:00:15.0886 0x159c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
20:00:15.0886 0x159c  flpydisk - ok
20:00:15.0926 0x159c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:00:15.0926 0x159c  FltMgr - ok
20:00:15.0996 0x159c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
20:00:16.0036 0x159c  FontCache - ok
20:00:16.0086 0x159c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:00:16.0086 0x159c  FontCache3.0.0.0 - ok
20:00:16.0096 0x159c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:00:16.0106 0x159c  FsDepends - ok
20:00:16.0126 0x159c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:00:16.0136 0x159c  Fs_Rec - ok
20:00:16.0186 0x159c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:00:16.0186 0x159c  fvevol - ok
20:00:16.0206 0x159c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:00:16.0216 0x159c  gagp30kx - ok
20:00:16.0246 0x159c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:00:16.0246 0x159c  GEARAspiWDM - ok
20:00:16.0286 0x159c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
20:00:16.0326 0x159c  gpsvc - ok
20:00:16.0426 0x159c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:16.0426 0x159c  gupdate - ok
20:00:16.0436 0x159c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:16.0436 0x159c  gupdatem - ok
20:00:16.0506 0x159c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:00:16.0516 0x159c  gusvc - ok
20:00:16.0526 0x159c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:00:16.0536 0x159c  hcw85cir - ok
20:00:16.0566 0x159c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:00:16.0576 0x159c  HdAudAddService - ok
20:00:16.0596 0x159c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
20:00:16.0606 0x159c  HDAudBus - ok
20:00:16.0606 0x159c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
20:00:16.0606 0x159c  HidBatt - ok
20:00:16.0626 0x159c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
20:00:16.0626 0x159c  HidBth - ok
20:00:16.0646 0x159c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
20:00:16.0656 0x159c  HidIr - ok
20:00:16.0676 0x159c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
20:00:16.0676 0x159c  hidserv - ok
20:00:16.0726 0x159c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
20:00:16.0726 0x159c  HidUsb - ok
20:00:16.0766 0x159c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:00:16.0776 0x159c  hkmsvc - ok
20:00:16.0786 0x159c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:00:16.0796 0x159c  HomeGroupListener - ok
20:00:16.0826 0x159c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:00:16.0826 0x159c  HomeGroupProvider - ok
20:00:16.0926 0x159c  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:00:16.0936 0x159c  hpqcxs08 - ok
20:00:16.0946 0x159c  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:00:16.0986 0x159c  hpqddsvc - ok
20:00:17.0026 0x159c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:00:17.0026 0x159c  HpSAMD - ok
20:00:17.0096 0x159c  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:00:17.0126 0x159c  HPSLPSVC - ok
20:00:17.0166 0x159c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:00:17.0206 0x159c  HTTP - ok
20:00:17.0226 0x159c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:00:17.0226 0x159c  hwpolicy - ok
20:00:17.0246 0x159c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:00:17.0246 0x159c  i8042prt - ok
20:00:17.0296 0x159c  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
20:00:17.0306 0x159c  iaStor - ok
20:00:17.0346 0x159c  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:00:17.0346 0x159c  IAStorDataMgrSvc - ok
20:00:17.0396 0x159c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:00:17.0406 0x159c  iaStorV - ok
20:00:17.0456 0x159c  [ FC47F5CF561BF0FD897EFD1A9604DCCF, C304737F78A772051993A68BB06F860733A8650013A46946A854E47C892C252E ] iBtFltCoex      C:\windows\system32\DRIVERS\iBtFltCoex.sys
20:00:17.0456 0x159c  iBtFltCoex - ok
20:00:17.0526 0x159c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:00:17.0556 0x159c  idsvc - ok
20:00:17.0596 0x159c  IEEtwCollectorService - ok
20:00:18.0006 0x159c  [ 174BCAC474DE13B2650E444CF124828E, 42410700408873D890AA0EA1A885086B0DF6D1196957E3CD8A8323C46139E2C6 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:00:18.0386 0x159c  igfx - ok
20:00:18.0446 0x159c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
20:00:18.0446 0x159c  iirsp - ok
20:00:18.0506 0x159c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
20:00:18.0536 0x159c  IKEEXT - ok
20:00:18.0586 0x159c  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
20:00:18.0596 0x159c  intaud_WaveExtensible - ok
20:00:18.0636 0x159c  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:00:18.0646 0x159c  IntcDAud - ok
20:00:18.0676 0x159c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
20:00:18.0676 0x159c  intelide - ok
20:00:18.0706 0x159c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:00:18.0706 0x159c  intelppm - ok
20:00:18.0736 0x159c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
20:00:18.0736 0x159c  IPBusEnum - ok
20:00:18.0756 0x159c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:00:18.0756 0x159c  IpFilterDriver - ok
20:00:18.0806 0x159c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:00:18.0836 0x159c  iphlpsvc - ok
20:00:18.0856 0x159c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
20:00:18.0856 0x159c  IPMIDRV - ok
20:00:18.0886 0x159c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:00:18.0886 0x159c  IPNAT - ok
20:00:18.0946 0x159c  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:00:18.0966 0x159c  iPod Service - ok
20:00:18.0996 0x159c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:00:18.0996 0x159c  IRENUM - ok
20:00:19.0006 0x159c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:00:19.0006 0x159c  isapnp - ok
20:00:19.0056 0x159c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
20:00:19.0066 0x159c  iScsiPrt - ok
20:00:19.0086 0x159c  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\windows\system32\DRIVERS\iwdbus.sys
20:00:19.0096 0x159c  iwdbus - ok
20:00:19.0116 0x159c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:00:19.0116 0x159c  kbdclass - ok
20:00:19.0136 0x159c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
20:00:19.0136 0x159c  kbdhid - ok
20:00:19.0146 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
