Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help cleaning out youradexchange and other adware/maleware


  • This topic is locked This topic is locked
72 replies to this topic

#1 PreciousMazie

PreciousMazie

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 05 February 2015 - 11:26 AM

Where to begin? I ran a duplicate file finder and made the mistake of clicking on remove all duplicates. It wiped out 25 gigs of info on my computer all pictures taken with my digital camara all pdf files many pictures that I had downloaded off the net. all mp3 audio files my tax records and some programs and more. Now some of those might have been duplicates but most were not. I did not realize the extent of the damage I had done until my backup software had stopped making backups. My husband reloaded a new version of our software trying to make it backup each night. He had me check my new backup which is when I noticed that it had not backed up any of my picture files. I thought it was a problem with the backup software but when I checked the files on my computer they were truly empty. However when he did the new back up it eraced all of my old backups so my files are all gone with no backup. The story gets worse. I went looking for a program that would undelete deleted files on the internet. I found one downloaded it and installed it but much to my dismay it was full of adware and maleware that I can not seem to get rid of even after running Malewarebytes and junkfile remover adblock I have this adware maleware problem when runing firefox. I have been trying to rescue my computer and files and now all my files are gone and I have an infected computer and my backup is still not working and I am in tears. I would appreciate any help. Thank-you.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by DEBBYSDELL (administrator) on DEBBYSDELL-PC on 05-02-2015 10:11:14
Running from C:\Users\DEBBYSDELL\Downloads
Loaded Profiles: DEBBYSDELL (Available profiles: DEBBYSDELL & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Nikon Corporation) C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(SanDisk Corporation) C:\Users\DEBBYSDELL\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Update Manager\WZUpdateManager.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Applian Technologies, Inc.) C:\Users\DEBBYSDELL\Documents\Freecorder1\FLVSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Dropbox, Inc.) C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(WinZip Computing, S.L. (WinZip Computing)) C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe
(WinZip Computing, S.L. (WinZip Computing)) C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_257_ActiveX.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1437696 2009-09-16] (Intel® Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel® Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [Nikon Transfer Monitor] => c:\program files (x86)\common files\nikon\monitor\nkmonitor.exe [479232 2009-02-24] (Nikon Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [Family Tree Builder Update] => c:\program files (x86)\myheritage\bin\ftbcheckupdates.exe [2522624 2013-04-23] (MyHeritage)
HKLM\...\Run: [Desktop Disc Tool] => c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe [494064 2009-06-18] ()
HKLM\...\Run: [Dell Webcam Central] => c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-10-05] (RealNetworks, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5306776 2014-11-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [603904 2014-10-17] (Acronis International GmbH)
HKLM-x32\...\Run: [Freecorder FLV Service] => C:\Users\DEBBYSDELL\Documents\Freecorder1\FLVSrvc.exe [167936 2011-03-24] (Applian Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM-x32\...\Run: [RemoteControl9] => c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [FATrayAlert] => c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [93312 2010-08-17] (Sensible Vision )
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [181208 2013-04-03] (cyberlink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2013-08-12] (Renesas Electronics Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [SansaDispatch] => c:\users\debbysdell\appdata\roaming\sandisk\sansa updater\sansadispatch.exe [613888 2013-06-11] (SanDisk Corporation)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2052 2014-04-27] ()
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-17] (IObit)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Update Manager.lnk
ShortcutTarget: WinZip Update Manager.lnk -> C:\Program Files (x86)\WinZip Update Manager\WZUpdateManager.exe (Nico Mak Computing)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * SmartDefragBootTime.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-US&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {3f2ae504-aa17-4805-90e8-56e48f98731c} - No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {418ACE4E-C900-4C8E-8ADD-37E140055336} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> F02C586C53E541218B3E612F7D3E2379 URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {1CE0AD3C-3E28-4C37-863F-85BA0DA9A3C5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {7F98DEB1-8EE6-4B2E-9574-434F7EE4ABD8} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files (x86)\Booster-Web\Booster-Web.dll (App LLC)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files (x86)\Booster-Web\Booster-Web.dll (App LLC)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {7abeab51-07be-42c5-89b4-c7f1a3a31816} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [9740800 2014-11-24] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 166.102.165.13

FireFox:
========
FF ProfilePath: C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\searchplugins\securesearch.xml
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\artur.dubovoy@gmail.com [2015-01-26]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-22]
FF Extension: Booster Web - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-01-31]
FF Extension: PlayOn - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\playonplugin@playon.tv [2014-08-26]
FF Extension: Zoom It - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{0ea745e5-deb5-2809-e741-dfdb8c4f1b01} [2015-02-03]
FF Extension: Flash and Video Download - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-01-28]
FF Extension: Evernote Web Clipper - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2015-01-24]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-02-03]
FF Extension: Ghostery - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\firefox@ghostery.com.xpi [2015-02-03]
FF Extension: Pin It Button - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-10-31]
FF Extension: Download YouTube Videos as MP4 - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-10-05]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-02-03]
FF Extension: Adblock Plus - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-02]
FF Extension: Adblock Edge - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - c:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - c:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2010-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (Kindle Cloud Reader) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-08-23]
CHR Extension: (RealDownloader) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-04]
CHR Extension: (PlayOn) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-08-26]
CHR Extension: (Google Wallet) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

Opera:
=======
OPR Extension: (Evernote Web Clipper) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd [2014-06-01]
OPR Extension: (USA Live TV) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\fddkpmjfmdedbbaaolfophoeeebpcfma [2014-10-08]
OPR Extension: (Download Master) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjidkaoploafppfnkhodonjhlkedndaa [2014-10-08]
OPR Extension: (PlayOn) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-08-26]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2014-10-08]
OPR Extension: (Pinterest) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\objncbokngchniifnaijjjilieiahogg [2014-05-04]
OPR Extension: (Adblock Plus) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-02-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-04-03] (CyberLink)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [403456 2009-09-15] (Red Bend Ltd.) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 FAService; c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2423936 2010-08-17] (Sensible Vision ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5826352 2014-11-24] (MediaMall Technologies, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-01-12] (Realtek Semiconductor)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [907264 2009-09-15] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WINZIPSSDiskOptimizer; C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [290424 2014-11-27] (WinZip Computing, S.L. (WinZip Computing))