20:00:19.0146 0x159c  KeyIso - ok
20:00:19.0187 0x159c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:00:19.0187 0x159c  KSecDD - ok
20:00:19.0207 0x159c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:00:19.0207 0x159c  KSecPkg - ok
20:00:19.0217 0x159c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:00:19.0217 0x159c  ksthunk - ok
20:00:19.0257 0x159c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
20:00:19.0267 0x159c  KtmRm - ok
20:00:19.0297 0x159c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
20:00:19.0307 0x159c  LanmanServer - ok
20:00:19.0337 0x159c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:00:19.0337 0x159c  LanmanWorkstation - ok
20:00:19.0447 0x159c  [ 4E99C77779FD7D844CF6DB2AD884C377, 1744C1A58EA49D6E11802CCC07908C017724ED6B0D71A53C773ABC8113368BC0 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
20:00:19.0487 0x159c  LavasoftAdAwareService11 - ok
20:00:19.0517 0x159c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:00:19.0517 0x159c  lltdio - ok
20:00:19.0557 0x159c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:00:19.0557 0x159c  lltdsvc - ok
20:00:19.0577 0x159c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:00:19.0577 0x159c  lmhosts - ok
20:00:19.0637 0x159c  [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:00:19.0647 0x159c  LMS - ok
20:00:19.0677 0x159c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
20:00:19.0677 0x159c  LSI_FC - ok
20:00:19.0707 0x159c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:00:19.0717 0x159c  LSI_SAS - ok
20:00:19.0737 0x159c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:00:19.0737 0x159c  LSI_SAS2 - ok
20:00:19.0747 0x159c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
20:00:19.0757 0x159c  LSI_SCSI - ok
20:00:19.0777 0x159c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
20:00:19.0777 0x159c  luafv - ok
20:00:19.0807 0x159c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
20:00:19.0807 0x159c  Mcx2Svc - ok
20:00:19.0827 0x159c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
20:00:19.0827 0x159c  megasas - ok
20:00:19.0867 0x159c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
20:00:19.0877 0x159c  MegaSR - ok
20:00:19.0927 0x159c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
20:00:19.0927 0x159c  MEIx64 - ok
20:00:19.0977 0x159c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
20:00:19.0977 0x159c  MMCSS - ok
20:00:19.0997 0x159c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
20:00:20.0007 0x159c  Modem - ok
20:00:20.0027 0x159c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:00:20.0027 0x159c  monitor - ok
20:00:20.0057 0x159c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:00:20.0057 0x159c  mouclass - ok
20:00:20.0087 0x159c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:00:20.0087 0x159c  mouhid - ok
20:00:20.0107 0x159c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:00:20.0107 0x159c  mountmgr - ok
20:00:20.0177 0x159c  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:00:20.0178 0x159c  MozillaMaintenance - ok
20:00:20.0238 0x159c  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
20:00:20.0248 0x159c  MpFilter - ok
20:00:20.0288 0x159c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
20:00:20.0298 0x159c  mpio - ok
20:00:20.0328 0x159c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:00:20.0338 0x159c  mpsdrv - ok
20:00:20.0378 0x159c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:00:20.0418 0x159c  MpsSvc - ok
20:00:20.0448 0x159c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:00:20.0458 0x159c  MRxDAV - ok
20:00:20.0488 0x159c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:00:20.0498 0x159c  mrxsmb - ok
20:00:20.0518 0x159c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:00:20.0528 0x159c  mrxsmb10 - ok
20:00:20.0548 0x159c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:00:20.0548 0x159c  mrxsmb20 - ok
20:00:20.0568 0x159c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
20:00:20.0578 0x159c  msahci - ok
20:00:20.0608 0x159c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
20:00:20.0608 0x159c  msdsm - ok
20:00:20.0638 0x159c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
20:00:20.0648 0x159c  MSDTC - ok
20:00:20.0668 0x159c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:00:20.0668 0x159c  Msfs - ok
20:00:20.0698 0x159c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:00:20.0698 0x159c  mshidkmdf - ok
20:00:20.0718 0x159c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:00:20.0718 0x159c  msisadrv - ok
20:00:20.0748 0x159c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:00:20.0758 0x159c  MSiSCSI - ok
20:00:20.0758 0x159c  msiserver - ok
20:00:20.0778 0x159c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:00:20.0778 0x159c  MSKSSRV - ok
20:00:20.0878 0x159c  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:00:20.0878 0x159c  MsMpSvc - ok
20:00:20.0888 0x159c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:00:20.0888 0x159c  MSPCLOCK - ok
20:00:20.0898 0x159c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:00:20.0908 0x159c  MSPQM - ok
20:00:20.0928 0x159c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:00:20.0938 0x159c  MsRPC - ok
20:00:20.0958 0x159c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:00:20.0958 0x159c  mssmbios - ok
20:00:20.0968 0x159c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:00:20.0968 0x159c  MSTEE - ok
20:00:20.0978 0x159c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
20:00:20.0978 0x159c  MTConfig - ok
20:00:20.0998 0x159c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
20:00:21.0008 0x159c  Mup - ok
20:00:21.0038 0x159c  [ 6ED8935257672F4CD04A88A0F3DE093D, 0417FD87546B105510BB29539AE29EB1DFE522416FC64E2A2ACB2DF24EAC7B1E ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:00:21.0048 0x159c  MyWiFiDHCPDNS - ok
20:00:21.0088 0x159c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
20:00:21.0108 0x159c  napagent - ok
20:00:21.0148 0x159c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:00:21.0158 0x159c  NativeWifiP - ok
20:00:21.0218 0x159c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
20:00:21.0258 0x159c  NDIS - ok
20:00:21.0278 0x159c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:00:21.0278 0x159c  NdisCap - ok
20:00:21.0298 0x159c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:00:21.0298 0x159c  NdisTapi - ok
20:00:21.0308 0x159c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:00:21.0308 0x159c  Ndisuio - ok
20:00:21.0328 0x159c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:00:21.0328 0x159c  NdisWan - ok
20:00:21.0348 0x159c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:00:21.0348 0x159c  NDProxy - ok
20:00:21.0448 0x159c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:00:21.0448 0x159c  Net Driver HPZ12 - ok
20:00:21.0458 0x159c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:00:21.0458 0x159c  NetBIOS - ok
20:00:21.0478 0x159c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:00:21.0478 0x159c  NetBT - ok
20:00:21.0488 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
20:00:21.0498 0x159c  Netlogon - ok
20:00:21.0528 0x159c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
20:00:21.0538 0x159c  Netman - ok
20:00:21.0588 0x159c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:21.0608 0x159c  NetMsmqActivator - ok
20:00:21.0608 0x159c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:21.0608 0x159c  NetPipeActivator - ok
20:00:21.0648 0x159c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
20:00:21.0658 0x159c  netprofm - ok
20:00:21.0668 0x159c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:21.0668 0x159c  NetTcpActivator - ok
20:00:21.0678 0x159c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:21.0678 0x159c  NetTcpPortSharing - ok
20:00:21.0968 0x159c  [ 5D262402B0634C998F8CBCEAD7DD8676, 535C869C4522B012A7FB600382D46D6E5F242C18F28590FD26A918648B19EDFD ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
20:00:22.0238 0x159c  NETwNs64 - ok
20:00:22.0288 0x159c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
20:00:22.0288 0x159c  nfrd960 - ok
20:00:22.0348 0x159c  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:00:22.0348 0x159c  NisDrv - ok
20:00:22.0408 0x159c  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
20:00:22.0418 0x159c  NisSrv - ok
20:00:22.0438 0x159c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
20:00:22.0448 0x159c  NlaSvc - ok
20:00:22.0598 0x159c  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:00:22.0688 0x159c  NOBU - ok
20:00:22.0708 0x159c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:00:22.0708 0x159c  Npfs - ok
20:00:22.0738 0x159c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
20:00:22.0738 0x159c  nsi - ok
20:00:22.0748 0x159c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:00:22.0758 0x159c  nsiproxy - ok
20:00:22.0838 0x159c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:00:22.0898 0x159c  Ntfs - ok
20:00:22.0908 0x159c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
20:00:22.0908 0x159c  Null - ok
20:00:22.0948 0x159c  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\windows\system32\DRIVERS\nusb3hub.sys
20:00:22.0948 0x159c  nusb3hub - ok
20:00:22.0968 0x159c  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\windows\system32\DRIVERS\nusb3xhc.sys
20:00:22.0968 0x159c  nusb3xhc - ok
20:00:22.0988 0x159c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:00:22.0998 0x159c  nvraid - ok
20:00:23.0018 0x159c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:00:23.0028 0x159c  nvstor - ok
20:00:23.0048 0x159c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:00:23.0048 0x159c  nv_agp - ok
20:00:23.0068 0x159c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
20:00:23.0068 0x159c  ohci1394 - ok
20:00:23.0128 0x159c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:00:23.0128 0x159c  ose - ok
20:00:23.0348 0x159c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:00:23.0518 0x159c  osppsvc - ok
20:00:23.0558 0x159c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:00:23.0568 0x159c  p2pimsvc - ok
20:00:23.0588 0x159c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
20:00:23.0608 0x159c  p2psvc - ok
20:00:23.0638 0x159c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
20:00:23.0638 0x159c  Parport - ok
20:00:23.0658 0x159c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:00:23.0668 0x159c  partmgr - ok
20:00:23.0688 0x159c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
20:00:23.0688 0x159c  PcaSvc - ok
20:00:23.0708 0x159c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
20:00:23.0708 0x159c  pci - ok
20:00:23.0738 0x159c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
20:00:23.0738 0x159c  pciide - ok
20:00:23.0768 0x159c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:00:23.0768 0x159c  pcmcia - ok
20:00:23.0788 0x159c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
20:00:23.0788 0x159c  pcw - ok
20:00:23.0818 0x159c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:00:23.0858 0x159c  PEAUTH - ok
20:00:23.0988 0x159c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:00:23.0988 0x159c  PerfHost - ok
20:00:24.0068 0x159c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
20:00:24.0118 0x159c  pla - ok
20:00:24.0168 0x159c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:00:24.0178 0x159c  PlugPlay - ok
20:00:24.0238 0x159c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:00:24.0238 0x159c  Pml Driver HPZ12 - ok
20:00:24.0248 0x159c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:00:24.0248 0x159c  PNRPAutoReg - ok
20:00:24.0278 0x159c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:00:24.0288 0x159c  PNRPsvc - ok
20:00:24.0328 0x159c  [ 34A8FAE065249F85A67A3215FF5ECB34, 913297755C1046BA004E79660B7DA5BBE5E92B96AAA83D78AE3FF379371950D5 ] Point64         C:\windows\system32\DRIVERS\point64.sys
20:00:24.0328 0x159c  Point64 - ok
20:00:24.0368 0x159c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:00:24.0388 0x159c  PolicyAgent - ok
20:00:24.0418 0x159c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
20:00:24.0428 0x159c  Power - ok
20:00:24.0478 0x159c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:00:24.0478 0x159c  PptpMiniport - ok
20:00:24.0488 0x159c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
20:00:24.0498 0x159c  Processor - ok
20:00:24.0528 0x159c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
20:00:24.0538 0x159c  ProfSvc - ok
20:00:24.0548 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
20:00:24.0548 0x159c  ProtectedStorage - ok
20:00:24.0578 0x159c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:00:24.0578 0x159c  Psched - ok