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1927808 2013-08-13] (AVerMedia TECHNOLOGIES, Inc.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-01-26] (Acronis International GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2014-06-06] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-12] (Synaptics Incorporated)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-01-26] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-01-26] (Acronis International GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 10:11 - 2015-02-05 10:11 - 00038879 _____ () C:\Users\DEBBYSDELL\Downloads\FRST.txt
2015-02-05 10:09 - 2015-02-05 10:09 - 02131968 _____ (Farbar) C:\Users\DEBBYSDELL\Desktop\FRST64.exe
2015-02-05 10:08 - 2015-02-05 10:08 - 00000000 ____D () C:\Users\DEBBYSDELL\Downloads\not sure what all these are
2015-02-04 14:01 - 2015-02-04 14:01 - 00001108 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2015-02-04 13:59 - 2015-02-04 13:58 - 02026456 _____ () C:\Users\DEBBYSDELL\Desktop\dixmlsetup.exe
2015-02-04 13:56 - 2015-02-04 13:57 - 00000234 _____ () C:\Users\DEBBYSDELL\Desktop\my need help at bleeping.url
2015-02-04 13:54 - 2015-02-04 13:54 - 00000217 _____ () C:\Users\DEBBYSDELL\Desktop\prep guide bleeping.url
2015-02-04 12:20 - 2015-02-04 12:27 - 00001676 _____ () C:\Windows\system32\ASOROSet.bin
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\2C0A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0C0A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0C04
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0816
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0804
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0424
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041F
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041E
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041D
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041B
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0419
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0416
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0415
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0414
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0413
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0412
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0411
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0410
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040E
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040D
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040C
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040B
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0408
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0407
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0406
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0405
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0404
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0401
2015-02-04 11:17 - 2009-02-05 10:53 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-02-04 11:15 - 2015-02-04 11:15 - 00000000 ____D () C:\Windows\Driver Cache
2015-02-04 11:15 - 2015-02-04 11:15 - 00000000 ____D () C:\Program Files (x86)\AVerMedia
2015-02-04 11:15 - 2013-08-13 03:06 - 01927808 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\Drivers\AVer7231_x64.sys
2015-02-04 11:15 - 2013-03-25 02:13 - 00115032 _____ (NXP Semiconductors Germany GmbH) C:\Windows\SysWOW64\NXPMV64.dll
2015-02-04 10:16 - 2015-02-04 10:16 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403966768
2015-02-04 05:38 - 2015-02-04 12:42 - 00003128 _____ () C:\Windows\System32\Tasks\WSUS-System Protector_startup
2015-02-04 05:18 - 2015-02-04 12:47 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\WinZip
2015-02-04 05:18 - 2015-02-04 12:30 - 00000520 _____ () C:\Windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
2015-02-04 05:18 - 2015-02-04 05:18 - 00003406 _____ () C:\Windows\System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\ProgramData\WinZip
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip System Utilities Suite
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\Program Files (x86)\WinZip System Utilities Suite
2015-02-04 05:17 - 2014-11-27 12:13 - 00019064 _____ (WinZip Computing, S.L.(WinZip Computing)) C:\Windows\system32\roboot64.exe
2015-02-04 05:17 - 2014-10-01 18:04 - 00020480 _____ () C:\Windows\system32\sasnative64.exe
2015-02-04 04:00 - 2015-02-04 04:00 - 00000000 ____D () C:\Windows\Repair
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\WinZip Update Manager
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\Corel
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\Program Files (x86)\WinZip Update Manager
2015-02-03 22:49 - 2015-02-03 22:49 - 1271636504 _____ () C:\Windows\MEMORY.DMP
2015-02-03 13:24 - 2015-02-03 13:24 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\LavasoftStatistics
2015-02-03 13:23 - 2015-02-03 13:23 - 00005184 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-03 13:23 - 2015-02-03 13:23 - 00002880 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-03 13:23 - 2015-02-03 13:23 - 00002880 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-03 13:23 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-03 13:23 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-02-03 11:37 - 2015-02-03 11:37 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-03 11:37 - 2015-02-03 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 10:38 - 2015-02-05 05:09 - 00216408 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 10:25 - 2015-02-03 10:25 - 00140648 _____ () C:\Users\DEBBYSDELL\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 10:20 - 2015-02-03 22:50 - 00512904 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 13:30 - 2015-02-02 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax Business 2014
2015-02-02 13:21 - 2015-02-02 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-02-02 05:53 - 2015-02-03 12:22 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-02-02 05:53 - 2015-02-02 05:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-02-02 05:52 - 2015-02-02 05:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-02-01 19:22 - 2015-02-01 19:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6
2015-02-01 18:08 - 2015-02-03 15:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 18:08 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 18:08 - 2015-02-01 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-01 18:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 18:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 18:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-31 18:03 - 2015-01-31 18:07 - 00000000 ____D () C:\Program Files (x86)\Booster-Web
2015-01-31 13:09 - 2015-01-31 13:09 - 00003532 _____ () C:\Windows\System32\Tasks\PastaLeads
2015-01-31 13:04 - 2015-01-31 13:05 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web
2015-01-31 13:04 - 2015-01-31 13:04 - 00003308 _____ () C:\Windows\System32\Tasks\sondhschedule
2015-01-31 13:01 - 2015-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\Bobrowsercm
2015-01-31 13:01 - 2015-01-31 13:01 - 00000000 ____D () C:\Program Files (x86)\download Manager
2015-01-28 13:05 - 2015-01-28 13:05 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\OfficeRecovery
2015-01-27 18:23 - 2015-01-27 18:23 - 00038912 ___SH () C:\Users\DEBBYSDELL\Downloads\Thumbs.db
2015-01-26 23:26 - 2015-01-26 23:26 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\MusE
2015-01-26 23:26 - 2015-01-26 23:26 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\MusE
2015-01-26 22:50 - 2015-01-26 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-01-26 22:50 - 2015-01-26 22:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2015-01-26 20:56 - 2015-01-26 20:56 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-26 16:13 - 2015-02-03 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 03:01 - 2015-01-26 03:01 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2015-01-26 03:00 - 2015-01-26 03:00 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2015-01-26 03:00 - 2015-01-26 03:00 - 00001218 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2015-01-26 03:00 - 2015-01-26 03:00 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\805E0580-FE2C-4927-9C71-6F03C79A4E79
2015-01-26 02:17 - 2015-01-26 02:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Acronisreport
2015-01-26 02:17 - 2015-01-26 02:17 - 00014848 ___SH () C:\Users\DEBBYSDELL\Thumbs.db
2015-01-26 02:09 - 2015-02-04 12:43 - 00000000 ___RD () C:\Users\DEBBYSDELL\Sync(1)
2015-01-25 19:21 - 2015-02-03 20:02 - 00278016 ___SH () C:\Users\DEBBYSDELL\Desktop\Thumbs.db
2015-01-25 11:57 - 2015-01-25 11:57 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-25 11:57 - 2015-01-25 11:57 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00027983 _____ () C:\Windows\system32\nvinfo.pb
2015-01-25 11:55 - 2015-01-25 11:55 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-25 11:55 - 2015-01-25 11:55 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-25 11:55 - 2015-01-25 11:55 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-13 17:26 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:26 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:26 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:26 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:26 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:26 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:26 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 17:18 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 17:18 - 2014-12-11 11:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 17:17 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 17:17 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 17:17 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 17:17 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 00:32 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-12 00:32 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-12 00:32 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-12 00:32 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-12 00:32 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-12 00:32 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-12 00:32 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-12 00:32 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-12 00:32 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-12 00:32 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-12 00:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-12 00:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-12 00:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-12 00:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-12 00:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-12 00:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-12 00:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-12 00:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-12 00:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-12 00:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-12 00:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-12 00:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-12 00:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-12 00:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-12 00:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-12 00:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-12 00:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-12 00:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-12 00:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-12 00:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-12 00:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-12 00:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-12 00:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-12 00:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-12 00:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-12 00:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-12 00:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-12 00:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-12 00:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-12 00:28 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-12 00:28 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-12 00:28 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-12 00:28 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-12 00:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-12 00:28 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-12 00:28 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-12 00:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-12 00:28 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-12 00:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-12 00:28 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-12 00:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-12 00:28 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-12 00:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-12 00:28 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-12 00:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-12 00:28 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-12 00:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-12 00:28 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-12 00:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-12 00:28 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-12 00:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-12 00:21 - 2015-01-12 00:21 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2015-01-12 00:21 - 2015-01-12 00:21 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat
2015-01-12 00:19 - 2015-01-12 00:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-12 00:19 - 2015-01-12 00:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-12 00:19 - 2015-01-12 00:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-12 00:18 - 2015-01-12 00:18 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-12 00:17 - 2015-01-12 00:17 - 00942808 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-12 00:17 - 2015-01-12 00:17 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-12 00:15 - 2015-01-12 00:15 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-12 00:15 - 2015-01-12 00:15 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-12 00:15 - 2015-01-12 00:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-12 00:11 - 2015-01-12 00:11 - 01484804 _____ () C:\Windows\system32\Drivers\besor.sbcf
2015-01-12 00:11 - 2015-01-12 00:11 - 00084992 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys
2015-01-12 00:11 - 2015-01-12 00:11 - 00084480 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys
2015-01-12 00:11 - 2015-01-12 00:11 - 00021504 _____ (Intel Corporation) C:\Windows\system32\BPCoInstaller.dll
2015-01-12 00:10 - 2015-01-12 00:10 - 00400896 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\CoSetup_x64_.ax
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_6B071461_aa.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_ca.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_aa.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_8a.bin
2015-01-11 21:25 - 2015-01-11 21:25 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-07 19:14 - 2015-01-07 19:14 - 00000000 ___RD () C:\Users\DEBBYSDELL\Documents\My Genealogy Reports
2015-01-07 09:24 - 2001-08-07 22:50 - 01046288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJet35.dll
2015-01-07 09:24 - 2001-08-07 22:50 - 00415504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRepl35.dll
2015-01-07 09:24 - 2001-08-07 22:50 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2x35.dll
2015-01-07 09:24 - 2001-08-07 22:50 - 00123664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJInt35.dll
2015-01-07 09:24 - 2001-08-07 22:50 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCTL32.dll
2015-01-07 09:24 - 2001-08-07 22:50 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJtEr35.dll
2015-01-06 07:42 - 2015-01-06 07:42 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 10:11 - 2014-01-03 12:39 - 00000000 ____D () C:\FRST
2015-02-05 10:08 - 2011-01-07 05:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Downloads\installed
2015-02-05 09:39 - 2013-05-20 05:08 - 00000000 ____D () C:\ProgramData\MediaMall
2015-02-05 09:37 - 2011-01-07 19:49 - 00000000 ____D () C:\Users\DEBBYSDELL\Outlook Files
2015-02-05 09:32 - 2014-02-24 00:57 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\MotoCast
2015-02-05 09:16 - 2011-10-20 20:26 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 23:19 - 2011-10-19 20:47 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4B3F8CF8-5AE7-4030-B9DB-4857F4875A17}
2015-02-04 19:16 - 2012-07-12 23:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c.job
2015-02-04 14:01 - 2012-03-07 05:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2015-02-04 13:51 - 2009-07-13 23:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-04 12:48 - 2009-07-13 22:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 12:48 - 2009-07-13 22:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 12:33 - 2014-06-17 09:41 - 00000000 ___RD () C:\Users\DEBBYSDELL\Desktop\Dropbox
2015-02-04 12:33 - 2014-02-24 01:00 - 00000000 ____D () C:\Users\DEBBYSDELL\.gstreamer-0.10
2015-02-04 12:33 - 2011-10-25 11:31 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox
2015-02-04 12:32 - 2010-12-16 14:17 - 00000050 _____ () C:\Windows\system32\SupplicantTest.log
2015-02-04 12:31 - 2014-04-22 11:54 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\stickies
2015-02-04 12:31 - 2010-12-16 14:31 - 00000000 ____D () C:\Temp
2015-02-04 12:30 - 2011-10-03 13:02 - 00000000 ____D () C:\Users\DEBBYSDELL
2015-02-04 12:30 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 12:27 - 2009-07-13 20:34 - 25690112 _____ () C:\Windows\system32\config\system.bak
2015-02-04 12:27 - 2009-07-13 20:34 - 111550464 _____ () C:\Windows\system32\config\software.bak
2015-02-04 12:27 - 2009-07-13 20:34 - 00032768 _____ () C:\Windows\system32\config\security.bak
2015-02-04 12:20 - 2009-07-13 20:34 - 00094208 _____ () C:\Windows\system32\config\sam.bak
2015-02-04 12:12 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\0409
2015-02-04 11:17 - 2010-12-16 14:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-04 11:16 - 2010-12-16 14:20 - 00000000 ____D () C:\Intel
2015-02-04 10:17 - 2013-12-07 12:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-04 06:50 - 2013-12-16 10:41 - 00000000 __SHD () C:\found.000
2015-02-03 22:50 - 2011-10-23 07:17 - 00000000 ____D () C:\Windows\Minidump
2015-02-03 18:58 - 2011-01-06 13:04 - 00000000 ___RD () C:\Users\DEBBYSDELL\Virtual Machines
2015-02-03 14:30 - 2014-06-06 14:48 - 00000000 ____D () C:\Program Files\pcmax
2015-02-03 11:08 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-02-03 10:19 - 2010-12-16 14:59 - 00000000 ____D () C:\ProgramData\Temp
2015-02-03 09:24 - 2013-08-23 11:08 - 00000000 ____D () C:\Windows\pss
2015-02-03 00:14 - 2009-07-14 01:46 - 00000000 ____D () C:\Windows\CSC
2015-02-03 00:14 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\IME
2015-02-02 21:15 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\TurboTax
2015-02-02 13:32 - 2012-02-01 11:17 - 00001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-02-02 13:29 - 2012-01-25 10:35 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2015-02-01 19:08 - 2014-12-11 04:46 - 00003360 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-02-01 19:08 - 2014-11-30 23:16 - 00003236 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-02-01 16:29 - 2013-11-18 18:24 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-02-01 16:02 - 2013-08-31 17:16 - 00000000 ____D () C:\AdwCleaner
2015-02-01 14:35 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Food and  Recipes
2015-01-31 19:31 - 2014-11-16 20:28 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-31 18:02 - 2012-07-06 09:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 18:00 - 2013-12-11 19:14 - 40824832 _____ () C:\Windows\system32\config\components.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 111550464 _____ () C:\Windows\system32\config\software.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 05877760 _____ () C:\Windows\system32\config\default.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 00094208 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak
2015-01-31 14:07 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\my PDF files
2015-01-31 14:04 - 2011-01-05 20:28 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Art Studies
2015-01-31 12:01 - 2014-08-28 12:16 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Adobe
2015-01-31 12:00 - 2012-07-06 09:15 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-31 12:00 - 2012-04-12 04:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-31 12:00 - 2011-10-20 20:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-31 11:07 - 2011-08-11 13:30 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Kindle Content
2015-01-31 09:46 - 2012-05-10 07:38 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Windows Live
2015-01-28 11:42 - 2012-04-30 15:20 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\banking and reciets
2015-01-27 18:47 - 2011-10-03 12:59 - 00000000 ____D () C:\ProgramData\Kodak
2015-01-26 20:53 - 2013-09-02 19:35 - 00000000 ____D () C:\ProgramData\Real
2015-01-26 10:56 - 2012-08-30 08:17 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Autobahn
2015-01-26 03:31 - 2014-08-13 19:28 - 00000000 ____D () C:\ProgramData\Acronis
2015-01-26 03:09 - 2010-12-16 16:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 03:00 - 2014-08-13 19:28 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-01-26 03:00 - 2014-08-13 19:28 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2015-01-26 03:00 - 2014-08-13 19:27 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-01-25 19:45 - 2011-10-20 10:55 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-01-25 13:01 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\xls docs most but not all
2015-01-25 13:01 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Nikki
2015-01-25 13:01 - 2011-01-05 20:35 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\eBooks
2015-01-25 13:00 - 2011-01-05 20:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_FTS
2015-01-25 13:00 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Tay's Folder
2015-01-25 12:59 - 2011-10-20 23:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_SouthLine
2015-01-25 12:59 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Politics
2015-01-25 12:58 - 2011-01-05 20:31 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Word Docs most
2015-01-25 12:55 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\1753hominy
2015-01-25 12:50 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\education
2015-01-25 12:46 - 2012-04-30 16:20 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\FBI
2015-01-25 12:34 - 2011-11-20 09:30 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Spark People
2015-01-25 12:33 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Vendors
2015-01-25 12:33 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_TMT
2015-01-25 12:32 - 2011-01-07 15:48 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Notebook
2015-01-25 12:32 - 2011-01-05 20:28 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Goats
2015-01-25 12:31 - 2013-04-04 05:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Gardening
2015-01-25 12:31 - 2011-08-23 09:07 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Autoruns
2015-01-25 12:31 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\income ideas
2015-01-25 12:31 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Beck
2015-01-25 12:30 - 2012-09-13 16:22 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Backup Assistant Plus
2015-01-25 12:29 - 2014-04-22 20:15 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\walking
2015-01-25 12:29 - 2011-01-05 20:40 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\roman shades
2015-01-25 12:28 - 2011-01-05 20:40 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\my sansa
2015-01-25 12:27 - 2013-09-19 18:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\DP Animation Maker
2015-01-25 12:27 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Customers
2015-01-25 12:25 - 2012-04-30 15:29 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\mystery folder don't delete
2015-01-25 12:24 - 2011-01-06 21:33 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\WINFAX
2015-01-25 12:24 - 2011-01-05 20:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Envelopes
2015-01-25 12:24 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Personal
2015-01-25 12:24 - 2010-12-16 15:00 - 00000000 __HDC () C:\ProgramData\{04A07C23-5821-4F25-BF46-1188636AE238}
2015-01-25 12:21 - 2011-04-11 05:22 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA easyRip
2015-01-25 12:21 - 2011-02-04 16:49 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My zip
2015-01-25 12:20 - 2013-07-27 13:12 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center960468661
2015-01-25 12:20 - 2013-07-27 13:12 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center960468661
2015-01-25 12:20 - 2012-10-25 16:32 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1541633577
2015-01-25 12:20 - 2012-10-25 15:19 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1076999683
2015-01-25 12:20 - 2012-09-17 13:39 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center974020850
2015-01-25 12:20 - 2012-09-17 12:51 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1781961178
2015-01-25 12:20 - 2012-08-24 15:37 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center721741846
2015-01-25 12:20 - 2012-07-22 13:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center1511086347
2015-01-25 12:20 - 2012-07-22 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center1511086347
2015-01-25 12:19 - 2013-09-04 23:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Freecorder1
2015-01-25 12:17 - 2014-10-02 07:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 12:17 - 2013-05-20 19:44 - 00000000 ____D () C:\Users\DEBBYSDELL\.gimp-2.8
2015-01-25 12:16 - 2013-09-02 18:58 - 00000000 ___SD () C:\ComboFix
2015-01-25 12:16 - 2012-12-16 23:17 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\MyHeritage
2015-01-25 12:16 - 2011-09-28 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-25 12:16 - 2011-01-05 21:09 - 00000000 ____D () C:\Users\DEBBYSDELL\Restored_Family Technical Services.QBB_Files
2015-01-25 12:16 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Restored_Family Technical Services.QBB_Files
2015-01-25 12:14 - 2012-08-22 14:25 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Fishing
2015-01-25 12:14 - 2011-04-11 05:26 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA Detective
2015-01-25 12:14 - 2011-04-11 05:22 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA Updater
2015-01-25 12:13 - 2011-11-08 18:36 - 00000000 ___HD () C:\Users\DEBBYSDELL\Documents\.picasaoriginals
2015-01-25 12:10 - 2014-07-13 07:13 - 00000000 ____D () C:\Program Files\My Dell
2015-01-25 12:09 - 2013-05-20 05:10 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2015-01-25 12:09 - 2011-03-19 12:43 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Webshots Data
2015-01-25 12:06 - 2010-12-16 14:28 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-25 12:05 - 2011-10-20 21:23 - 00000000 ____D () C:\Program Files (x86)\Quicken
2015-01-25 12:01 - 2011-01-07 04:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Data Sources
2015-01-25 11:59 - 2011-01-13 16:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\vertural machine info
2015-01-25 11:57 - 2014-09-26 22:14 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-25 11:57 - 2010-12-16 15:38 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-25 11:57 - 2010-12-16 15:38 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-25 11:42 - 2014-12-13 20:50 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-25 11:42 - 2013-11-18 18:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-25 11:42 - 2013-09-08 20:44 - 00000000 ____D () C:\ProgramData\IObit
2015-01-25 11:42 - 2013-02-13 16:44 - 00000000 ____D () C:\ProgramData\Motorola
2015-01-25 11:42 - 2012-02-05 08:12 - 00000000 ____D () C:\Program Files (x86)\FYZip
2015-01-25 11:42 - 2012-01-17 08:49 - 00000000 ____D () C:\ProgramData\Apple
2015-01-25 11:42 - 2011-09-29 16:49 - 00000000 ____D () C:\ProgramData\VMware
2015-01-25 11:42 - 2011-09-28 08:49 - 00000000 ____D () C:\ProgramData\Intuit
2015-01-25 11:42 - 2011-03-17 18:54 - 00000000 ____D () C:\Symbols
2015-01-25 11:42 - 2010-12-16 15:00 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-25 11:42 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-01-25 11:42 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-25 11:37 - 2013-09-02 18:33 - 00000000 ___SD () C:\32788R22FWJFW
2015-01-25 11:30 - 2012-08-30 08:18 - 00000000 ____D () C:\Users\DEBBYSDELL\.autobahn
2015-01-25 11:30 - 2011-12-14 14:38 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-25 11:30 - 2011-09-29 16:53 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\VMware
2015-01-25 11:30 - 2010-12-16 14:42 - 00000000 ____D () C:\ProgramData\Roxio
2015-01-25 11:30 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Default
2015-01-25 11:29 - 2012-07-05 13:13 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Freecorder
2015-01-25 11:26 - 2012-07-05 12:20 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Audacity
2015-01-24 20:15 - 2013-11-07 08:59 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-24 20:14 - 2014-06-06 09:36 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (DEBBYSDELL)
2015-01-20 14:57 - 2014-11-23 12:32 - 00003382 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-01-20 14:57 - 2014-11-23 12:32 - 00003258 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-01-18 03:05 - 2011-10-23 07:18 - 00781406 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 03:43 - 2014-12-01 20:07 - 00000000 ___RD () C:\Users\DEBBYSDELL\Sync
2015-01-14 03:11 - 2013-08-02 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 03:01 - 2012-01-12 03:00 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 04:05 - 2012-09-13 16:22 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\vlc
2015-01-12 20:50 - 2012-07-05 13:13 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\FLVService
2015-01-12 00:25 - 2011-09-28 09:23 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Adobe
2015-01-12 00:22 - 2010-12-16 15:38 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\SET9324.tmp
2015-01-12 00:21 - 2014-09-26 22:14 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET9C9A.tmp
2015-01-12 00:21 - 2011-10-03 12:57 - 00074462 _____ () C:\Windows\system32\Drivers\RTWAVES30.dat
2015-01-12 00:21 - 2011-10-03 12:56 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-12 00:21 - 2010-12-16 15:38 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\SET194A.tmp
2015-01-12 00:17 - 2010-10-30 15:30 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-12 00:16 - 2014-02-16 17:46 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-11 21:25 - 2014-11-16 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-11 13:57 - 2011-10-29 22:40 - 00111616 _____ () C:\Users\DEBBYSDELL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-08 20:38 - 2012-12-25 09:12 - 00000552 _____ () C:\Windows\Viewer.INI
2015-01-07 19:18 - 2012-12-16 23:16 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-01-07 09:24 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Speech

==================== Files in the root of some directories =======

2014-06-07 19:51 - 2014-12-01 11:39 - 0001953 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\.thetimelineproj.cfg
2011-09-28 16:38 - 2011-09-28 16:39 - 18551104 _____ (Dell, Inc.) C:\Users\DEBBYSDELL\AppData\Roaming\DSS_UTIL_WIN_R274693.EXE
2011-10-21 12:47 - 2011-10-21 12:47 - 0000268 ___RH () C:\Users\DEBBYSDELL\AppData\Roaming\Master
2011-10-21 16:25 - 2011-10-21 16:25 - 0000268 ___RH () C:\Users\DEBBYSDELL\AppData\Roaming\Metadata Importer
2014-01-06 13:54 - 2014-01-06 13:54 - 0018526 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\UserTile.png
2013-07-26 23:53 - 2013-07-28 23:54 - 0000054 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\WB.CFG
2013-06-15 23:53 - 2013-06-22 23:53 - 0000005 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\WBPU-TTL.DAT
2014-11-23 13:45 - 2014-11-23 13:45 - 0237067 _____ () C:\Users\DEBBYSDELL\AppData\Local\ars.cache
2014-11-23 13:45 - 2014-11-23 13:45 - 0164096 _____ () C:\Users\DEBBYSDELL\AppData\Local\census.cache
2011-10-29 22:40 - 2015-01-11 13:57 - 0111616 _____ () C:\Users\DEBBYSDELL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 13:05 - 2014-11-23 13:05 - 0000036 _____ () C:\Users\DEBBYSDELL\AppData\Local\housecall.guid.cache
2014-10-20 20:06 - 2014-10-20 20:06 - 0000860 _____ () C:\Users\DEBBYSDELL\AppData\Local\recently-used.xbel
2013-08-23 11:38 - 2013-11-23 15:38 - 0007612 _____ () C:\Users\DEBBYSDELL\AppData\Local\Resmon.ResmonCfg
2014-06-18 09:13 - 2014-06-18 09:13 - 0002120 _____ () C:\Users\DEBBYSDELL\AppData\Local\rx_audio.Cache
2014-06-18 09:13 - 2014-06-18 09:13 - 0000072 _____ () C:\Users\DEBBYSDELL\AppData\Local\rx_image32.Cache
2014-11-23 13:34 - 2014-11-23 13:34 - 0000010 _____ () C:\Users\DEBBYSDELL\AppData\Local\sponge.last.runtime.cache
2014-11-26 11:47 - 2014-11-26 11:48 - 0000212 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-02-01 11:17 - 2015-02-02 13:32 - 0001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-10-21 12:47 - 2011-10-21 17:14 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2011-10-21 16:25 - 2011-10-23 13:01 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT

Files to move or delete:
====================
C:\Users\DEBBYSDELL\jagex_cl_oldschool_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE1.dat
C:\Users\DEBBYSDELL\random.dat

Some content of TEMP:
====================
C:\Users\DEBBYSDELL\AppData\Local\Temp\30ff90a9-9e10-4952-8efe-45da202d2cd4.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ekawt.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna1758210098171797506.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2583965754011175209.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2759845749040214698.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3163535325871541403.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3419579626710917855.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna6870877155347712589.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna7742220009438866774.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna8440838270822722207.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\procexp64.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\SpOrder.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-11 22:57