20:00:24.0618 0x159c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
20:00:24.0628 0x159c  PxHlpa64 - ok
20:00:24.0688 0x159c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
20:00:24.0738 0x159c  ql2300 - ok
20:00:24.0768 0x159c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
20:00:24.0768 0x159c  ql40xx - ok
20:00:24.0798 0x159c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
20:00:24.0808 0x159c  QWAVE - ok
20:00:24.0818 0x159c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:00:24.0818 0x159c  QWAVEdrv - ok
20:00:24.0838 0x159c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:00:24.0838 0x159c  RasAcd - ok
20:00:24.0878 0x159c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:00:24.0878 0x159c  RasAgileVpn - ok
20:00:24.0898 0x159c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
20:00:24.0908 0x159c  RasAuto - ok
20:00:24.0918 0x159c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:00:24.0928 0x159c  Rasl2tp - ok
20:00:24.0948 0x159c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
20:00:24.0958 0x159c  RasMan - ok
20:00:24.0978 0x159c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:00:24.0978 0x159c  RasPppoe - ok
20:00:24.0988 0x159c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:00:24.0988 0x159c  RasSstp - ok
20:00:25.0018 0x159c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:00:25.0028 0x159c  rdbss - ok
20:00:25.0048 0x159c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
20:00:25.0048 0x159c  rdpbus - ok
20:00:25.0068 0x159c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:00:25.0068 0x159c  RDPCDD - ok
20:00:25.0098 0x159c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:00:25.0098 0x159c  RDPENCDD - ok
20:00:25.0108 0x159c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:00:25.0108 0x159c  RDPREFMP - ok
20:00:25.0138 0x159c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:00:25.0138 0x159c  RDPWD - ok
20:00:25.0148 0x159c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:00:25.0158 0x159c  rdyboost - ok
20:00:25.0258 0x159c  [ 189C5A8D2098E0AA14FD157A954B34FC, 2549746D1C6F7FDCB632BE0E7386FA0CDDBA0EA0EC9DD88A8348A03B2C3722E0 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:00:25.0288 0x159c  RegSrvc - ok
20:00:25.0318 0x159c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:00:25.0318 0x159c  RemoteAccess - ok
20:00:25.0348 0x159c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:00:25.0358 0x159c  RemoteRegistry - ok
20:00:25.0398 0x159c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
20:00:25.0398 0x159c  RFCOMM - ok
20:00:25.0508 0x159c  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:00:25.0558 0x159c  RoxMediaDB12OEM - ok
20:00:25.0588 0x159c  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:00:25.0598 0x159c  RoxWatch12 - ok
20:00:25.0628 0x159c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:00:25.0638 0x159c  RpcEptMapper - ok
20:00:25.0668 0x159c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
20:00:25.0668 0x159c  RpcLocator - ok
20:00:25.0688 0x159c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
20:00:25.0708 0x159c  RpcSs - ok
20:00:25.0748 0x159c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:00:25.0758 0x159c  rspndr - ok
20:00:25.0808 0x159c  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA, D6F76ECD30EDE1E5B1F01919B1492715947ACCA411D70BB2771427775736C055 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
20:00:25.0818 0x159c  RSUSBSTOR - ok
20:00:25.0878 0x159c  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
20:00:25.0898 0x159c  RTL8167 - ok
20:00:25.0928 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
20:00:25.0928 0x159c  SamSs - ok
20:00:25.0948 0x159c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:00:25.0948 0x159c  sbp2port - ok
20:00:25.0978 0x159c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:00:25.0988 0x159c  SCardSvr - ok
20:00:25.0998 0x159c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:00:25.0998 0x159c  scfilter - ok
20:00:26.0038 0x159c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
20:00:26.0088 0x159c  Schedule - ok
20:00:26.0148 0x159c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:00:26.0148 0x159c  SCPolicySvc - ok
20:00:26.0168 0x159c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:00:26.0168 0x159c  SDRSVC - ok
20:00:26.0198 0x159c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:00:26.0198 0x159c  secdrv - ok
20:00:26.0208 0x159c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
20:00:26.0218 0x159c  seclogon - ok
20:00:26.0238 0x159c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
20:00:26.0238 0x159c  SENS - ok
20:00:26.0268 0x159c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:00:26.0268 0x159c  SensrSvc - ok
20:00:26.0288 0x159c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
20:00:26.0288 0x159c  Serenum - ok
20:00:26.0328 0x159c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
20:00:26.0328 0x159c  Serial - ok
20:00:26.0338 0x159c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
20:00:26.0338 0x159c  sermouse - ok
20:00:26.0358 0x159c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
20:00:26.0368 0x159c  SessionEnv - ok
20:00:26.0378 0x159c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
20:00:26.0378 0x159c  sffdisk - ok
20:00:26.0398 0x159c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
20:00:26.0398 0x159c  sffp_mmc - ok
20:00:26.0408 0x159c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
20:00:26.0408 0x159c  sffp_sd - ok
20:00:26.0428 0x159c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
20:00:26.0428 0x159c  sfloppy - ok
20:00:26.0508 0x159c  [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:00:26.0568 0x159c  SftService - ok
20:00:26.0608 0x159c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:00:26.0618 0x159c  SharedAccess - ok
20:00:26.0658 0x159c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:00:26.0668 0x159c  ShellHWDetection - ok
20:00:26.0688 0x159c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:00:26.0688 0x159c  SiSRaid2 - ok
20:00:26.0718 0x159c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:00:26.0718 0x159c  SiSRaid4 - ok
20:00:26.0758 0x159c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:00:26.0768 0x159c  SkypeUpdate - ok
20:00:26.0798 0x159c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