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by DEBBYSDELL at 2015-02-05 10:12:37
Running from C:\Users\DEBBYSDELL\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip File Manager version 9.20 (HKLM-x32\...\{863448D4-F184-4B21-A46B-323C97A2D038}_is1) (Version: 9.20 - Download Freely, LLC)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 6.2.3.10 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVerMedia H339 Hybrid Analog/ATSC/QAM 2.2.64.95 (HKLM-x32\...\AVerMedia H339 Hybrid Analog/ATSC/QAM) (Version: 2.2.64.95 - AVerMedia TECHNOLOGIES, Inc.)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.7200 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Booster-Web (HKU\S-1-5-21-3099934832-2828090357-232914698-1000 Version: 4 - ${CompanyName}) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.6523 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Driver Download Manager (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Face Recognition (HKLM\...\{89B67536-F9F9-4E62-92FC-2150FF8DF22C}) (Version: 3.0.56.1 - Sensible Vision)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.1 - Nikon)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.2.23 - Open source)
Freeplane (HKLM-x32\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.1.3 - Open source)
FYZip 1.00 (HKLM-x32\...\FYZip) (Version: 1.00 - TightRope Interactive)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GimpShop 2.8 (HKLM-x32\...\{3F1C9552-58E0-4AAC-A616-AE3A28720EC6}) (Version: 2.8 - GimpShop)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}) (Version: 13.01.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FAE224AF-B15E-448B-88FA-1839A7570CF8}) (Version: 2.00.0011 - Intel Corporation)
Interlinear Scripture Analyzer 2 basic (HKLM\...\{C8F753CF-C578-4138-A870-33149B689FFD}) (Version: 2.1.5.0 - Scripture4all Foundation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IObit Apps Toolbar v9.3 (HKLM-x32\...\{70D6C4BA-DCBE-41C9-BDFA-DA9819E3501C}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
ISA 2 - CLV module 1.2.0 (HKLM\...\{0915922B-7D64-4063-A8F4-312B7B9FDC3D}) (Version: 1.2.0 - Scripture4All Foundation)
ISA 2.0 - YLT module 1.2.1 (HKLM-x32\...\ISA 2.0 - YLT module) (Version: 1.2.1 - Scripture4all.org)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java™ 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000F0}) (Version: 7.0.0 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keyboard Lock Status (HKLM-x32\...\{144A1586-E16C-448D-910D-E12ACD65DD98}) (Version: 1.00.0000 - Logitech)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7101 - MyHeritage.com)
MyMedia (HKLM-x32\...\{9F96A8F9-25CA-47B6-9378-231D2CD25E7B}) (Version: 3.10.1 - MediaMall Technologies, Inc.)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.0 - Nikon)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5939 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.6 - Nikon)
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.4 - Pinterest)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
QuickCAD Release 8 (HKLM-x32\...\{754D16CC-F427-4539-B934-AF36FCE4F8FC}) (Version: 8.00.0000 - Autodesk, Inc.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Sansa Updater (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Sansa Updater) (Version: 1.304 - SanDisk Corporation)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Synei System Utilities (HKLM-x32\...\{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1) (Version: 1.98 - Synei)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
Timeline 1.2.4 (HKLM-x32\...\Timeline_is1) (Version:  - Rickard Lindberg <ricli85@gmail.com>)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax Business 2011 (HKLM-x32\...\TurboTax Business 2011) (Version:  - Intuit, Inc)
TurboTax Business 2012 (HKLM-x32\...\TurboTax Business 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.4.0 - Nikon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinZip System Utilities Suite (HKLM-x32\...\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1) (Version: 2.5.1000.15714 - WinZip Computing, S.L. (WinZip Computing))
WinZip Update Manager (HKLM-x32\...\{8841a7c2-161b-43f3-a7d4-842f3a518bd4}) (Version: 1.0.1.23 - WinZip Computing, S.L.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

04-02-2015 10:15:38 System Protector
04-02-2015 12:12:12 Configured Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:13:49 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:15:07 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:16:24 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:17:40 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:18:56 Installed Renesas Electronics USB 3.0 Host Controller Driver

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-01-03 12:31 - 00000741 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00B42730-3560-4F9F-8A00-C5E37E5FD9A5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-17] (IObit)
Task: {02BEA322-EF59-40AB-9BEF-23944539FB85} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {09BB825D-6277-43F4-9A6B-51E820303966} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {0ACF2899-4BAD-4D6B-B332-66A7C3AB086C} - System32\Tasks\WSUS-System Protector_startup => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSystemProtector.exe [2014-11-27] (Nico Mak Computing)
Task: {137BC248-65FA-4863-BACF-04CDAEDC6008} - System32\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1444BED4-2CF1-492F-B7E1-0C2F850AF04D} - System32\Tasks\{6F3E81F2-5132-4200-9DC1-6BB166F826BE} => pcalua.exe -a D:\MSETUP.EXE -d D:\
Task: {1607EA51-01D0-41D4-BEF8-5A9B2FF360E8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3099934832-2828090357-232914698-1000
Task: {24D1856F-1339-4FEB-84BD-57B5D6D89CEB} - System32\Tasks\sondhschedule => C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe [2015-01-27] ()
Task: {25B888E6-1918-4B40-A3B4-CAEE25DF5F06} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {299027E9-8D39-4CFA-A880-C3B26E835A2C} - System32\Tasks\{B86EFFD6-8D6D-4C28-B0DE-F51C94DD02CF} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp2_propertyevaluator.zip\Setup.exe
Task: {2C42085B-C18B-4FB3-8003-BDA585EE6B6F} - System32\Tasks\Softland\FBackup 5\fba_e drive => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE
Task: {4082E8AE-C5BE-4920-8957-47DB5D7A2BD0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {47C6183E-41A4-4A10-900B-84AA25C7965D} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {480CDA35-94AB-43C1-870E-89EF53984CAF} - System32\Tasks\Opera scheduled Autoupdate 1403966768 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {4B9D8F10-2105-43EC-82C0-BCCE313A8014} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {5587EE14-9937-48B6-8994-567EA86C1CFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {5D4C5976-8888-4C9B-8499-84BAAA394617} - System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe [2014-11-27] (WinZip Computing, S.L. (WinZip Computing))
Task: {689F0549-7FEB-4DD4-BEF2-C71973BC17C3} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6901EB26-8933-4603-B3C9-169A869DCB35} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {71411EDD-E555-42EA-A2A5-B83C71503424} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7194B92C-91E0-4185-9EBE-9259CFA4834A} - System32\Tasks\{CE75F08B-E006-464C-B51E-A38D1F2E2062} => pcalua.exe -a C:\Users\DEBBYSDELL\Documents\eBooks\bookcdrom\spchapi.exe -d C:\Users\DEBBYSDELL\Documents\eBooks\bookcdrom
Task: {760BF71C-098F-4FB8-A514-EC8DDD30A830} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7B7D9DD1-952E-4E8F-8816-484283BD2F2F} - System32\Tasks\{94E42DF3-14C5-414D-ABF5-0CA96D913AA7} => pcalua.exe -a C:\Users\DEBBYSDELL\Downloads\GoogleCalendarSync_Installer(2).exe -d C:\Windows\system32
Task: {82A053C6-AAA6-4C6A-9181-F351A3DA8BDB} - System32\Tasks\Uninstaller_SkipUac_DEBBYSDELL => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {82B22F51-CCE2-468B-A9CD-F98FD94D7B13} - System32\Tasks\Softland\FBackup 5\fba_c drive => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE
Task: {88C9F724-4855-49C9-8939-4E0EAFC8C148} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {92C4A4BA-6774-43E3-B4EB-3B0ED2A6C0BB} - System32\Tasks\PastaLeads => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {9AB572FD-704D-4454-B872-94C6195A2E8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9D611522-C163-4959-945F-6AAAEA95461B} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-11-29] ()
Task: {9EBE8862-3914-4DF7-B74B-95FD0D460AC9} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9EE050D9-8B33-4CC8-A48A-40F418F6A9C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-31] (Adobe Systems Incorporated)
Task: {AB7323E3-2E35-44B1-A9A3-D57C6D9D1043} - System32\Tasks\{967437A2-8786-401F-8B5C-34169CCBFB98} => pcalua.exe -a C:\Users\DEBBYSDELL\Downloads\googlecalendarsync_installer.exe -d C:\Users\DEBBYSDELL\Downloads
Task: {BCDD4686-B3FE-4F93-BFA9-31031ADBA54C} - System32\Tasks\Driver Booster SkipUAC (DEBBYSDELL) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {BEDA4828-8FB1-435A-B2C8-9060A7C200A9} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {C44D3FDE-D240-4079-9687-8CA77F48F3A5} - System32\Tasks\ASC8_SkipUac_DEBBYSDELL => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-17] (IObit)
Task: {C842D636-D284-4198-A1F6-6B0C433D38E0} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CBD6085F-BC9F-4622-86C9-D24E3AC913E0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {D512FA71-64DC-4CFE-B169-9829417A8B19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E5A51CF9-6361-4AB1-832F-CD42D7755D70} - System32\Tasks\{972B1B60-358D-434A-8C7B-C3014EBB7D88} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip\Setup.exe
Task: {EB1AF8C2-5C8B-47DD-8954-535F755AD435} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-11-29 08:26 - 2014-12-13 02:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-19 16:27 - 2010-01-19 16:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-19 16:27 - 2010-01-19 16:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-16 14:25 - 2010-09-24 10:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2009-06-18 21:46 - 2009-06-18 21:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-06-18 21:46 - 2009-06-18 21:46 - 01554928 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\DEBBYSDELL\Documents\Invoice from Family Technical Services 1516 900611.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: dellsupportcenter =>
MSCONFIG\startupreg: DW7 =>
MSCONFIG\startupreg: LogMeIn GUI =>
MSCONFIG\startupreg: Memeo Instant Backup =>
MSCONFIG\startupreg: Seagate Dashboard =>
MSCONFIG\startupreg: SearchSettings =>
MSCONFIG\startupreg: swg =>

==================== Accounts: =============================

Administrator (S-1-5-21-3099934832-2828090357-232914698-500 - Administrator - Disabled)
DEBBYSDELL (S-1-5-21-3099934832-2828090357-232914698-1000 - Administrator - Enabled) => C:\Users\DEBBYSDELL
Guest (S-1-5-21-3099934832-2828090357-232914698-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3099934832-2828090357-232914698-1005 - Administrator - Enabled)
UpdatusUser (S-1-5-21-3099934832-2828090357-232914698-1006 - Administrator - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Intel® Turbo Boost Technology Driver
Description: Intel® Turbo Boost Technology Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: Impcd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® Centrino® WiMAX 6250 #2
Description: Intel® Centrino® WiMAX 6250
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: bpmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2015 05:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.0.648.14990, time stamp: 0x5113a38e
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5113a333
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x1a58
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 05:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.0.648.14990, time stamp: 0x5113a38e
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5113a333
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x23c8
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:25:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x29d0
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 01:49:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x5cc
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 01:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x328
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:47:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x940
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x360
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:39:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x1684
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

System errors:
=============
Error: (02/04/2015 01:46:32 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 01:46:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 01:31:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}

Error: (02/04/2015 00:41:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2015 00:40:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
stdcfltn

Error: (02/04/2015 00:28:30 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/04/2015 00:21:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/04/2015 11:16:12 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 11:15:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 07:22:54 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Microsoft Office Sessions:
=========================
Error: (02/04/2015 05:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.0.648.149905113a38eUndeleteDLL.dll0.0.0.05113a333c00000050001754c1a5801d0406d9d498f33C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dlle1fdd173-ac60-11e4-a28d-f04da26188fe

Error: (02/04/2015 05:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.0.648.149905113a38eUndeleteDLL.dll0.0.0.05113a333c00000050001754c23c801d0406c7b4816e9C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dllc1c60e10-ac5f-11e4-a28d-f04da26188fe

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:25:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c29d001d04064e7208f12C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll2c4e1070-ac58-11e4-b3dd-f04da26188fe

Error: (02/04/2015 01:49:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c5cc01d0404f1858f88cC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll5dd04491-ac42-11e4-b0f5-f04da26188fe

Error: (02/04/2015 01:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c32801d0404ea3b7021bC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dlle9aeff81-ac41-11e4-b0f5-f04da26188fe

Error: (02/03/2015 11:47:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c94001d0403e05776f2dC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll4a37713e-ac31-11e4-b733-f04da26188fe

Error: (02/03/2015 11:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c36001d0403d10e5183eC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll554f68c5-ac30-11e4-b733-f04da26188fe

Error: (02/03/2015 11:39:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c168401d0403cfc2fffbcC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll409f1303-ac30-11e4-b733-f04da26188fe

CodeIntegrity Errors:
===================================
  Date: 2013-08-31 16:39:24.434
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-31 16:39:24.357
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 52%
Total physical RAM: 8124.38 MB
Available physical RAM: 3844.39 MB
Total Pagefile: 20308.56 MB
Available Pagefile: 15799.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:553.99 GB) (Free:161.52 GB) NTFS
Drive d: (Jan 31 2015) (CDROM) (Total:4.38 GB) (Free:4.37 GB) UDF
Drive f: (Elements) (Fixed) (Total:2794.49 GB) (Free:1539.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C13908AC)
Partition 1: (Not Active) - (Size=130 GB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=554 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End Of Log ============================

 

 

 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 09 February 2015 - 09:21 PM

Greetings PreciousMazie and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Boy oh boy, you guys have had a tough time...

Let's see what we can do to at least clean your computer. Please run the below for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {3f2ae504-aa17-4805-90e8-56e48f98731c} - No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {418ACE4E-C900-4C8E-8ADD-37E140055336} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {7abeab51-07be-42c5-89b4-c7f1a3a31816} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
2015-01-25 11:37 - 2013-09-02 18:33 - 00000000 ___SD () C:\32788R22FWJFW
C:\Users\DEBBYSDELL\jagex_cl_oldschool_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE1.dat
C:\Users\DEBBYSDELL\random.dat
C:\Users\DEBBYSDELL\AppData\Local\Temp\30ff90a9-9e10-4952-8efe-45da202d2cd4.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ekawt.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna1758210098171797506.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2583965754011175209.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2759845749040214698.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3163535325871541403.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3419579626710917855.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna6870877155347712589.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna7742220009438866774.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna8440838270822722207.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\procexp64.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\SpOrder.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
Task: {E5A51CF9-6361-4AB1-832F-CD42D7755D70} - System32\Tasks\{972B1B60-358D-434A-8C7B-C3014EBB7D88} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip\Setup.exe
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
2015-01-31 13:01 - 2015-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\Bobrowsercm
2015-01-31 13:01 - 2015-01-31 13:01 - 00000000 ____D () C:\Program Files (x86)\download Manager
C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Junkware log
  • System Summary Information
  • Update on Firefox/computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 09:38 AM

Hi OH MY,

Thank-you Thank-you Thank-you for taking the time to help me. I do not see any place to enable immediate E-Mail notification. But have left checked Follow this topic. I am assuming it means the same thing but want to check with you if that is so.

 

I have checked Firefox and it is still infected with ad/malware and now it seems so is IE as I got an ad for some malware software which slid in from the right side of the window when I came onto your site to post this. Also when I went on the net with my tablet it too now has same type of popups. I am afraid to check my phone! You see, when I found all my music was missing I reloaded it onto my computer from my tablet and phone before I came to this site to ask for help. I sure made a mess of things!

 

I think I have disabled all my spyware, virus programs ect though there are many probably too many.

 

I would like to mention that should I disappear for more than 5 days it may be because my husband who is scheduled for heart surgery on March 11 is rushed to the hospital. His heart is only working at 30% and the doctor warned that he could collapse at any time. I am praying that does not happen and we actually make the March 11 surgery date but just to let you know that I am very dedicated to clearing up this problem and that an absence on my part will only be if necessary.  There is a possibility that they could just move the surgery date up but in that case I think I would have time enough to notify you.  

 

Thank-you again for all your help may God Bless you.

 

I have attached the zip file Summery as instructed and below are the logs from the programs run.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by DEBBYSDELL (administrator) on DEBBYSDELL-PC on 10-02-2015 06:38:47
Running from C:\Users\DEBBYSDELL\Desktop
Loaded Profiles: DEBBYSDELL (Available profiles: DEBBYSDELL & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Nikon Corporation) C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
(SanDisk Corporation) C:\Users\DEBBYSDELL\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Update Manager\WZUpdateManager.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Applian Technologies, Inc.) C:\Users\DEBBYSDELL\Documents\Freecorder1\FLVSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Dropbox, Inc.) C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(WinZip Computing, S.L. (WinZip Computing)) C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe
(WinZip Computing, S.L. (WinZip Computing)) C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_257_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\vpc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\SettingsManager.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1437696 2009-09-16] (Intel® Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel® Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [Nikon Transfer Monitor] => c:\program files (x86)\common files\nikon\monitor\nkmonitor.exe [479232 2009-02-24] (Nikon Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [Family Tree Builder Update] => c:\program files (x86)\myheritage\bin\ftbcheckupdates.exe [2522624 2013-04-23] (MyHeritage)
HKLM\...\Run: [Desktop Disc Tool] => c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe [494064 2009-06-18] ()
HKLM\...\Run: [Dell Webcam Central] => c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-10-05] (RealNetworks, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5306776 2014-11-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [603904 2014-10-17] (Acronis International GmbH)
HKLM-x32\...\Run: [Freecorder FLV Service] => C:\Users\DEBBYSDELL\Documents\Freecorder1\FLVSrvc.exe [167936 2011-03-24] (Applian Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM-x32\...\Run: [RemoteControl9] => c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [FATrayAlert] => c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [93312 2010-08-17] (Sensible Vision )
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [181208 2013-04-03] (cyberlink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2013-08-12] (Renesas Electronics Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [SansaDispatch] => c:\users\debbysdell\appdata\roaming\sandisk\sansa updater\sansadispatch.exe [613888 2013-06-11] (SanDisk Corporation)
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2052 2014-04-27] ()
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-17] (IObit)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Update Manager.lnk
ShortcutTarget: WinZip Update Manager.lnk -> C:\Program Files (x86)\WinZip Update Manager\WZUpdateManager.exe (Nico Mak Computing)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * SmartDefragBootTime.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-US&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {3f2ae504-aa17-4805-90e8-56e48f98731c} - No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {418ACE4E-C900-4C8E-8ADD-37E140055336} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> F02C586C53E541218B3E612F7D3E2379 URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {1CE0AD3C-3E28-4C37-863F-85BA0DA9A3C5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {7F98DEB1-8EE6-4B2E-9574-434F7EE4ABD8} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files (x86)\Booster-Web\Booster-Web.dll (App LLC)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files (x86)\Booster-Web\Booster-Web.dll (App LLC)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {7abeab51-07be-42c5-89b4-c7f1a3a31816} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [9740800 2014-11-24] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 166.102.165.13