20:00:26.0798 0x159c  Smb - ok
20:00:26.0828 0x159c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:00:26.0838 0x159c  SNMPTRAP - ok
20:00:26.0848 0x159c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
20:00:26.0858 0x159c  spldr - ok
20:00:26.0898 0x159c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
20:00:26.0918 0x159c  Spooler - ok
20:00:27.0028 0x159c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
20:00:27.0138 0x159c  sppsvc - ok
20:00:27.0158 0x159c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
20:00:27.0168 0x159c  sppuinotify - ok
20:00:27.0198 0x159c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:00:27.0208 0x159c  srv - ok
20:00:27.0238 0x159c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:00:27.0248 0x159c  srv2 - ok
20:00:27.0268 0x159c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:00:27.0268 0x159c  srvnet - ok
20:00:27.0288 0x159c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:00:27.0288 0x159c  SSDPSRV - ok
20:00:27.0308 0x159c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:00:27.0318 0x159c  SstpSvc - ok
20:00:27.0388 0x159c  [ B2D8B364A831427A5741F6C408FA8AE3, 17BA3A936B26A2E4169F87C5E84DDA1E7892511D6B8A2E39564CCC930F582A64 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:00:27.0398 0x159c  STacSV - ok
20:00:27.0428 0x159c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:00:27.0428 0x159c  stexstor - ok
20:00:27.0488 0x159c  [ EF5ACDE92BA3F691BBFEF781CB063501, 4E16919DE52D8766FF88921F6B95B4015842F28EA19EAEF1D808BB3161713583 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
20:00:27.0498 0x159c  STHDA - ok
20:00:27.0548 0x159c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
20:00:27.0578 0x159c  stisvc - ok
20:00:27.0608 0x159c  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:00:27.0618 0x159c  stllssvr - ok
20:00:27.0638 0x159c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:00:27.0638 0x159c  swenum - ok
20:00:27.0678 0x159c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
20:00:27.0698 0x159c  swprv - ok
20:00:27.0768 0x159c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
20:00:27.0838 0x159c  SysMain - ok
20:00:27.0858 0x159c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:00:27.0858 0x159c  TabletInputService - ok
20:00:27.0878 0x159c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
20:00:27.0888 0x159c  TapiSrv - ok
20:00:27.0898 0x159c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
20:00:27.0908 0x159c  TBS - ok
20:00:28.0008 0x159c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:00:28.0078 0x159c  Tcpip - ok
20:00:28.0138 0x159c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:00:28.0178 0x159c  TCPIP6 - ok
20:00:28.0218 0x159c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:00:28.0218 0x159c  tcpipreg - ok
20:00:28.0249 0x159c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:00:28.0259 0x159c  TDPIPE - ok
20:00:28.0279 0x159c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
20:00:28.0279 0x159c  TDTCP - ok
20:00:28.0309 0x159c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:00:28.0309 0x159c  tdx - ok
20:00:28.0329 0x159c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:00:28.0329 0x159c  TermDD - ok
20:00:28.0379 0x159c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
20:00:28.0419 0x159c  TermService - ok
20:00:28.0429 0x159c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
20:00:28.0429 0x159c  Themes - ok
20:00:28.0469 0x159c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
20:00:28.0469 0x159c  THREADORDER - ok
20:00:28.0479 0x159c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
20:00:28.0489 0x159c  TrkWks - ok
20:00:28.0569 0x159c  [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] Trufos          C:\windows\system32\DRIVERS\Trufos.sys
20:00:28.0579 0x159c  Trufos - ok
20:00:28.0639 0x159c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:00:28.0649 0x159c  TrustedInstaller - ok
20:00:28.0669 0x159c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:00:28.0679 0x159c  tssecsrv - ok
20:00:28.0709 0x159c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:00:28.0709 0x159c  TsUsbFlt - ok
20:00:28.0729 0x159c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
20:00:28.0739 0x159c  TsUsbGD - ok
20:00:28.0769 0x159c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:00:28.0779 0x159c  tunnel - ok
20:00:28.0819 0x159c  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\windows\system32\DRIVERS\TurboB.sys
20:00:28.0829 0x159c  TurboB - ok
20:00:28.0869 0x159c  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:00:28.0889 0x159c  TurboBoost - ok
20:00:28.0899 0x159c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:00:28.0909 0x159c  uagp35 - ok
20:00:28.0939 0x159c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:00:28.0949 0x159c  udfs - ok
20:00:28.0969 0x159c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:00:28.0979 0x159c  UI0Detect - ok
20:00:28.0989 0x159c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:00:28.0989 0x159c  uliagpkx - ok
20:00:29.0029 0x159c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
20:00:29.0029 0x159c  umbus - ok
20:00:29.0049 0x159c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
20:00:29.0049 0x159c  UmPass - ok
20:00:29.0179 0x159c  [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:00:29.0259 0x159c  UNS - ok
20:00:29.0279 0x159c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
20:00:29.0289 0x159c  upnphost - ok
20:00:29.0299 0x159c  urvpndrv - ok
20:00:29.0349 0x159c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
20:00:29.0349 0x159c  USBAAPL64 - ok
20:00:29.0379 0x159c  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
20:00:29.0389 0x159c  usbccgp - ok
20:00:29.0419 0x159c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
20:00:29.0429 0x159c  usbcir - ok
20:00:29.0459 0x159c  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\windows\system32\drivers\usbehci.sys
20:00:29.0469 0x159c  usbehci - ok
20:00:29.0509 0x159c  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:00:29.0519 0x159c  usbhub - ok
20:00:29.0549 0x159c  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\windows\system32\drivers\usbohci.sys
20:00:29.0549 0x159c  usbohci - ok
20:00:29.0579 0x159c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