FireFox:
========
FF ProfilePath: C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\searchplugins\securesearch.xml
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\artur.dubovoy@gmail.com [2015-01-26]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-22]
FF Extension: Booster Web - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-01-31]
FF Extension: PlayOn - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\playonplugin@playon.tv [2014-08-26]
FF Extension: Flash and Video Download - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-01-28]
FF Extension: Zoom It - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{c6b59175-0c2b-6e7d-c19a-dcda299b1f81} [2015-02-07]
FF Extension: Evernote Web Clipper - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2015-01-24]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-02-03]
FF Extension: Ghostery - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\firefox@ghostery.com.xpi [2015-02-03]
FF Extension: Pin It Button - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-10-31]
FF Extension: Download YouTube Videos as MP4 - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-10-05]
FF Extension: Yahoo Mail Hide Ad Panel - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2015-02-03]
FF Extension: Adblock Plus - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-02]
FF Extension: Adblock Edge - C:\Users\DEBBYSDELL\AppData\Roaming\Mozilla\Firefox\Profiles\lhn2fucb.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - c:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - c:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2010-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (Kindle Cloud Reader) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-08-23]
CHR Extension: (RealDownloader) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-04]
CHR Extension: (PlayOn) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-08-26]
CHR Extension: (Google Wallet) - C:\Users\DEBBYSDELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

Opera:
=======
OPR Extension: (Evernote Web Clipper) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd [2014-06-01]
OPR Extension: (USA Live TV) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\fddkpmjfmdedbbaaolfophoeeebpcfma [2014-10-08]
OPR Extension: (Download Master) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjidkaoploafppfnkhodonjhlkedndaa [2014-10-08]
OPR Extension: (PlayOn) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-08-26]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2014-10-08]
OPR Extension: (Pinterest) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\objncbokngchniifnaijjjilieiahogg [2014-05-04]
OPR Extension: (Adblock Plus) - C:\Users\DEBBYSDELL\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-02-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-04-03] (CyberLink)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [403456 2009-09-15] (Red Bend Ltd.) [File not signed]
S3 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 FAService; c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2423936 2010-08-17] (Sensible Vision ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5826352 2014-11-24] (MediaMall Technologies, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-01-12] (Realtek Semiconductor)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [907264 2009-09-15] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WINZIPSSDiskOptimizer; C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [290424 2014-11-27] (WinZip Computing, S.L. (WinZip Computing))

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1927808 2013-08-13] (AVerMedia TECHNOLOGIES, Inc.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-01-26] (Acronis International GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2014-06-06] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-12] (Synaptics Incorporated)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-01-26] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-01-26] (Acronis International GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 06:38 - 2015-02-10 06:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Desktop\FRST-OlderVersion
2015-02-07 22:13 - 2015-02-07 22:22 - 00000308 _____ () C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000.job
2015-02-07 22:13 - 2015-02-07 22:22 - 00000300 _____ () C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000.job
2015-02-07 12:19 - 2015-02-07 12:19 - 00006616 _____ () C:\Windows\setupact.log
2015-02-07 12:19 - 2015-02-07 12:19 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-05 11:00 - 2015-02-05 11:01 - 00000200 _____ () C:\Users\DEBBYSDELL\Desktop\new need help at bleeping.url
2015-02-05 10:12 - 2015-02-05 10:13 - 00048523 _____ () C:\Users\DEBBYSDELL\Desktop\Addition.txt
2015-02-05 10:11 - 2015-02-10 06:38 - 00039819 _____ () C:\Users\DEBBYSDELL\Desktop\FRST.txt
2015-02-05 10:09 - 2015-02-10 06:38 - 02132992 _____ (Farbar) C:\Users\DEBBYSDELL\Desktop\FRST64.exe
2015-02-05 10:08 - 2015-02-05 10:08 - 00000000 ____D () C:\Users\DEBBYSDELL\Downloads\not sure what all these are
2015-02-04 14:01 - 2015-02-04 14:01 - 00001108 _____ () C:\Users\Public\Desktop\DriveImage XML.lnk
2015-02-04 13:59 - 2015-02-04 13:58 - 02026456 _____ () C:\Users\DEBBYSDELL\Desktop\dixmlsetup.exe
2015-02-04 13:54 - 2015-02-04 13:54 - 00000217 _____ () C:\Users\DEBBYSDELL\Desktop\prep guide bleeping.url
2015-02-04 12:20 - 2015-02-04 12:27 - 00001676 _____ () C:\Windows\system32\ASOROSet.bin
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\2C0A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0C0A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0C04
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0816
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0804
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0424
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041F
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041E
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041D
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\041B
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0419
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0416
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0415
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0414
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0413
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0412
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0411
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0410
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040E
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040D
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040C
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040B
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\040A
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0408
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0407
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0406
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0405
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0404
2015-02-04 12:12 - 2015-02-04 12:12 - 00000000 ____D () C:\Windows\system32\0401
2015-02-04 11:17 - 2009-02-05 10:53 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-02-04 11:15 - 2015-02-04 11:15 - 00000000 ____D () C:\Windows\Driver Cache
2015-02-04 11:15 - 2015-02-04 11:15 - 00000000 ____D () C:\Program Files (x86)\AVerMedia
2015-02-04 11:15 - 2013-08-13 03:06 - 01927808 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\Drivers\AVer7231_x64.sys
2015-02-04 11:15 - 2013-03-25 02:13 - 00115032 _____ (NXP Semiconductors Germany GmbH) C:\Windows\SysWOW64\NXPMV64.dll
2015-02-04 10:16 - 2015-02-04 10:16 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403966768
2015-02-04 05:38 - 2015-02-04 12:42 - 00003128 _____ () C:\Windows\System32\Tasks\WSUS-System Protector_startup
2015-02-04 05:18 - 2015-02-04 12:47 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\WinZip
2015-02-04 05:18 - 2015-02-04 12:30 - 00000520 _____ () C:\Windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job
2015-02-04 05:18 - 2015-02-04 05:18 - 00003406 _____ () C:\Windows\System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\ProgramData\WinZip
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip System Utilities Suite
2015-02-04 05:17 - 2015-02-04 12:48 - 00000000 ____D () C:\Program Files (x86)\WinZip System Utilities Suite
2015-02-04 05:17 - 2014-11-27 12:13 - 00019064 _____ (WinZip Computing, S.L.(WinZip Computing)) C:\Windows\system32\roboot64.exe
2015-02-04 05:17 - 2014-10-01 18:04 - 00020480 _____ () C:\Windows\system32\sasnative64.exe
2015-02-04 04:00 - 2015-02-04 04:00 - 00000000 ____D () C:\Windows\Repair
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\WinZip Update Manager
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\Corel
2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\Program Files (x86)\WinZip Update Manager
2015-02-03 22:49 - 2015-02-03 22:49 - 1271636504 _____ () C:\Windows\MEMORY.DMP
2015-02-03 13:24 - 2015-02-03 13:24 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\LavasoftStatistics
2015-02-03 13:23 - 2015-02-03 13:23 - 00005184 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-03 13:23 - 2015-02-03 13:23 - 00002880 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-03 13:23 - 2015-02-03 13:23 - 00002880 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-03 13:23 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-03 13:23 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-02-03 11:37 - 2015-02-03 11:37 - 00001160 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-03 11:37 - 2015-02-03 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 10:38 - 2015-02-10 03:00 - 00545116 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 10:25 - 2015-02-03 10:25 - 00140648 _____ () C:\Users\DEBBYSDELL\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 10:20 - 2015-02-03 22:50 - 00512904 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 13:30 - 2015-02-02 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax Business 2014
2015-02-02 13:21 - 2015-02-02 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-02-02 05:53 - 2015-02-08 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2015-02-02 05:53 - 2015-02-02 05:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-02-02 05:52 - 2015-02-02 05:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-02-01 19:22 - 2015-02-01 19:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.6
2015-02-01 18:08 - 2015-02-03 15:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 18:08 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 18:08 - 2015-02-01 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-01 18:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 18:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 18:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-31 18:03 - 2015-01-31 18:07 - 00000000 ____D () C:\Program Files (x86)\Booster-Web
2015-01-31 13:09 - 2015-01-31 13:09 - 00003532 _____ () C:\Windows\System32\Tasks\PastaLeads
2015-01-31 13:04 - 2015-01-31 13:05 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web
2015-01-31 13:04 - 2015-01-31 13:04 - 00003308 _____ () C:\Windows\System32\Tasks\sondhschedule
2015-01-31 13:01 - 2015-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\Bobrowsercm
2015-01-31 13:01 - 2015-01-31 13:01 - 00000000 ____D () C:\Program Files (x86)\download Manager
2015-01-28 13:05 - 2015-01-28 13:05 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\OfficeRecovery
2015-01-27 18:23 - 2015-01-27 18:23 - 00038912 ___SH () C:\Users\DEBBYSDELL\Downloads\Thumbs.db
2015-01-26 23:26 - 2015-01-26 23:26 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\MusE
2015-01-26 23:26 - 2015-01-26 23:26 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\MusE
2015-01-26 22:50 - 2015-01-26 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-01-26 22:50 - 2015-01-26 22:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2015-01-26 20:56 - 2015-01-26 20:56 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-26 16:13 - 2015-02-03 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 03:01 - 2015-01-26 03:01 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2015-01-26 03:00 - 2015-01-26 03:00 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2015-01-26 03:00 - 2015-01-26 03:00 - 00001218 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2015-01-26 03:00 - 2015-01-26 03:00 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\805E0580-FE2C-4927-9C71-6F03C79A4E79
2015-01-26 02:17 - 2015-01-26 02:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Acronisreport
2015-01-26 02:17 - 2015-01-26 02:17 - 00014848 ___SH () C:\Users\DEBBYSDELL\Thumbs.db
2015-01-26 02:09 - 2015-02-04 12:43 - 00000000 ___RD () C:\Users\DEBBYSDELL\Sync(1)
2015-01-25 19:21 - 2015-02-06 12:08 - 00332288 ___SH () C:\Users\DEBBYSDELL\Desktop\Thumbs.db
2015-01-25 11:57 - 2015-01-25 11:57 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-25 11:57 - 2015-01-25 11:57 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-25 11:57 - 2015-01-25 11:57 - 00027983 _____ () C:\Windows\system32\nvinfo.pb
2015-01-25 11:55 - 2015-01-25 11:55 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-25 11:55 - 2015-01-25 11:55 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-25 11:55 - 2015-01-25 11:55 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-13 17:26 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:26 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:26 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:26 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:26 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:26 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:26 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 17:18 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 17:18 - 2014-12-11 11:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 17:17 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 17:17 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 17:17 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 17:17 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 00:32 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-12 00:32 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-12 00:32 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-12 00:32 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-12 00:32 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-12 00:32 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-12 00:32 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-12 00:32 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-12 00:32 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-12 00:32 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-12 00:32 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-12 00:32 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-12 00:32 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-12 00:32 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-12 00:32 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-12 00:32 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-12 00:32 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-12 00:32 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-12 00:32 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-12 00:32 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-12 00:32 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-12 00:32 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-12 00:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-12 00:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-12 00:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-12 00:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-12 00:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-12 00:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-12 00:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-12 00:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-12 00:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-12 00:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-12 00:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-12 00:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-12 00:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-12 00:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-12 00:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-12 00:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-12 00:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-12 00:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-12 00:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-12 00:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-12 00:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-12 00:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-12 00:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-12 00:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-12 00:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-12 00:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-12 00:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-12 00:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-12 00:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-12 00:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-12 00:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-12 00:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-12 00:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-12 00:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-12 00:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-12 00:28 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-12 00:28 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-12 00:28 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-12 00:28 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-12 00:28 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-12 00:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-12 00:28 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-12 00:28 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-12 00:28 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-12 00:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-12 00:28 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-12 00:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-12 00:28 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-12 00:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-12 00:28 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-12 00:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-12 00:28 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-12 00:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-12 00:28 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-12 00:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-12 00:28 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-12 00:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-12 00:28 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-12 00:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-12 00:21 - 2015-01-12 00:21 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2015-01-12 00:21 - 2015-01-12 00:21 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat
2015-01-12 00:19 - 2015-01-12 00:19 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-12 00:19 - 2015-01-12 00:19 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-12 00:19 - 2015-01-12 00:19 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-12 00:19 - 2015-01-12 00:19 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-12 00:18 - 2015-01-12 00:18 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-12 00:17 - 2015-01-12 00:17 - 00942808 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-12 00:17 - 2015-01-12 00:17 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-12 00:15 - 2015-01-12 00:15 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-12 00:15 - 2015-01-12 00:15 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-12 00:15 - 2015-01-12 00:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-12 00:11 - 2015-01-12 00:11 - 01484804 _____ () C:\Windows\system32\Drivers\besor.sbcf
2015-01-12 00:11 - 2015-01-12 00:11 - 00084992 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys
2015-01-12 00:11 - 2015-01-12 00:11 - 00084480 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys
2015-01-12 00:11 - 2015-01-12 00:11 - 00021504 _____ (Intel Corporation) C:\Windows\system32\BPCoInstaller.dll
2015-01-12 00:10 - 2015-01-12 00:10 - 00400896 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\CoSetup_x64_.ax
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_6B071461_aa.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_ca.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_aa.bin
2015-01-12 00:10 - 2015-01-12 00:10 - 00000502 _____ () C:\Windows\11317231_4B071461_8a.bin
2015-01-11 21:25 - 2015-01-11 21:25 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 06:39 - 2014-01-03 12:39 - 00000000 ____D () C:\FRST
2015-02-10 06:37 - 2011-01-07 19:49 - 00000000 ____D () C:\Users\DEBBYSDELL\Outlook Files
2015-02-10 06:16 - 2011-10-20 20:26 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 05:05 - 2011-10-19 20:47 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4B3F8CF8-5AE7-4030-B9DB-4857F4875A17}
2015-02-10 03:43 - 2013-05-20 05:08 - 00000000 ____D () C:\ProgramData\MediaMall
2015-02-09 19:16 - 2012-07-12 23:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c.job
2015-02-09 09:03 - 2012-07-05 13:13 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\FLVService
2015-02-08 14:55 - 2011-01-06 13:04 - 00000000 ___RD () C:\Users\DEBBYSDELL\Virtual Machines
2015-02-08 09:29 - 2014-08-28 12:16 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Adobe
2015-02-08 09:29 - 2012-07-06 09:15 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-08 09:29 - 2012-07-06 09:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 09:29 - 2012-04-12 04:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-08 09:29 - 2011-10-20 20:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 22:22 - 2014-12-11 04:46 - 00002922 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-02-07 22:22 - 2014-11-30 23:16 - 00002612 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-02-07 15:19 - 2012-09-13 16:22 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\vlc
2015-02-06 12:07 - 2011-10-03 12:59 - 00000000 ____D () C:\ProgramData\Kodak
2015-02-05 22:51 - 2009-07-13 22:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-05 22:51 - 2009-07-13 22:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-05 11:36 - 2009-07-13 23:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 10:08 - 2011-01-07 05:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Downloads\installed
2015-02-05 09:32 - 2014-02-24 00:57 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\MotoCast
2015-02-04 14:01 - 2012-03-07 05:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2015-02-04 12:33 - 2014-06-17 09:41 - 00000000 ___RD () C:\Users\DEBBYSDELL\Desktop\Dropbox
2015-02-04 12:33 - 2014-02-24 01:00 - 00000000 ____D () C:\Users\DEBBYSDELL\.gstreamer-0.10
2015-02-04 12:33 - 2011-10-25 11:31 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox
2015-02-04 12:32 - 2010-12-16 14:17 - 00000050 _____ () C:\Windows\system32\SupplicantTest.log
2015-02-04 12:31 - 2014-04-22 11:54 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\stickies
2015-02-04 12:31 - 2010-12-16 14:31 - 00000000 ____D () C:\Temp
2015-02-04 12:30 - 2011-10-03 13:02 - 00000000 ____D () C:\Users\DEBBYSDELL
2015-02-04 12:30 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 12:27 - 2009-07-13 20:34 - 25690112 _____ () C:\Windows\system32\config\system.bak
2015-02-04 12:27 - 2009-07-13 20:34 - 111550464 _____ () C:\Windows\system32\config\software.bak
2015-02-04 12:27 - 2009-07-13 20:34 - 00032768 _____ () C:\Windows\system32\config\security.bak
2015-02-04 12:20 - 2009-07-13 20:34 - 00094208 _____ () C:\Windows\system32\config\sam.bak
2015-02-04 12:12 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\0409
2015-02-04 11:17 - 2010-12-16 14:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-04 11:16 - 2010-12-16 14:20 - 00000000 ____D () C:\Intel
2015-02-04 10:17 - 2013-12-07 12:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-04 06:50 - 2013-12-16 10:41 - 00000000 __SHD () C:\found.000
2015-02-03 22:50 - 2011-10-23 07:17 - 00000000 ____D () C:\Windows\Minidump
2015-02-03 14:30 - 2014-06-06 14:48 - 00000000 ____D () C:\Program Files\pcmax
2015-02-03 11:08 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-02-03 10:19 - 2010-12-16 14:59 - 00000000 ____D () C:\ProgramData\Temp
2015-02-03 09:24 - 2013-08-23 11:08 - 00000000 ____D () C:\Windows\pss
2015-02-03 00:14 - 2009-07-14 01:46 - 00000000 ____D () C:\Windows\CSC
2015-02-03 00:14 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\IME
2015-02-02 21:15 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\TurboTax
2015-02-02 13:32 - 2012-02-01 11:17 - 00001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-02-02 13:29 - 2012-01-25 10:35 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2015-02-01 16:29 - 2013-11-18 18:24 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-02-01 16:02 - 2013-08-31 17:16 - 00000000 ____D () C:\AdwCleaner
2015-02-01 14:35 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Food and  Recipes
2015-01-31 19:31 - 2014-11-16 20:28 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-31 18:00 - 2013-12-11 19:14 - 40824832 _____ () C:\Windows\system32\config\components.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 111550464 _____ () C:\Windows\system32\config\software.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 05877760 _____ () C:\Windows\system32\config\default.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 00094208 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2015-01-31 18:00 - 2013-11-07 20:55 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak
2015-01-31 14:07 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\my PDF files
2015-01-31 14:04 - 2011-01-05 20:28 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Art Studies
2015-01-31 11:07 - 2011-08-11 13:30 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Kindle Content
2015-01-31 09:46 - 2012-05-10 07:38 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Windows Live
2015-01-28 11:42 - 2012-04-30 15:20 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\banking and reciets
2015-01-26 20:53 - 2013-09-02 19:35 - 00000000 ____D () C:\ProgramData\Real
2015-01-26 10:56 - 2012-08-30 08:17 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Autobahn
2015-01-26 03:31 - 2014-08-13 19:28 - 00000000 ____D () C:\ProgramData\Acronis
2015-01-26 03:09 - 2010-12-16 16:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 03:00 - 2014-08-13 19:28 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-01-26 03:00 - 2014-08-13 19:28 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2015-01-26 03:00 - 2014-08-13 19:27 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-01-25 19:45 - 2011-10-20 10:55 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-01-25 13:01 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\xls docs most but not all
2015-01-25 13:01 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Nikki
2015-01-25 13:01 - 2011-01-05 20:35 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\eBooks
2015-01-25 13:00 - 2011-01-05 20:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_FTS
2015-01-25 13:00 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Tay's Folder
2015-01-25 12:59 - 2011-10-20 23:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_SouthLine
2015-01-25 12:59 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Politics
2015-01-25 12:58 - 2011-01-05 20:31 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Word Docs most
2015-01-25 12:55 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\1753hominy
2015-01-25 12:50 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\education
2015-01-25 12:46 - 2012-04-30 16:20 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\FBI
2015-01-25 12:34 - 2011-11-20 09:30 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Spark People
2015-01-25 12:33 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Vendors
2015-01-25 12:33 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_TMT
2015-01-25 12:32 - 2011-01-07 15:48 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Notebook
2015-01-25 12:32 - 2011-01-05 20:28 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Goats
2015-01-25 12:31 - 2013-04-04 05:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Gardening
2015-01-25 12:31 - 2011-08-23 09:07 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Autoruns
2015-01-25 12:31 - 2011-01-05 20:39 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\income ideas
2015-01-25 12:31 - 2011-01-05 20:27 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Beck
2015-01-25 12:30 - 2012-09-13 16:22 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\Backup Assistant Plus
2015-01-25 12:29 - 2014-04-22 20:15 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\walking
2015-01-25 12:29 - 2011-01-05 20:40 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\roman shades
2015-01-25 12:28 - 2011-01-05 20:40 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\my sansa
2015-01-25 12:27 - 2013-09-19 18:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\DP Animation Maker
2015-01-25 12:27 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Customers
2015-01-25 12:25 - 2012-04-30 15:29 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\mystery folder don't delete
2015-01-25 12:24 - 2011-01-06 21:33 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\WINFAX
2015-01-25 12:24 - 2011-01-05 20:38 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\_Envelopes
2015-01-25 12:24 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Personal
2015-01-25 12:24 - 2010-12-16 15:00 - 00000000 __HDC () C:\ProgramData\{04A07C23-5821-4F25-BF46-1188636AE238}
2015-01-25 12:21 - 2011-04-11 05:22 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA easyRip
2015-01-25 12:21 - 2011-02-04 16:49 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My zip
2015-01-25 12:20 - 2013-07-27 13:12 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center960468661
2015-01-25 12:20 - 2013-07-27 13:12 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center960468661
2015-01-25 12:20 - 2012-10-25 16:32 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1541633577
2015-01-25 12:20 - 2012-10-25 15:19 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1076999683
2015-01-25 12:20 - 2012-09-17 13:39 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center974020850
2015-01-25 12:20 - 2012-09-17 12:51 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center1781961178
2015-01-25 12:20 - 2012-08-24 15:37 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\KODAK AiO Home Center721741846
2015-01-25 12:20 - 2012-07-22 13:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center1511086347
2015-01-25 12:20 - 2012-07-22 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center1511086347
2015-01-25 12:19 - 2013-09-04 23:18 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Freecorder1
2015-01-25 12:17 - 2014-10-02 07:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 12:17 - 2013-05-20 19:44 - 00000000 ____D () C:\Users\DEBBYSDELL\.gimp-2.8
2015-01-25 12:16 - 2013-09-02 18:58 - 00000000 ___SD () C:\ComboFix
2015-01-25 12:16 - 2012-12-16 23:17 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\MyHeritage
2015-01-25 12:16 - 2011-09-28 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-25 12:16 - 2011-01-05 21:09 - 00000000 ____D () C:\Users\DEBBYSDELL\Restored_Family Technical Services.QBB_Files
2015-01-25 12:16 - 2011-01-05 20:37 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Restored_Family Technical Services.QBB_Files
2015-01-25 12:14 - 2012-08-22 14:25 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Fishing
2015-01-25 12:14 - 2011-04-11 05:26 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA Detective
2015-01-25 12:14 - 2011-04-11 05:22 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\RCA Updater
2015-01-25 12:13 - 2011-11-08 18:36 - 00000000 ___HD () C:\Users\DEBBYSDELL\Documents\.picasaoriginals
2015-01-25 12:10 - 2014-07-13 07:13 - 00000000 ____D () C:\Program Files\My Dell
2015-01-25 12:09 - 2013-05-20 05:10 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2015-01-25 12:09 - 2011-03-19 12:43 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Webshots Data
2015-01-25 12:06 - 2010-12-16 14:28 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-25 12:05 - 2011-10-20 21:23 - 00000000 ____D () C:\Program Files (x86)\Quicken
2015-01-25 12:01 - 2011-01-07 04:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\My Data Sources
2015-01-25 11:59 - 2011-01-13 16:12 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\vertural machine info
2015-01-25 11:57 - 2014-09-26 22:14 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-25 11:57 - 2010-12-16 15:38 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-25 11:57 - 2010-12-16 15:38 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-25 11:42 - 2014-12-13 20:50 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-25 11:42 - 2013-11-18 18:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-25 11:42 - 2013-09-08 20:44 - 00000000 ____D () C:\ProgramData\IObit
2015-01-25 11:42 - 2013-02-13 16:44 - 00000000 ____D () C:\ProgramData\Motorola
2015-01-25 11:42 - 2012-02-05 08:12 - 00000000 ____D () C:\Program Files (x86)\FYZip
2015-01-25 11:42 - 2012-01-17 08:49 - 00000000 ____D () C:\ProgramData\Apple
2015-01-25 11:42 - 2011-09-29 16:49 - 00000000 ____D () C:\ProgramData\VMware
2015-01-25 11:42 - 2011-09-28 08:49 - 00000000 ____D () C:\ProgramData\Intuit
2015-01-25 11:42 - 2011-03-17 18:54 - 00000000 ____D () C:\Symbols
2015-01-25 11:42 - 2010-12-16 15:00 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-25 11:42 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-01-25 11:42 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-25 11:37 - 2013-09-02 18:33 - 00000000 ___SD () C:\32788R22FWJFW
2015-01-25 11:30 - 2012-08-30 08:18 - 00000000 ____D () C:\Users\DEBBYSDELL\.autobahn
2015-01-25 11:30 - 2011-12-14 14:38 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-25 11:30 - 2011-09-29 16:53 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Local\VMware
2015-01-25 11:30 - 2010-12-16 14:42 - 00000000 ____D () C:\ProgramData\Roxio
2015-01-25 11:30 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Default
2015-01-25 11:29 - 2012-07-05 13:13 - 00000000 ____D () C:\Users\DEBBYSDELL\Documents\Freecorder
2015-01-25 11:26 - 2012-07-05 12:20 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Audacity
2015-01-24 20:15 - 2013-11-07 08:59 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-24 20:14 - 2014-06-06 09:36 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (DEBBYSDELL)
2015-01-20 14:57 - 2014-11-23 12:32 - 00003382 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-01-20 14:57 - 2014-11-23 12:32 - 00003258 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000
2015-01-18 03:05 - 2011-10-23 07:18 - 00781406 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 03:43 - 2014-12-01 20:07 - 00000000 ___RD () C:\Users\DEBBYSDELL\Sync
2015-01-14 03:11 - 2013-08-02 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 03:01 - 2012-01-12 03:00 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 00:25 - 2011-09-28 09:23 - 00000000 ____D () C:\Users\DEBBYSDELL\AppData\Roaming\Adobe
2015-01-12 00:22 - 2010-12-16 15:38 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\SET9324.tmp
2015-01-12 00:21 - 2014-09-26 22:14 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET9C9A.tmp
2015-01-12 00:21 - 2011-10-03 12:57 - 00074462 _____ () C:\Windows\system32\Drivers\RTWAVES30.dat
2015-01-12 00:21 - 2011-10-03 12:56 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-12 00:21 - 2010-12-16 15:38 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\SET194A.tmp
2015-01-12 00:17 - 2010-10-30 15:30 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-12 00:16 - 2014-02-16 17:46 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-11 21:25 - 2014-11-16 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-11 13:57 - 2011-10-29 22:40 - 00111616 _____ () C:\Users\DEBBYSDELL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2014-06-07 19:51 - 2014-12-01 11:39 - 0001953 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\.thetimelineproj.cfg
2011-09-28 16:38 - 2011-09-28 16:39 - 18551104 _____ (Dell, Inc.) C:\Users\DEBBYSDELL\AppData\Roaming\DSS_UTIL_WIN_R274693.EXE
2011-10-21 12:47 - 2011-10-21 12:47 - 0000268 ___RH () C:\Users\DEBBYSDELL\AppData\Roaming\Master
2011-10-21 16:25 - 2011-10-21 16:25 - 0000268 ___RH () C:\Users\DEBBYSDELL\AppData\Roaming\Metadata Importer
2014-01-06 13:54 - 2014-01-06 13:54 - 0018526 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\UserTile.png
2013-07-26 23:53 - 2013-07-28 23:54 - 0000054 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\WB.CFG
2013-06-15 23:53 - 2013-06-22 23:53 - 0000005 _____ () C:\Users\DEBBYSDELL\AppData\Roaming\WBPU-TTL.DAT
2014-11-23 13:45 - 2014-11-23 13:45 - 0237067 _____ () C:\Users\DEBBYSDELL\AppData\Local\ars.cache
2014-11-23 13:45 - 2014-11-23 13:45 - 0164096 _____ () C:\Users\DEBBYSDELL\AppData\Local\census.cache
2011-10-29 22:40 - 2015-01-11 13:57 - 0111616 _____ () C:\Users\DEBBYSDELL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 13:05 - 2014-11-23 13:05 - 0000036 _____ () C:\Users\DEBBYSDELL\AppData\Local\housecall.guid.cache
2014-10-20 20:06 - 2014-10-20 20:06 - 0000860 _____ () C:\Users\DEBBYSDELL\AppData\Local\recently-used.xbel
2013-08-23 11:38 - 2013-11-23 15:38 - 0007612 _____ () C:\Users\DEBBYSDELL\AppData\Local\Resmon.ResmonCfg
2014-06-18 09:13 - 2014-06-18 09:13 - 0002120 _____ () C:\Users\DEBBYSDELL\AppData\Local\rx_audio.Cache
2014-06-18 09:13 - 2014-06-18 09:13 - 0000072 _____ () C:\Users\DEBBYSDELL\AppData\Local\rx_image32.Cache
2014-11-23 13:34 - 2014-11-23 13:34 - 0000010 _____ () C:\Users\DEBBYSDELL\AppData\Local\sponge.last.runtime.cache
2014-11-26 11:47 - 2014-11-26 11:48 - 0000212 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-02-01 11:17 - 2015-02-02 13:32 - 0001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-10-21 12:47 - 2011-10-21 17:14 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2011-10-21 16:25 - 2011-10-23 13:01 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT

Files to move or delete:
====================
C:\Users\DEBBYSDELL\jagex_cl_oldschool_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE1.dat
C:\Users\DEBBYSDELL\random.dat

Some content of TEMP:
====================
C:\Users\DEBBYSDELL\AppData\Local\Temp\30ff90a9-9e10-4952-8efe-45da202d2cd4.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ekawt.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna1758210098171797506.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2583965754011175209.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2759845749040214698.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3163535325871541403.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3419579626710917855.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna6870877155347712589.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna7742220009438866774.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna8440838270822722207.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\procexp64.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\SpOrder.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-11 22:57

==================== End Of Log ============================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x64
Ran by DEBBYSDELL on Tue 02/10/2015 at  7:37:14.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\DEBBYSDELL\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\DEBBYSDELL\appdata\locallow\pcdr"

 

~~~ FireFox

Successfully deleted: [Folder] C:\Users\DEBBYSDELL\AppData\Roaming\mozilla\firefox\profiles\lhn2fucb.default\extensions\staged
Successfully deleted the following from C:\Users\DEBBYSDELL\AppData\Roaming\mozilla\firefox\profiles\lhn2fucb.default\prefs.js

user_pref("extensions.iobitascsurfingprotection@iobit.com.install-event-fired", true);
user_pref("extensions.xpiState", "{\"app-profile\":{\"adblockpopups@jessehakanen.net\":{\"d\":\"C:\\\\Users\\\\DEBBYSDELL\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profil

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/10/2015 at  7:42:14.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 10:21 AM

Greetings,

Thank you for the information. Very sorry to hear of your husband's illness and of course, family first.

If you have an Addition.txt document on your desktop could you please copy and paste the information you your reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 10:28 AM

Greetings,

My apologies for my last post, it was in error. It doesn't look like we ran the fix properly. Attempt it again and make sure you click the Fix button rather than the Scan button.

In addition, can you tell me the manufacturer and model number of your wireless router please.

I am going to be away from my computer for a few hours but will be right back online upon my return.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 11:47 AM

Hi,

I guess the email thing is working as I am getting email of your replys. I do have an addition.txt but it is the same one, same date as the first one I posted here. It did not make a new addition.txt when it made a new frst.txt when run today. I have run the fix again although I did tap fix not scan on the first one. Also even though addition scan was checked in FRST64 it did not make an addition.txt this time either. I hope I am not doing something wrong. Below is the new fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by DEBBYSDELL at 2015-02-10 10:40:28 Run:2
Running from C:\Users\DEBBYSDELL\Desktop
Loaded Profiles: DEBBYSDELL (Available profiles: DEBBYSDELL & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {3f2ae504-aa17-4805-90e8-56e48f98731c} - No File
URLSearchHook: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 - (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {418ACE4E-C900-4C8E-8ADD-37E140055336} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {7abeab51-07be-42c5-89b4-c7f1a3a31816} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-3099934832-2828090357-232914698-1000 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} -  No File
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
2015-01-25 11:37 - 2013-09-02 18:33 - 00000000 ___SD () C:\32788R22FWJFW
C:\Users\DEBBYSDELL\jagex_cl_oldschool_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE.dat
C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE1.dat
C:\Users\DEBBYSDELL\random.dat
C:\Users\DEBBYSDELL\AppData\Local\Temp\30ff90a9-9e10-4952-8efe-45da202d2cd4.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ekawt.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna1758210098171797506.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2583965754011175209.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2759845749040214698.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3163535325871541403.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3419579626710917855.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna6870877155347712589.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna7742220009438866774.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\jna8440838270822722207.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\procexp64.exe
C:\Users\DEBBYSDELL\AppData\Local\Temp\SpOrder.dll
C:\Users\DEBBYSDELL\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
Task: {E5A51CF9-6361-4AB1-832F-CD42D7755D70} - System32\Tasks\{972B1B60-358D-434A-8C7B-C3014EBB7D88} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip\Setup.exe
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
2015-01-31 13:01 - 2015-02-01 18:58 - 00000000 ____D () C:\Program Files (x86)\Bobrowsercm
2015-01-31 13:01 - 2015-01-31 13:01 - 00000000 ____D () C:\Program Files (x86)\download Manager
C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip
*****************

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => Key not found.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => Key not found.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => Key not found.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3f2ae504-aa17-4805-90e8-56e48f98731c} => Value not found.
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1392b8d2-5c05-419f-a8f6-b9f15a596612} => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{418ACE4E-C900-4C8E-8ADD-37E140055336} => Key not found.
HKCR\CLSID\{418ACE4E-C900-4C8E-8ADD-37E140055336} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7abeab51-07be-42c5-89b4-c7f1a3a31816} => Value not found.
HKCR\Wow6432Node\CLSID\{7abeab51-07be-42c5-89b4-c7f1a3a31816} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Value not found.
HKCR\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Key not found.
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Value not found.
HKCR\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Key not found.
HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1392B8D2-5C05-419F-A8F6-B9F15A596612} => Value not found.
HKCR\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612} => Key not found.
lmimirr => Service not found.
RimUsb => Service not found.
"C:\32788R22FWJFW" => File/Directory not found.
"C:\Users\DEBBYSDELL\jagex_cl_oldschool_LIVE.dat" => File/Directory not found.
"C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE.dat" => File/Directory not found.
"C:\Users\DEBBYSDELL\jagex_cl_runescape_LIVE1.dat" => File/Directory not found.
"C:\Users\DEBBYSDELL\random.dat" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\30ff90a9-9e10-4952-8efe-45da202d2cd4.exe" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ekawt.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna1758210098171797506.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2583965754011175209.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna2759845749040214698.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3163535325871541403.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna3419579626710917855.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna6870877155347712589.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna7742220009438866774.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\jna8440838270822722207.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\procexp64.exe" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\SpOrder.dll" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5A51CF9-6361-4AB1-832F-CD42D7755D70} => Key not found.
C:\Windows\System32\Tasks\{972B1B60-358D-434A-8C7B-C3014EBB7D88} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{972B1B60-358D-434A-8C7B-C3014EBB7D88} => Key not found.
"C:\ProgramData\Temp" => ":56E2E879" ADS not found.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
"C:\Program Files (x86)\Bobrowsercm" => File/Directory not found.
"C:\Program Files (x86)\download Manager" => File/Directory not found.
"C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip" => File/Directory not found.

==== End of Fixlog 10:40:28 ====

 



#7 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 11:54 AM

Sorry forgot about the modem info its an Actiontec model GT784/WN

 

Will be looking forward to your responses as I truly appreciate all the help!



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 03:04 PM

Greetings,

It is my pleasure to help. I would like you to copy and paste the Addition.txt report in your reply.

You did indeed hit the Fix button the first time but posted the FRST.txt report rather than the fixlog.txt report. No problem, the program did what we wanted it to do.

I am assuming you are still getting the adware with both Firefox and Internet Explorer. One of the things I am considering is resetting your modem/router back to factory setting which means it will have to be configured again. Please let me know if know how to do that or could contact your Internet Service Provider for assistance in doing that. We are not there yet, just looking at possibilities.

Please do this things.

===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Addition.txt
  • Would you be able to reconfigure your modem/router?
  • Result.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 03:39 PM

I very much like your signature verse!

 

Firefox is still infected but I have to go to two or more websites before the youradexchange window opens up behind the window I first opened. I did not see the popups in IE again but when I went to the third website IE crashed.  

 

You may do whatever you deem necessary to fix this problem and we will figure out how to get the modem configured again. Our internet provider Windstream only helps with Windstream modems. We purchased this one from TigerDirect several years ago. We set it up once I am fairly sure we can do it again.  We have a older Windstream modem as a backup so I am sure we will be fine.   Below is the Result.txt. And the old Addition.txt is below that.

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by DEBBYSDELL (administrator) on 10-02-2015 at 14:18:03
Running from "C:\Users\DEBBYSDELL\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® WiMAX 6250 = Local Area Connection 3 (Disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?* subinterface=ethernet_9 mtu=1477
add address name="ethernet_13" address=192.168.44.1 mask=255.255.255.0
add address name="ethernet_14" address=192.168.80.1 mask=255.255.255.0

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DEBBYSDELL-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-23-15-8C-49-0D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-23-15-8C-49-0D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-4D-A2-61-88-FE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3986:8749:8d31:a830%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 09, 2015 6:44:56 AM
   Lease Expires . . . . . . . . . . : Wednesday, February 11, 2015 6:44:56 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 250629538
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-9C-45-27-F0-4D-A2-61-88-FE
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       166.102.165.13
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
   Physical Address. . . . . . . . . : 00-23-15-8C-49-0C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  Broadcom.Home
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4002:c07::8b
   74.125.196.100
   74.125.196.101
   74.125.196.102
   74.125.196.139
   74.125.196.113
   74.125.196.138

Pinging google.com [74.125.196.102] with 32 bytes of data:
Reply from 74.125.196.102: bytes=32 time=37ms TTL=44
Reply from 74.125.196.102: bytes=32 time=37ms TTL=44

Ping statistics for 74.125.196.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 37ms, Maximum = 37ms, Average = 37ms
Server:  Broadcom.Home
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=97ms TTL=47
Reply from 206.190.36.45: bytes=32 time=133ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 97ms, Maximum = 133ms, Average = 115ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 21...00 23 15 8c 49 0d ......Microsoft Virtual WiFi Miniport Adapter #2
 15...00 23 15 8c 49 0d ......Microsoft Virtual WiFi Miniport Adapter
 11...f0 4d a2 61 88 fe ......Realtek PCIe GBE Family Controller
 10...00 23 15 8c 49 0c ......Intel® Centrino® Advanced-N 6250 AGN
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    276
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::3986:8749:8d31:a830/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

**** End of log ****

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by DEBBYSDELL at 2015-02-05 10:12:37
Running from C:\Users\DEBBYSDELL\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip File Manager version 9.20 (HKLM-x32\...\{863448D4-F184-4B21-A46B-323C97A2D038}_is1) (Version: 9.20 - Download Freely, LLC)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 6.2.3.10 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVerMedia H339 Hybrid Analog/ATSC/QAM 2.2.64.95 (HKLM-x32\...\AVerMedia H339 Hybrid Analog/ATSC/QAM) (Version: 2.2.64.95 - AVerMedia TECHNOLOGIES, Inc.)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.7200 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Booster-Web (HKU\S-1-5-21-3099934832-2828090357-232914698-1000 Version: 4 - ${CompanyName}) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.6523 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Driver Download Manager (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Face Recognition (HKLM\...\{89B67536-F9F9-4E62-92FC-2150FF8DF22C}) (Version: 3.0.56.1 - Sensible Vision)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.1 - Nikon)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.2.23 - Open source)
Freeplane (HKLM-x32\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.1.3 - Open source)
FYZip 1.00 (HKLM-x32\...\FYZip) (Version: 1.00 - TightRope Interactive)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GimpShop 2.8 (HKLM-x32\...\{3F1C9552-58E0-4AAC-A616-AE3A28720EC6}) (Version: 2.8 - GimpShop)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}) (Version: 13.01.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FAE224AF-B15E-448B-88FA-1839A7570CF8}) (Version: 2.00.0011 - Intel Corporation)
Interlinear Scripture Analyzer 2 basic (HKLM\...\{C8F753CF-C578-4138-A870-33149B689FFD}) (Version: 2.1.5.0 - Scripture4all Foundation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IObit Apps Toolbar v9.3 (HKLM-x32\...\{70D6C4BA-DCBE-41C9-BDFA-DA9819E3501C}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
ISA 2 - CLV module 1.2.0 (HKLM\...\{0915922B-7D64-4063-A8F4-312B7B9FDC3D}) (Version: 1.2.0 - Scripture4All Foundation)
ISA 2.0 - YLT module 1.2.1 (HKLM-x32\...\ISA 2.0 - YLT module) (Version: 1.2.1 - Scripture4all.org)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java™ 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000F0}) (Version: 7.0.0 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Keyboard Lock Status (HKLM-x32\...\{144A1586-E16C-448D-910D-E12ACD65DD98}) (Version: 1.00.0000 - Logitech)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7101 - MyHeritage.com)
MyMedia (HKLM-x32\...\{9F96A8F9-25CA-47B6-9378-231D2CD25E7B}) (Version: 3.10.1 - MediaMall Technologies, Inc.)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.0 - Nikon)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5939 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.6 - Nikon)
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.4 - Pinterest)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
QuickCAD Release 8 (HKLM-x32\...\{754D16CC-F427-4539-B934-AF36FCE4F8FC}) (Version: 8.00.0000 - Autodesk, Inc.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Sansa Updater (HKU\S-1-5-21-3099934832-2828090357-232914698-1000\...\Sansa Updater) (Version: 1.304 - SanDisk Corporation)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Synei System Utilities (HKLM-x32\...\{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1) (Version: 1.98 - Synei)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
Timeline 1.2.4 (HKLM-x32\...\Timeline_is1) (Version:  - Rickard Lindberg <ricli85@gmail.com>)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax Business 2011 (HKLM-x32\...\TurboTax Business 2011) (Version:  - Intuit, Inc)
TurboTax Business 2012 (HKLM-x32\...\TurboTax Business 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.4.0 - Nikon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinZip System Utilities Suite (HKLM-x32\...\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1) (Version: 2.5.1000.15714 - WinZip Computing, S.L. (WinZip Computing))
WinZip Update Manager (HKLM-x32\...\{8841a7c2-161b-43f3-a7d4-842f3a518bd4}) (Version: 1.0.1.23 - WinZip Computing, S.L.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3099934832-2828090357-232914698-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DEBBYSDELL\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

04-02-2015 10:15:38 System Protector
04-02-2015 12:12:12 Configured Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:13:49 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:15:07 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:16:24 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:17:40 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-02-2015 12:18:56 Installed Renesas Electronics USB 3.0 Host Controller Driver

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-01-03 12:31 - 00000741 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00B42730-3560-4F9F-8A00-C5E37E5FD9A5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-17] (IObit)
Task: {02BEA322-EF59-40AB-9BEF-23944539FB85} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {09BB825D-6277-43F4-9A6B-51E820303966} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {0ACF2899-4BAD-4D6B-B332-66A7C3AB086C} - System32\Tasks\WSUS-System Protector_startup => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSSystemProtector.exe [2014-11-27] (Nico Mak Computing)
Task: {137BC248-65FA-4863-BACF-04CDAEDC6008} - System32\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1444BED4-2CF1-492F-B7E1-0C2F850AF04D} - System32\Tasks\{6F3E81F2-5132-4200-9DC1-6BB166F826BE} => pcalua.exe -a D:\MSETUP.EXE -d D:\
Task: {1607EA51-01D0-41D4-BEF8-5A9B2FF360E8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3099934832-2828090357-232914698-1000
Task: {24D1856F-1339-4FEB-84BD-57B5D6D89CEB} - System32\Tasks\sondhschedule => C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe [2015-01-27] ()
Task: {25B888E6-1918-4B40-A3B4-CAEE25DF5F06} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {299027E9-8D39-4CFA-A880-C3B26E835A2C} - System32\Tasks\{B86EFFD6-8D6D-4C28-B0DE-F51C94DD02CF} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp2_propertyevaluator.zip\Setup.exe
Task: {2C42085B-C18B-4FB3-8003-BDA585EE6B6F} - System32\Tasks\Softland\FBackup 5\fba_e drive => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE
Task: {4082E8AE-C5BE-4920-8957-47DB5D7A2BD0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {47C6183E-41A4-4A10-900B-84AA25C7965D} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {480CDA35-94AB-43C1-870E-89EF53984CAF} - System32\Tasks\Opera scheduled Autoupdate 1403966768 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {4B9D8F10-2105-43EC-82C0-BCCE313A8014} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {5587EE14-9937-48B6-8994-567EA86C1CFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {5D4C5976-8888-4C9B-8499-84BAAA394617} - System32\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe [2014-11-27] (WinZip Computing, S.L. (WinZip Computing))
Task: {689F0549-7FEB-4DD4-BEF2-C71973BC17C3} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {6901EB26-8933-4603-B3C9-169A869DCB35} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {71411EDD-E555-42EA-A2A5-B83C71503424} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7194B92C-91E0-4185-9EBE-9259CFA4834A} - System32\Tasks\{CE75F08B-E006-464C-B51E-A38D1F2E2062} => pcalua.exe -a C:\Users\DEBBYSDELL\Documents\eBooks\bookcdrom\spchapi.exe -d C:\Users\DEBBYSDELL\Documents\eBooks\bookcdrom