20:00:29.0579 0x159c  usbprint - ok
20:00:29.0599 0x159c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
20:00:29.0599 0x159c  usbscan - ok
20:00:29.0619 0x159c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:00:29.0629 0x159c  USBSTOR - ok
20:00:29.0659 0x159c  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
20:00:29.0659 0x159c  usbuhci - ok
20:00:29.0719 0x159c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:00:29.0719 0x159c  usbvideo - ok
20:00:29.0739 0x159c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
20:00:29.0749 0x159c  UxSms - ok
20:00:29.0759 0x159c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
20:00:29.0759 0x159c  VaultSvc - ok
20:00:29.0809 0x159c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:00:29.0809 0x159c  vdrvroot - ok
20:00:29.0839 0x159c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
20:00:29.0859 0x159c  vds - ok
20:00:29.0889 0x159c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
20:00:29.0889 0x159c  vga - ok
20:00:29.0899 0x159c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:00:29.0899 0x159c  VgaSave - ok
20:00:29.0919 0x159c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
20:00:29.0919 0x159c  vhdmp - ok
20:00:29.0959 0x159c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
20:00:29.0959 0x159c  viaide - ok
20:00:29.0969 0x159c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:00:29.0969 0x159c  volmgr - ok
20:00:29.0999 0x159c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:00:30.0009 0x159c  volmgrx - ok
20:00:30.0019 0x159c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:00:30.0019 0x159c  volsnap - ok
20:00:30.0049 0x159c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:00:30.0049 0x159c  vsmraid - ok
20:00:30.0129 0x159c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
20:00:30.0209 0x159c  VSS - ok
20:00:30.0219 0x159c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:00:30.0219 0x159c  vwifibus - ok
20:00:30.0229 0x159c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:00:30.0229 0x159c  vwififlt - ok
20:00:30.0269 0x159c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:00:30.0269 0x159c  vwifimp - ok
20:00:30.0299 0x159c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
20:00:30.0309 0x159c  W32Time - ok
20:00:30.0329 0x159c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
20:00:30.0329 0x159c  WacomPen - ok
20:00:30.0359 0x159c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:00:30.0359 0x159c  WANARP - ok
20:00:30.0369 0x159c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:00:30.0369 0x159c  Wanarpv6 - ok
20:00:30.0459 0x159c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
20:00:30.0509 0x159c  WatAdminSvc - ok
20:00:30.0569 0x159c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
20:00:30.0629 0x159c  wbengine - ok
20:00:30.0659 0x159c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:00:30.0669 0x159c  WbioSrvc - ok
20:00:30.0689 0x159c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:00:30.0699 0x159c  wcncsvc - ok
20:00:30.0709 0x159c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:00:30.0719 0x159c  WcsPlugInService - ok
20:00:30.0729 0x159c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
20:00:30.0739 0x159c  Wd - ok
20:00:30.0789 0x159c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:00:30.0829 0x159c  Wdf01000 - ok
20:00:30.0849 0x159c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:00:30.0859 0x159c  WdiServiceHost - ok
20:00:30.0859 0x159c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:00:30.0869 0x159c  WdiSystemHost - ok
20:00:30.0909 0x159c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
20:00:30.0919 0x159c  WebClient - ok
20:00:30.0939 0x159c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:00:30.0949 0x159c  Wecsvc - ok
20:00:30.0969 0x159c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:00:30.0979 0x159c  wercplsupport - ok
20:00:31.0009 0x159c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
20:00:31.0019 0x159c  WerSvc - ok
20:00:31.0049 0x159c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:00:31.0049 0x159c  WfpLwf - ok
20:00:31.0089 0x159c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
20:00:31.0089 0x159c  WimFltr - ok
20:00:31.0109 0x159c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:00:31.0109 0x159c  WIMMount - ok
20:00:31.0129 0x159c  WinDefend - ok
20:00:31.0149 0x159c  WinHttpAutoProxySvc - ok
20:00:31.0209 0x159c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:00:31.0219 0x159c  Winmgmt - ok
20:00:31.0299 0x159c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
20:00:31.0379 0x159c  WinRM - ok
20:00:31.0459 0x159c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
20:00:31.0459 0x159c  WinUsb - ok
20:00:31.0519 0x159c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
20:00:31.0549 0x159c  Wlansvc - ok
20:00:31.0599 0x159c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:00:31.0599 0x159c  wlcrasvc - ok
20:00:31.0719 0x159c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:00:31.0789 0x159c  wlidsvc - ok
20:00:31.0839 0x159c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
20:00:31.0839 0x159c  WmiAcpi - ok
20:00:31.0879 0x159c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:00:31.0879 0x159c  wmiApSrv - ok
20:00:31.0919 0x159c  WMPNetworkSvc - ok
20:00:31.0949 0x159c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:00:31.0949 0x159c  WPCSvc - ok
20:00:31.0969 0x159c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:00:31.0969 0x159c  WPDBusEnum - ok
20:00:31.0989 0x159c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:00:31.0989 0x159c  ws2ifsl - ok
20:00:32.0009 0x159c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
20:00:32.0009 0x159c  wscsvc - ok
20:00:32.0009 0x159c  WSearch - ok
20:00:32.0109 0x159c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
20:00:32.0199 0x159c  wuauserv - ok
20:00:32.0239 0x159c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:00:32.0239 0x159c  WudfPf - ok
20:00:32.0259 0x159c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
20:00:32.0269 0x159c  WUDFRd - ok
20:00:32.0289 0x159c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:00:32.0299 0x159c  wudfsvc - ok
20:00:32.0339 0x159c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
20:00:32.0339 0x159c  WwanSvc - ok
20:00:32.0449 0x159c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:00:32.0469 0x159c  YahooAUService - ok
20:00:32.0499 0x159c  ================ Scan global ===============================
20:00:32.0529 0x159c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
20:00:32.0569 0x159c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:00:32.0579 0x159c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:00:32.0609 0x159c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:00:32.0649 0x159c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
20:00:32.0659 0x159c  [ Global ] - ok
20:00:32.0659 0x159c  ================ Scan MBR ==================================
20:00:32.0669 0x159c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:00:33.0049 0x159c  \Device\Harddisk0\DR0 - ok
20:00:33.0049 0x159c  ================ Scan VBR ==================================
20:00:33.0049 0x159c  [ 17E6064B18AA88ED8319B3238FE06A25 ] \Device\Harddisk0\DR0\Partition1
20:00:33.0049 0x159c  \Device\Harddisk0\DR0\Partition1 - ok
20:00:33.0049 0x159c  [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
20:00:33.0089 0x159c  \Device\Harddisk0\DR0\Partition2 - ok
20:00:33.0089 0x159c  ================ Scan generic autorun ======================
20:00:33.0119 0x159c  [ 1E31601B50CB0307CB890D42BE58817D, F6CEADECC6E22D77846329817297D65BE75B528F7D1EE1363A5FA1F581CD5187 ] C:\Windows\system32\igfxtray.exe
20:00:33.0129 0x159c  IgfxTray - ok
20:00:33.0149 0x159c  [ 45420ED072CD78487A0FDDBE3A1F6026, B93E8D0BC87727A220A45B0292318AE693CFA680DC56E8271715E3B28D3EF015 ] C:\Windows\system32\hkcmd.exe
20:00:33.0159 0x159c  HotKeysCmds - ok
20:00:33.0179 0x159c  [ 56A3D5432E9CFB8E3443BED8C1CB14A1, 68F590F07B3E2414753EC76E9E69F2FB9C7D226D235CF352C991DD159A9DE11C ] C:\Windows\system32\igfxpers.exe
20:00:33.0189 0x159c  Persistence - ok
20:00:33.0229 0x159c  [ 759CDFE07A593142AD7FD5029E582FE3, 24DF8DD2003F2460CE08C2B64CFC8576DFA2067E71DE2F8FA94553D2391D8471 ] C:\Program Files\IDT\WDM\sttray64.exe
20:00:33.0249 0x159c  SysTrayApp - ok
20:00:33.0300 0x159c  [ 3F1C67C99FF157349E04DCE25E1EDDA7, 3DB2AFDC3695AFE4703CAE7D73AB02790BC11401C2107CEFDBB76ED2B181FD31 ] C:\Program Files\DellTPad\Apoint.exe
20:00:33.0320 0x159c  Apoint - ok
20:00:33.0470 0x159c  [ 9695E2D1BF7AA4A98F3C0C3219B16E20, 043392E100B5B9584D8E8BDFF5F465266D52211A30FB03134F92111C375A3714 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
20:00:33.0600 0x159c  QuickSet - ok
20:00:33.0600 0x159c  IntelTBRunOnce - ok
20:00:33.0670 0x159c  [ 23E6E5C5061A44C32E9922B4AF22D895, B166E2DB3E9C2B8234CEE3B001D63BFFC4F41635455016DD54CD0F03B08410A0 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
20:00:33.0750 0x159c  IntelWireless - ok
20:00:33.0750 0x159c  BTMTrayAgent - ok
20:00:33.0870 0x159c  [ 04DC919865A7CF29CF9F19F00D1EB646, D9EEA61EB625A1833813C7D61A7D095A161830E6B27BCA4B4157D6502DE137EA ] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
20:00:34.0000 0x159c  DellStage - ok
20:00:34.0110 0x159c  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
20:00:34.0150 0x159c  MSC - ok
20:00:34.0180 0x159c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:00:34.0190 0x159c  Logitech Download Assistant - ok
20:00:34.0250 0x159c  [ 2EF0B3C51971F51ED700C01CFBC5B82A, 5EF6CEFA0D7F38EDBE8A3BB518E49B82CDCDD8BC76E6019FD142A28A08D01223 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
20:00:34.0330 0x159c  Dell Webcam Central - ok
20:00:34.0400 0x159c  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
20:00:34.0410 0x159c  IAStorIcon - ok
20:00:34.0480 0x159c  [ 4164A47F3A2DA7EA44572904C3DF44A4, 192097A694949269CD642C4F832715F48F4448669951D027DBECE9D873E9DA94 ] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
20:00:34.0490 0x159c  Desktop Disc Tool - ok
20:00:34.0630 0x159c  [ 51D832E9F377A3D57E44F199CE10B637, 45FCC052AE449EC0983B5753ABE59915C543BF1CF3B6DB5B803B8D3E98C8387D ] C:\Program Files (x86)\System Registration\prodreg.exe
20:00:34.0890 0x159c  Dell Registration - ok
20:00:34.0980 0x159c  [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
20:00:35.0020 0x159c  Dell DataSafe Online - ok
20:00:35.0080 0x159c  [ 0771B5F987FDCF35B7B218C6AE7AA868, F68240A0291160A97950EFB92A5B2F7B4798E4E9F643D452E0C9DA9DC6A3F3BF ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
20:00:35.0130 0x159c  AccuWeatherWidget - ok
20:00:35.0210 0x159c  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
20:00:35.0270 0x159c  HP Software Update - ok
20:00:35.0370 0x159c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:00:35.0420 0x159c  Sidebar - ok
20:00:35.0440 0x159c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:00:35.0450 0x159c  mctadmin - ok
20:00:35.0480 0x159c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:00:35.0510 0x159c  Sidebar - ok
20:00:35.0510 0x159c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:00:35.0520 0x159c  mctadmin - ok
20:00:35.0730 0x159c  [ E5C50D7F326AC51105B2737D31EEBDDB, 8C3EF83276EE192E396CACB7A13DA6EAA8EBCD921D5AA817E06F2DB2744CAF26 ] C:\Program Files\CCleaner\CCleaner64.exe
20:00:35.0940 0x159c  CCleaner - ok
20:00:35.0940 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:36.0941 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:37.0941 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:38.0941 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:39.0942 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:40.0942 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:41.0942 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:42.0943 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:43.0943 0x159c  Waiting for KSN requests completion. In queue: 75
20:00:44.0953 0x159c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
20:00:45.0003 0x159c  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareSecurityCenter.exe ( 11.3.6321.0 ), 0x40010 ( disabled : outofdate )
20:00:45.0003 0x159c  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareSecurityCenter.exe ( 11.3.6321.0 ), 0x40010 ( disabled )
20:00:45.0003 0x159c  Win FW state via NFP2: enabled
20:00:50.0904 0x159c  ============================================================
20:00:50.0904 0x159c  Scan finished
20:00:50.0904 0x159c  ============================================================
20:00:50.0904 0x1948  Detected object count: 0
20:00:50.0904 0x1948  Actual detected object count: 0