Task: {760BF71C-098F-4FB8-A514-EC8DDD30A830} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7B7D9DD1-952E-4E8F-8816-484283BD2F2F} - System32\Tasks\{94E42DF3-14C5-414D-ABF5-0CA96D913AA7} => pcalua.exe -a C:\Users\DEBBYSDELL\Downloads\GoogleCalendarSync_Installer(2).exe -d C:\Windows\system32
Task: {82A053C6-AAA6-4C6A-9181-F351A3DA8BDB} - System32\Tasks\Uninstaller_SkipUac_DEBBYSDELL => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {82B22F51-CCE2-468B-A9CD-F98FD94D7B13} - System32\Tasks\Softland\FBackup 5\fba_c drive => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE
Task: {88C9F724-4855-49C9-8939-4E0EAFC8C148} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {92C4A4BA-6774-43E3-B4EB-3B0ED2A6C0BB} - System32\Tasks\PastaLeads => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {9AB572FD-704D-4454-B872-94C6195A2E8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9D611522-C163-4959-945F-6AAAEA95461B} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-11-29] ()
Task: {9EBE8862-3914-4DF7-B74B-95FD0D460AC9} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9EE050D9-8B33-4CC8-A48A-40F418F6A9C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-31] (Adobe Systems Incorporated)
Task: {AB7323E3-2E35-44B1-A9A3-D57C6D9D1043} - System32\Tasks\{967437A2-8786-401F-8B5C-34169CCBFB98} => pcalua.exe -a C:\Users\DEBBYSDELL\Downloads\googlecalendarsync_installer.exe -d C:\Users\DEBBYSDELL\Downloads
Task: {BCDD4686-B3FE-4F93-BFA9-31031ADBA54C} - System32\Tasks\Driver Booster SkipUAC (DEBBYSDELL) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {BEDA4828-8FB1-435A-B2C8-9060A7C200A9} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {C44D3FDE-D240-4079-9687-8CA77F48F3A5} - System32\Tasks\ASC8_SkipUac_DEBBYSDELL => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-17] (IObit)
Task: {C842D636-D284-4198-A1F6-6B0C433D38E0} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3099934832-2828090357-232914698-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CBD6085F-BC9F-4622-86C9-D24E3AC913E0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {D512FA71-64DC-4CFE-B169-9829417A8B19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E5A51CF9-6361-4AB1-832F-CD42D7755D70} - System32\Tasks\{972B1B60-358D-434A-8C7B-C3014EBB7D88} => pcalua.exe -a C:\Users\DEBBYSDELL\AppData\Local\Temp\Temp1_propertyevaluator.zip\Setup.exe
Task: {EB1AF8C2-5C8B-47DD-8954-535F755AD435} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cd60bb286453c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WINZIPSS-WINZIPSSAutoCheckUpdate7Days.job => C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSCheckUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-11-29 08:26 - 2014-12-13 02:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-19 16:27 - 2010-01-19 16:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-19 16:27 - 2010-01-19 16:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-16 14:25 - 2010-09-24 10:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2009-06-18 21:46 - 2009-06-18 21:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-06-18 21:46 - 2009-06-18 21:46 - 01554928 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\DEBBYSDELL\Documents\Invoice from Family Technical Services 1516 900611.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3099934832-2828090357-232914698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DEBBYSDELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: dellsupportcenter =>
MSCONFIG\startupreg: DW7 =>
MSCONFIG\startupreg: LogMeIn GUI =>
MSCONFIG\startupreg: Memeo Instant Backup =>
MSCONFIG\startupreg: Seagate Dashboard =>
MSCONFIG\startupreg: SearchSettings =>
MSCONFIG\startupreg: swg =>

==================== Accounts: =============================

Administrator (S-1-5-21-3099934832-2828090357-232914698-500 - Administrator - Disabled)
DEBBYSDELL (S-1-5-21-3099934832-2828090357-232914698-1000 - Administrator - Enabled) => C:\Users\DEBBYSDELL
Guest (S-1-5-21-3099934832-2828090357-232914698-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3099934832-2828090357-232914698-1005 - Administrator - Enabled)
UpdatusUser (S-1-5-21-3099934832-2828090357-232914698-1006 - Administrator - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Intel® Turbo Boost Technology Driver
Description: Intel® Turbo Boost Technology Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: Impcd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® Centrino® WiMAX 6250 #2
Description: Intel® Centrino® WiMAX 6250
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: bpmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2015 05:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.0.648.14990, time stamp: 0x5113a38e
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5113a333
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x1a58
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 05:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.0.648.14990, time stamp: 0x5113a38e
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5113a333
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x23c8
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:25:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x29d0
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 01:49:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x5cc
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/04/2015 01:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1100.16429, time stamp: 0x5476c69a
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5476c63b
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x328
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:47:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x940
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x360
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

Error: (02/03/2015 11:39:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINZIPSSUndelete.exe, version: 2.7.1000.16429, time stamp: 0x5460b0f6
Faulting module name: UndeleteDLL.dll, version: 0.0.0.0, time stamp: 0x5460b08c
Exception code: 0xc0000005
Fault offset: 0x0001754c
Faulting process id: 0x1684
Faulting application start time: 0xWINZIPSSUndelete.exe0
Faulting application path: WINZIPSSUndelete.exe1
Faulting module path: WINZIPSSUndelete.exe2
Report Id: WINZIPSSUndelete.exe3

System errors:
=============
Error: (02/04/2015 01:46:32 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 01:46:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 01:31:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}

Error: (02/04/2015 00:41:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2015 00:40:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
stdcfltn

Error: (02/04/2015 00:28:30 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/04/2015 00:21:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (02/04/2015 11:16:12 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 11:15:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/04/2015 07:22:54 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Microsoft Office Sessions:
=========================
Error: (02/04/2015 05:28:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.0.648.149905113a38eUndeleteDLL.dll0.0.0.05113a333c00000050001754c1a5801d0406d9d498f33C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dlle1fdd173-ac60-11e4-a28d-f04da26188fe

Error: (02/04/2015 05:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.0.648.149905113a38eUndeleteDLL.dll0.0.0.05113a333c00000050001754c23c801d0406c7b4816e9C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dllc1c60e10-ac5f-11e4-a28d-f04da26188fe

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:59:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (02/04/2015 04:25:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c29d001d04064e7208f12C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll2c4e1070-ac58-11e4-b3dd-f04da26188fe

Error: (02/04/2015 01:49:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c5cc01d0404f1858f88cC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll5dd04491-ac42-11e4-b0f5-f04da26188fe

Error: (02/04/2015 01:46:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1100.164295476c69aUndeleteDLL.dll0.0.0.05476c63bc00000050001754c32801d0404ea3b7021bC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dlle9aeff81-ac41-11e4-b0f5-f04da26188fe

Error: (02/03/2015 11:47:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c94001d0403e05776f2dC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll4a37713e-ac31-11e4-b733-f04da26188fe

Error: (02/03/2015 11:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c36001d0403d10e5183eC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll554f68c5-ac30-11e4-b733-f04da26188fe

Error: (02/03/2015 11:39:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINZIPSSUndelete.exe2.7.1000.164295460b0f6UndeleteDLL.dll0.0.0.05460b08cc00000050001754c168401d0403cfc2fffbcC:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSUndelete.exeC:\Program Files (x86)\WinZip System Utilities Suite\UndeleteDLL.dll409f1303-ac30-11e4-b733-f04da26188fe

CodeIntegrity Errors:
===================================
  Date: 2013-08-31 16:39:24.434
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-31 16:39:24.357
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 52%
Total physical RAM: 8124.38 MB
Available physical RAM: 3844.39 MB
Total Pagefile: 20308.56 MB
Available Pagefile: 15799.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:553.99 GB) (Free:161.52 GB) NTFS
Drive d: (Jan 31 2015) (CDROM) (Total:4.38 GB) (Free:4.37 GB) UDF
Drive f: (Elements) (Fixed) (Total:2794.49 GB) (Free:1539.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C13908AC)
Partition 1: (Not Active) - (Size=130 GB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=554 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End Of Log ============================



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 03:54 PM

Thank you for your encouraging words.

Here is some information you can review regarding your modem. You can also call the company for setup information if it comes to that.

Please do these things.

===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • TDSSKiller log
  • aswMBR report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 04:32 PM

Hi Oh My!

I am having a little difficulty with your last post. I have downloaded both TDSSKiller and aswMBR and have run TDSSkiller, However every time I tried to click on the link you put on about my modem IE crashes. Also although I THINK I have disabled all real time protection I am not really sure that I have. My husband and I both tried to fix this problem before coming here. I will not make those mistakes again! At least I hope not. So I do not even know how many such programs are on this computer. Is there a way to find out? I sure do not want any false positives. TDSSKiller log below. Would you like me to post logs in separate emails to make them easier for you to find?

Debby

 

15:12:46.0914 0xf6f4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:14:15.0339 0xf6f4  ============================================================
15:14:15.0339 0xf6f4  Current date / time: 2015/02/10 15:14:15.0339
15:14:15.0339 0xf6f4  SystemInfo:
15:14:15.0339 0xf6f4 
15:14:15.0339 0xf6f4  OS Version: 6.1.7601 ServicePack: 1.0
15:14:15.0339 0xf6f4  Product type: Workstation
15:14:15.0339 0xf6f4  ComputerName: DEBBYSDELL-PC
15:14:15.0339 0xf6f4  UserName: DEBBYSDELL
15:14:15.0339 0xf6f4  Windows directory: C:\Windows
15:14:15.0339 0xf6f4  System windows directory: C:\Windows
15:14:15.0339 0xf6f4  Running under WOW64
15:14:15.0339 0xf6f4  Processor architecture: Intel x64
15:14:15.0339 0xf6f4  Number of processors: 8
15:14:15.0339 0xf6f4  Page size: 0x1000
15:14:15.0339 0xf6f4  Boot type: Normal boot
15:14:15.0339 0xf6f4  ============================================================
15:14:18.0284 0xf6f4  KLMD registered as C:\Windows\system32\drivers\38676449.sys
15:14:19.0678 0xf6f4  System UUID: {AA326F9C-A983-4474-2178-DB5B91DF3084}
15:14:20.0915 0xf6f4  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:14:20.0923 0xf6f4  Drive \Device\Harddisk1\DR6 - Size: 0x2BA9F400000 ( 2794.49 Gb ), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:14:20.0946 0xf6f4  ============================================================
15:14:20.0946 0xf6f4  \Device\Harddisk0\DR0:
15:14:20.0946 0xf6f4  MBR partitions:
15:14:20.0946 0xf6f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10401000, BlocksNum 0x1D4C000
15:14:20.0946 0xf6f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1214D000, BlocksNum 0x453F9000
15:14:20.0946 0xf6f4  \Device\Harddisk1\DR6:
15:14:20.0947 0xf6f4  MBR partitions:
15:14:20.0947 0xf6f4  \Device\Harddisk1\DR6\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
15:14:20.0947 0xf6f4  ============================================================
15:14:21.0018 0xf6f4  C: <-> \Device\Harddisk0\DR0\Partition2
15:14:21.0064 0xf6f4  F: <-> \Device\Harddisk1\DR6\Partition1
15:14:21.0065 0xf6f4  ============================================================
15:14:21.0065 0xf6f4  Initialize success
15:14:21.0065 0xf6f4  ============================================================
15:14:30.0439 0x16fcc  ============================================================
15:14:30.0439 0x16fcc  Scan started
15:14:30.0439 0x16fcc  Mode: Manual;
15:14:30.0439 0x16fcc  ============================================================
15:14:30.0439 0x16fcc  KSN ping started
15:14:33.0080 0x16fcc  KSN ping finished: true
15:14:34.0757 0x16fcc  ================ Scan system memory ========================
15:14:34.0757 0x16fcc  System memory - ok
15:14:34.0757 0x16fcc  ================ Scan services =============================
15:14:34.0954 0x16fcc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:14:34.0961 0x16fcc  1394ohci - ok
15:14:35.0007 0x16fcc  [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
15:14:35.0008 0x16fcc  Acceler - ok
15:14:35.0060 0x16fcc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:14:35.0070 0x16fcc  ACPI - ok
15:14:35.0112 0x16fcc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:14:35.0113 0x16fcc  AcpiPmi - ok
15:14:35.0260 0x16fcc  [ 23FCC0ED96A71AB04328C02F0785DA89, E14829B7C8622D25454B61FE9C4085712D9147E507022A374F609047217EF13B ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:14:35.0304 0x16fcc  AcrSch2Svc - ok
15:14:35.0401 0x16fcc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:14:35.0404 0x16fcc  AdobeARMservice - ok
15:14:35.0556 0x16fcc  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:14:35.0565 0x16fcc  AdobeFlashPlayerUpdateSvc - ok
15:14:35.0618 0x16fcc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:14:35.0634 0x16fcc  adp94xx - ok
15:14:35.0661 0x16fcc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:14:35.0672 0x16fcc  adpahci - ok
15:14:35.0699 0x16fcc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:14:35.0705 0x16fcc  adpu320 - ok
15:14:35.0801 0x16fcc  [ 2F442BAA7A739EDFB8CBF6BFBE8F5388, 3D32935DFEB0EA026F9824A78A7232C08C47FE13792AC1A212239B8103F98439 ] AdvancedSystemCareService8 C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
15:14:35.0840 0x16fcc  AdvancedSystemCareService8 - ok
15:14:35.0883 0x16fcc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:14:35.0886 0x16fcc  AeLookupSvc - ok
15:14:35.0962 0x16fcc  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:14:35.0966 0x16fcc  AERTFilters - ok
15:14:36.0161 0x16fcc  [ 8588B8F21CE15DBB96A63E5F352178C1, AA4D41F0CB34A81480B2AC59C5DAF7AAE0C619DC2B816CB2FF432169A302D4BC ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:14:36.0321 0x16fcc  afcdpsrv - ok
15:14:36.0377 0x16fcc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:14:36.0403 0x16fcc  AFD - ok
15:14:36.0452 0x16fcc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:14:36.0455 0x16fcc  agp440 - ok
15:14:36.0470 0x16fcc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:14:36.0474 0x16fcc  ALG - ok
15:14:36.0521 0x16fcc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:14:36.0543 0x16fcc  aliide - ok
15:14:36.0567 0x16fcc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:14:36.0569 0x16fcc  amdide - ok
15:14:36.0578 0x16fcc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:14:36.0581 0x16fcc  AmdK8 - ok
15:14:36.0595 0x16fcc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:14:36.0598 0x16fcc  AmdPPM - ok
15:14:36.0653 0x16fcc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:14:36.0658 0x16fcc  amdsata - ok
15:14:36.0680 0x16fcc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:14:36.0689 0x16fcc  amdsbs - ok
15:14:36.0704 0x16fcc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:14:36.0706 0x16fcc  amdxata - ok
15:14:36.0742 0x16fcc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:14:36.0782 0x16fcc  AppID - ok
15:14:36.0837 0x16fcc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:14:36.0838 0x16fcc  AppIDSvc - ok
15:14:36.0947 0x16fcc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:14:36.0983 0x16fcc  Appinfo - ok
15:14:37.0163 0x16fcc  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:14:37.0166 0x16fcc  Apple Mobile Device - ok
15:14:37.0210 0x16fcc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:14:37.0218 0x16fcc  AppMgmt - ok
15:14:37.0226 0x16fcc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:14:37.0230 0x16fcc  arc - ok
15:14:37.0246 0x16fcc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:14:37.0250 0x16fcc  arcsas - ok
15:14:37.0393 0x16fcc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:14:37.0395 0x16fcc  aspnet_state - ok
15:14:37.0412 0x16fcc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:37.0413 0x16fcc  AsyncMac - ok
15:14:37.0446 0x16fcc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:14:37.0447 0x16fcc  atapi - ok
15:14:37.0519 0x16fcc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:14:37.0556 0x16fcc  AudioEndpointBuilder - ok
15:14:37.0596 0x16fcc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:14:37.0622 0x16fcc  AudioSrv - ok
15:14:37.0756 0x16fcc  [ A1085A3A309E6478CF13FEB2BDB0472A, 9344FB53470B5F959FBCD448C650ABD88EB7ED23FE2F6FA39AE6073859D9A29D ] AVer7231_x64    C:\Windows\system32\DRIVERS\AVer7231_x64.sys
15:14:37.0850 0x16fcc  AVer7231_x64 - ok
15:14:37.0895 0x16fcc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:14:37.0899 0x16fcc  AxInstSV - ok
15:14:37.0935 0x16fcc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:14:37.0961 0x16fcc  b06bdrv - ok
15:14:38.0015 0x16fcc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:14:38.0026 0x16fcc  b57nd60a - ok
15:14:38.0102 0x16fcc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:14:38.0106 0x16fcc  BDESVC - ok
15:14:38.0116 0x16fcc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:14:38.0117 0x16fcc  Beep - ok
15:14:38.0175 0x16fcc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:14:38.0213 0x16fcc  BFE - ok
15:14:38.0281 0x16fcc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:14:38.0324 0x16fcc  BITS - ok
15:14:38.0344 0x16fcc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:14:38.0346 0x16fcc  blbdrive - ok
15:14:38.0383 0x16fcc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:14:38.0408 0x16fcc  Bonjour Service - ok
15:14:38.0438 0x16fcc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:14:38.0441 0x16fcc  bowser - ok
15:14:38.0471 0x16fcc  [ BA52E57E0F10E5CD110F8B6D34EAC19F, 646DC012BFC7BD480F76276EF4E0F44025195EDD5A528BA4E54E9EF4672052AF ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
15:14:38.0474 0x16fcc  bpenum - ok
15:14:38.0512 0x16fcc  [ 7057339774618E38CFEFE0B5D1FDD58E, 8194A85CEEB04249AD39B40961BFD148D3024620E4508D8F9F774E826F8365FC ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
15:14:38.0516 0x16fcc  bpmp - ok
15:14:38.0547 0x16fcc  [ D19B8BC6A7C1B42FEDA6E91B09FA2D00, 87A73B4A33FF2A8E4EFB305816D8C96FB1E2FE671D2732BE24CD25AC54EECD55 ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
15:14:38.0550 0x16fcc  bpusb - ok
15:14:38.0564 0x16fcc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:14:38.0565 0x16fcc  BrFiltLo - ok
15:14:38.0575 0x16fcc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:14:38.0576 0x16fcc  BrFiltUp - ok
15:14:38.0594 0x16fcc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:14:38.0598 0x16fcc  BridgeMP - ok
15:14:38.0633 0x16fcc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:14:38.0639 0x16fcc  Browser - ok
15:14:38.0674 0x16fcc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:14:38.0684 0x16fcc  Brserid - ok
15:14:38.0736 0x16fcc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:14:38.0738 0x16fcc  BrSerWdm - ok
15:14:38.0750 0x16fcc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:14:38.0751 0x16fcc  BrUsbMdm - ok
15:14:38.0758 0x16fcc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:14:38.0760 0x16fcc  BrUsbSer - ok