Edited by geeknick, 25 September 2014 - 10:55 AM.


#10 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 25 September 2014 - 07:51 PM

ok we will use FRST:

 

Open notepad. Please copy the contents of the code box below. save it to your desktop as fixlist.txt

Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt. Machine will reboot.

You can find a copy of the log here:

C:\FRST\Logs

Please copy/paste the latest one in your next reply.

C:\Users\R-C House\install_reader10_en_gtba_aih.exe
C:\Users\R-C House\shrink_pic18.exe
C:\Users\R-C House\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzngpuz.dll
HKLM\...\Run: [] => [X]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [] => [X]
EmptyTemp:

How Can I Reduce My Risk to Malware?


#11 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 27 September 2014 - 04:37 PM

Hi Shelf Life,

 

I apologize for the delay in responding to your last post. I've been away from the computer for the past several days, and I won't get back to it for a few more days. I'll definitely run the FRST fix as soon as possible and post the results.

 

Thank you again for your assistance!



#12 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 28 September 2014 - 07:54 AM

Ok, no problem.


How Can I Reduce My Risk to Malware?


#13 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 29 September 2014 - 10:41 AM

Here's the log you requested:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 02
Ran by R-C House at 2014-09-29 11:14:04 Run:1
Running from C:\Users\R-C House\Desktop
Loaded Profile: R-C House (Available profiles: R-C House)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\R-C House\install_reader10_en_gtba_aih.exe
C:\Users\R-C House\shrink_pic18.exe
C:\Users\R-C House\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzngpuz.dll
HKLM\...\Run: [] => [X]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [] => [X]
EmptyTemp:
*****************

C:\Users\R-C House\install_reader10_en_gtba_aih.exe => Moved successfully.
C:\Users\R-C House\shrink_pic18.exe => Moved successfully.
"C:\Users\R-C House\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzngpuz.dll" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
EmptyTemp: => Removed 150.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====



#14 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:38 PM

Posted 29 September 2014 - 07:28 PM

ok thanks for the info. One more download to use:

 

Please download Adwcleaner.exe to your desktop.
    Double click on AdwCleaner.exe, select OK, then Run
    Click on the Scan button
    Then the delete button.

    Machine will reboot to finish the removal process
    On reboot a log will be displayed. Please copy/paste the log in your reply.
   


How Can I Reduce My Risk to Malware?


#15 geeknick

geeknick
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:38 PM

Posted 29 September 2014 - 08:39 PM

Here's the Adwcleaner log:

 

# AdwCleaner v3.310 - Report created 29/09/2014 at 21:19:07
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : R-C House - R-CHOUSE-PC
# Running from : C:\Users\R-C House\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\R-C House\AppData\Roaming\Mozilla\Firefox\Profiles\598dct7j.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\R-C House\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11311 octets] - [16/09/2014 17:00:15]
AdwCleaner[R1].txt - [1409 octets] - [16/09/2014 17:27:25]
AdwCleaner[R2].txt - [1258 octets] - [24/09/2014 19:25:22]
AdwCleaner[R3].txt - [1379 octets] - [29/09/2014 21:17:04]
AdwCleaner[S0].txt - [10870 octets] - [16/09/2014 17:01:23]
AdwCleaner[S1].txt - [1476 octets] - [16/09/2014 17:29:19]
AdwCleaner[S2].txt - [1322 octets] - [24/09/2014 19:27:43]
AdwCleaner[S3].txt - [1302 octets] - [29/09/2014 21:19:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1362 octets] ##########
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users