15:14:38.0781 0x16fcc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:14:38.0783 0x16fcc  BthEnum - ok
15:14:38.0797 0x16fcc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:14:38.0801 0x16fcc  BTHMODEM - ok
15:14:38.0839 0x16fcc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:14:38.0844 0x16fcc  BthPan - ok
15:14:38.0992 0x16fcc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:14:39.0140 0x16fcc  BTHPORT - ok
15:14:39.0200 0x16fcc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:14:39.0220 0x16fcc  bthserv - ok
15:14:39.0297 0x16fcc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:14:39.0376 0x16fcc  BTHUSB - ok
15:14:39.0594 0x16fcc  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
15:14:39.0682 0x16fcc  btwampfl - ok
15:14:39.0726 0x16fcc  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:14:39.0784 0x16fcc  btwaudio - ok
15:14:39.0824 0x16fcc  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
15:14:39.0916 0x16fcc  btwavdt - ok
15:14:40.0139 0x16fcc  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:14:40.0197 0x16fcc  btwdins - ok
15:14:40.0243 0x16fcc  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:14:40.0245 0x16fcc  btwl2cap - ok
15:14:40.0263 0x16fcc  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:14:40.0265 0x16fcc  btwrchid - ok
15:14:40.0277 0x16fcc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:14:40.0281 0x16fcc  cdfs - ok
15:14:40.0323 0x16fcc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:14:40.0329 0x16fcc  cdrom - ok
15:14:40.0363 0x16fcc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:14:40.0368 0x16fcc  CertPropSvc - ok
15:14:40.0397 0x16fcc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:14:40.0399 0x16fcc  circlass - ok
15:14:40.0424 0x16fcc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:14:40.0442 0x16fcc  CLFS - ok
15:14:40.0542 0x16fcc  [ 65CFBA70AF416278745FB1DF2D337830, 09A5BD3B6E6AB8111B9C480674ED880BA5133CD57E2F7FD08F228CD838BDA32A ] CLKMSVC10_9EC60124 c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
15:14:40.0552 0x16fcc  CLKMSVC10_9EC60124 - ok
15:14:40.0613 0x16fcc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:40.0616 0x16fcc  clr_optimization_v2.0.50727_32 - ok
15:14:40.0662 0x16fcc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:14:40.0667 0x16fcc  clr_optimization_v2.0.50727_64 - ok
15:14:40.0742 0x16fcc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:40.0746 0x16fcc  clr_optimization_v4.0.30319_32 - ok
15:14:40.0775 0x16fcc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:14:40.0780 0x16fcc  clr_optimization_v4.0.30319_64 - ok
15:14:40.0800 0x16fcc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:14:40.0802 0x16fcc  CmBatt - ok
15:14:40.0835 0x16fcc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:14:40.0837 0x16fcc  cmdide - ok
15:14:40.0899 0x16fcc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:14:40.0926 0x16fcc  CNG - ok
15:14:40.0950 0x16fcc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:14:40.0951 0x16fcc  Compbatt - ok
15:14:40.0981 0x16fcc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:14:40.0983 0x16fcc  CompositeBus - ok
15:14:40.0987 0x16fcc  COMSysApp - ok
15:14:41.0008 0x16fcc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:14:41.0010 0x16fcc  crcdisk - ok
15:14:41.0057 0x16fcc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:14:41.0064 0x16fcc  CryptSvc - ok
15:14:41.0119 0x16fcc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:14:41.0146 0x16fcc  CSC - ok
15:14:41.0207 0x16fcc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:14:41.0240 0x16fcc  CscService - ok
15:14:41.0261 0x16fcc  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:14:41.0269 0x16fcc  CtClsFlt - ok
15:14:41.0330 0x16fcc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:14:41.0358 0x16fcc  DcomLaunch - ok
15:14:41.0441 0x16fcc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:14:41.0457 0x16fcc  defragsvc - ok
15:14:41.0540 0x16fcc  [ 59D90B6A7FBC4CC712DD7C5868618480, ED7D7052D50B346CD1624D05ADDC33E030008D7EEE3AEDBA267F583BE51D859B ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
15:14:41.0546 0x16fcc  DeviceMonitorService - ok
15:14:41.0586 0x16fcc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:14:41.0590 0x16fcc  DfsC - ok
15:14:41.0635 0x16fcc  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:14:41.0640 0x16fcc  dg_ssudbus - ok
15:14:41.0689 0x16fcc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:14:41.0719 0x16fcc  Dhcp - ok
15:14:41.0750 0x16fcc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:14:41.0752 0x16fcc  discache - ok
15:14:41.0767 0x16fcc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:14:41.0771 0x16fcc  Disk - ok
15:14:41.0858 0x16fcc  [ E56778551BF535500D6B02E68E5BFB47, F1FD14375E88F07F66CEEA37112DF51BACDD698E83A0E5AAE13CC948D205CE98 ] DMAgent         C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
15:14:41.0885 0x16fcc  DMAgent - ok
15:14:41.0910 0x16fcc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:14:41.0918 0x16fcc  Dnscache - ok
15:14:41.0984 0x16fcc  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:14:41.0990 0x16fcc  DockLoginService - ok
15:14:42.0034 0x16fcc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:14:42.0044 0x16fcc  dot3svc - ok
15:14:42.0086 0x16fcc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:14:42.0093 0x16fcc  DPS - ok
15:14:42.0131 0x16fcc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:14:42.0132 0x16fcc  drmkaud - ok
15:14:42.0199 0x16fcc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:14:42.0244 0x16fcc  DXGKrnl - ok
15:14:42.0277 0x16fcc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:14:42.0282 0x16fcc  EapHost - ok
15:14:42.0444 0x16fcc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:14:42.0583 0x16fcc  ebdrv - ok
15:14:42.0612 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:14:42.0615 0x16fcc  EFS - ok
15:14:42.0688 0x16fcc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:14:42.0721 0x16fcc  ehRecvr - ok
15:14:42.0757 0x16fcc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:14:42.0762 0x16fcc  ehSched - ok
15:14:42.0820 0x16fcc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:14:42.0846 0x16fcc  elxstor - ok
15:14:42.0888 0x16fcc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:14:42.0889 0x16fcc  ErrDev - ok
15:14:42.0948 0x16fcc  [ 00C3C6C55C435810C9475C219F4D1B26, 397E57AD97DD2C233ACF4C210B4AD227C516C9B2D01680FE22198168B627D267 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
15:14:42.0951 0x16fcc  ESProtectionDriver - ok
15:14:42.0984 0x16fcc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:14:43.0010 0x16fcc  EventSystem - ok
15:14:43.0130 0x16fcc  [ 7C1042CDA4E7151E91F1E66A4D9118B0, 14A30FFE79EADFA6B4DF01558E54FA5C542E823BA3CE82E54446B1F17CE33EA9 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:14:43.0193 0x16fcc  EvtEng - ok
15:14:43.0219 0x16fcc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:14:43.0226 0x16fcc  exfat - ok
15:14:43.0399 0x16fcc  [ 9A58F93651F095625AC9AAB754D8D6FD, 98D33E8136E70800D108D53E45517569E2E9472E7290B03FAA03CF75F76EEEC2 ] FAService       c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
15:14:43.0473 0x16fcc  FAService - ok
15:14:43.0512 0x16fcc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:14:43.0520 0x16fcc  fastfat - ok
15:14:43.0597 0x16fcc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:14:43.0631 0x16fcc  Fax - ok
15:14:43.0661 0x16fcc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:14:43.0663 0x16fcc  fdc - ok
15:14:43.0676 0x16fcc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:14:43.0679 0x16fcc  fdPHost - ok
15:14:43.0688 0x16fcc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:14:43.0691 0x16fcc  FDResPub - ok
15:14:43.0711 0x16fcc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:14:43.0714 0x16fcc  FileInfo - ok
15:14:43.0780 0x16fcc  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
15:14:43.0782 0x16fcc  FileMonitor - ok
15:14:43.0805 0x16fcc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:14:43.0807 0x16fcc  Filetrace - ok
15:14:43.0843 0x16fcc  [ 72CC30F0D6DF8D3FBD5CD728259A8F69, F7774D35B38F35E31A8EEE37FF2F203C1CED433FF84EC265CD92B38CBFE3AB8F ] file_tracker    C:\Windows\system32\DRIVERS\file_tracker.sys
15:14:43.0852 0x16fcc  file_tracker - ok
15:14:43.0956 0x16fcc  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:14:44.0000 0x16fcc  FLEXnet Licensing Service - ok
15:14:44.0020 0x16fcc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:44.0022 0x16fcc  flpydisk - ok
15:14:44.0067 0x16fcc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:14:44.0082 0x16fcc  FltMgr - ok
15:14:44.0123 0x16fcc  [ 9BD0273A5B650CC16E8A54AD9B312BEB, 1AA219C4CC29E8301075537A330CC7FB677CD884AABD8FB3D99CFBEA1AB4CDF2 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
15:14:44.0128 0x16fcc  fltsrv - ok
15:14:44.0204 0x16fcc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:14:44.0256 0x16fcc  FontCache - ok
15:14:44.0325 0x16fcc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:14:44.0327 0x16fcc  FontCache3.0.0.0 - ok
15:14:44.0345 0x16fcc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:14:44.0348 0x16fcc  FsDepends - ok
15:14:44.0369 0x16fcc  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:14:44.0371 0x16fcc  fssfltr - ok
15:14:44.0515 0x16fcc  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:14:44.0586 0x16fcc  fsssvc - ok
15:14:44.0654 0x16fcc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:14:44.0656 0x16fcc  Fs_Rec - ok
15:14:44.0748 0x16fcc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:14:44.0791 0x16fcc  fvevol - ok
15:14:44.0852 0x16fcc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:14:44.0894 0x16fcc  gagp30kx - ok
15:14:44.0926 0x16fcc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:14:44.0929 0x16fcc  GEARAspiWDM - ok
15:14:44.0989 0x16fcc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:14:45.0024 0x16fcc  gpsvc - ok
15:14:45.0106 0x16fcc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:14:45.0113 0x16fcc  gusvc - ok
15:14:45.0132 0x16fcc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:14:45.0134 0x16fcc  hcw85cir - ok
15:14:45.0168 0x16fcc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:14:45.0174 0x16fcc  HDAudBus - ok
15:14:45.0211 0x16fcc  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
15:14:45.0213 0x16fcc  HECIx64 - ok
15:14:45.0227 0x16fcc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:14:45.0229 0x16fcc  HidBatt - ok
15:14:45.0244 0x16fcc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:14:45.0248 0x16fcc  HidBth - ok
15:14:45.0262 0x16fcc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:14:45.0265 0x16fcc  HidIr - ok
15:14:45.0304 0x16fcc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
15:14:45.0306 0x16fcc  hidserv - ok
15:14:45.0329 0x16fcc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:14:45.0330 0x16fcc  HidUsb - ok
15:14:45.0372 0x16fcc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:14:45.0377 0x16fcc  hkmsvc - ok
15:14:45.0417 0x16fcc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:14:45.0426 0x16fcc  HomeGroupListener - ok
15:14:45.0521 0x16fcc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:14:45.0530 0x16fcc  HomeGroupProvider - ok
15:14:45.0546 0x16fcc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:14:45.0550 0x16fcc  HpSAMD - ok
15:14:45.0612 0x16fcc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:14:45.0646 0x16fcc  HTTP - ok
15:14:45.0751 0x16fcc  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
15:14:45.0753 0x16fcc  HWiNFO32 - ok
15:14:45.0789 0x16fcc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:14:45.0790 0x16fcc  hwpolicy - ok
15:14:45.0833 0x16fcc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:14:45.0838 0x16fcc  i8042prt - ok
15:14:45.0900 0x16fcc  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:14:45.0925 0x16fcc  iaStor - ok
15:14:45.0990 0x16fcc  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
15:14:46.0012 0x16fcc  iaStorA - ok
15:14:46.0101 0x16fcc  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:14:46.0102 0x16fcc  IAStorDataMgrSvc - ok
15:14:46.0131 0x16fcc  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
15:14:46.0132 0x16fcc  iaStorF - ok
15:14:46.0187 0x16fcc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:14:46.0212 0x16fcc  iaStorV - ok
15:14:46.0291 0x16fcc  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:14:46.0295 0x16fcc  IDriverT - ok
15:14:46.0377 0x16fcc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:14:46.0423 0x16fcc  idsvc - ok
15:14:46.0482 0x16fcc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:14:46.0485 0x16fcc  iirsp - ok
15:14:46.0561 0x16fcc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:14:46.0602 0x16fcc  IKEEXT - ok
15:14:46.0634 0x16fcc  [ 4D30C9AA6BF04AF4223A68B771B0B7CE, 87541A33F7EA1A947F0266B739DFFF010110DFCC3995A67DC9A00521F94A389D ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
15:14:46.0650 0x16fcc  IMFservice - ok
15:14:46.0686 0x16fcc  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
15:14:46.0693 0x16fcc  Impcd - ok
15:14:46.0899 0x16fcc  [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:14:47.0073 0x16fcc  IntcAzAudAddService - ok
15:14:47.0112 0x16fcc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:14:47.0113 0x16fcc  intelide - ok
15:14:47.0132 0x16fcc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:14:47.0135 0x16fcc  intelppm - ok
15:14:47.0207 0x16fcc  [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:14:47.0209 0x16fcc  IntuitUpdateServiceV4 - ok
15:14:47.0246 0x16fcc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:14:47.0250 0x16fcc  IPBusEnum - ok
15:14:47.0292 0x16fcc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:47.0295 0x16fcc  IpFilterDriver - ok
15:14:47.0354 0x16fcc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:14:47.0418 0x16fcc  iphlpsvc - ok
15:14:47.0484 0x16fcc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:14:47.0487 0x16fcc  IPMIDRV - ok
15:14:47.0503 0x16fcc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:14:47.0507 0x16fcc  IPNAT - ok
15:14:47.0593 0x16fcc  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:14:47.0618 0x16fcc  iPod Service - ok
15:14:47.0633 0x16fcc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:14:47.0635 0x16fcc  IRENUM - ok
15:14:47.0674 0x16fcc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:14:47.0675 0x16fcc  isapnp - ok
15:14:47.0721 0x16fcc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:14:47.0730 0x16fcc  iScsiPrt - ok
15:14:47.0763 0x16fcc  [ 3926C8C55A2CD2C94888BE39B4BEB629, 75777C6EBC1D415248B84C19895F2BDF5AAFC1511CEF6A0ABE14540D7E1151B5 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
15:14:47.0767 0x16fcc  JMCR - ok
15:14:47.0782 0x16fcc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:14:47.0784 0x16fcc  kbdclass - ok
15:14:47.0817 0x16fcc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:14:47.0819 0x16fcc  kbdhid - ok
15:14:47.0853 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:14:47.0856 0x16fcc  KeyIso - ok
15:14:47.0979 0x16fcc  [ 140692763A50BFFF322CDC076300587E, 4B6D9AE479EDDB429C1DE36406517FA65C2B3927B20792B3A27CEE05A6B7A3AB ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:14:48.0030 0x16fcc  Kodak AiO Network Discovery Service - ok
15:14:48.0113 0x16fcc  [ E29F999616D7C08B0E91296908C47CAF, 285594B526A15911238B89E5FCBCFFA48A6C69CCC481918D2C474C6BB12869E6 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:14:48.0147 0x16fcc  Kodak AiO Status Monitor Service - ok
15:14:48.0165 0x16fcc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:14:48.0169 0x16fcc  KSecDD - ok
15:14:48.0212 0x16fcc  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:14:48.0218 0x16fcc  KSecPkg - ok
15:14:48.0229 0x16fcc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:14:48.0230 0x16fcc  ksthunk - ok
15:14:48.0277 0x16fcc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:14:48.0295 0x16fcc  KtmRm - ok
15:14:48.0337 0x16fcc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:14:48.0348 0x16fcc  LanmanServer - ok
15:14:48.0384 0x16fcc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:14:48.0391 0x16fcc  LanmanWorkstation - ok
15:14:48.0411 0x16fcc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:14:48.0414 0x16fcc  lltdio - ok
15:14:48.0471 0x16fcc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:14:48.0486 0x16fcc  lltdsvc - ok
15:14:48.0504 0x16fcc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:14:48.0507 0x16fcc  lmhosts - ok
15:14:48.0594 0x16fcc  [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:14:48.0611 0x16fcc  LMS - ok
15:14:48.0640 0x16fcc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:14:48.0645 0x16fcc  LSI_FC - ok
15:14:48.0667 0x16fcc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:14:48.0672 0x16fcc  LSI_SAS - ok
15:14:48.0687 0x16fcc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:14:48.0690 0x16fcc  LSI_SAS2 - ok
15:14:48.0714 0x16fcc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:14:48.0719 0x16fcc  LSI_SCSI - ok
15:14:48.0782 0x16fcc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:14:48.0787 0x16fcc  luafv - ok
15:14:48.0848 0x16fcc  [ FCF1A9F544CD89564CFAC9572AB2DDBB, B5793DF12FE656FF73F3094CEE8986E2E90C64C47EAED9FA190A66E601125B42 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
15:14:48.0873 0x16fcc  MbaeSvc - ok
15:14:48.0914 0x16fcc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:14:48.0919 0x16fcc  Mcx2Svc - ok
15:14:49.0189 0x16fcc  [ 463595E7A0BE96F992D1D680FD9FFFCB, 5D1A0B64D51488C77FD2C0CE0DCEA7DBA618DD92AF3FE584B8D13116A301E4E4 ] MediaMall Server C:\Program Files (x86)\MediaMall\MediaMallServer.exe
15:14:49.0369 0x16fcc  MediaMall Server - ok
15:14:49.0448 0x16fcc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:14:49.0450 0x16fcc  megasas - ok
15:14:49.0477 0x16fcc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:14:49.0493 0x16fcc  MegaSR - ok
15:14:49.0562 0x16fcc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:14:49.0566 0x16fcc  MMCSS - ok
15:14:49.0590 0x16fcc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:14:49.0592 0x16fcc  Modem - ok
15:14:49.0610 0x16fcc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:14:49.0612 0x16fcc  monitor - ok
15:14:49.0653 0x16fcc  [ 4BD239A90FAFC80CA91AF2DD644D719A, D26D48AB392426544C9E57593BB72F9416E7EFF73769C94A9A4614099EA31E18 ] motandroidusb   C:\Windows\system32\Drivers\motoandroid.sys
15:14:49.0655 0x16fcc  motandroidusb - ok
15:14:49.0756 0x16fcc  [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
15:14:49.0762 0x16fcc  Motorola Device Manager - ok
15:14:49.0823 0x16fcc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:14:49.0826 0x16fcc  mouclass - ok
15:14:49.0840 0x16fcc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:14:49.0843 0x16fcc  mouhid - ok
15:14:49.0880 0x16fcc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:14:49.0885 0x16fcc  mountmgr - ok
15:14:49.0943 0x16fcc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:14:50.0038 0x16fcc  MozillaMaintenance - ok
15:14:50.0142 0x16fcc  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:14:50.0184 0x16fcc  MpFilter - ok
15:14:50.0244 0x16fcc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:14:50.0280 0x16fcc  mpio - ok
15:14:50.0311 0x16fcc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:14:50.0315 0x16fcc  mpsdrv - ok
15:14:50.0387 0x16fcc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:14:50.0429 0x16fcc  MpsSvc - ok
15:14:50.0472 0x16fcc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:14:50.0477 0x16fcc  MRxDAV - ok
15:14:50.0508 0x16fcc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:50.0515 0x16fcc  mrxsmb - ok
15:14:50.0554 0x16fcc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:50.0565 0x16fcc  mrxsmb10 - ok
15:14:50.0583 0x16fcc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:50.0589 0x16fcc  mrxsmb20 - ok
15:14:50.0619 0x16fcc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:14:50.0621 0x16fcc  msahci - ok
15:14:50.0642 0x16fcc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:14:50.0648 0x16fcc  msdsm - ok
15:14:50.0668 0x16fcc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:14:50.0675 0x16fcc  MSDTC - ok
15:14:50.0699 0x16fcc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:14:50.0701 0x16fcc  Msfs - ok
15:14:50.0718 0x16fcc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:14:50.0719 0x16fcc  mshidkmdf - ok
15:14:50.0743 0x16fcc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:14:50.0745 0x16fcc  msisadrv - ok
15:14:50.0793 0x16fcc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:14:50.0800 0x16fcc  MSiSCSI - ok
15:14:50.0806 0x16fcc  msiserver - ok
15:14:50.0820 0x16fcc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:14:50.0822 0x16fcc  MSKSSRV - ok
15:14:50.0878 0x16fcc  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:14:50.0879 0x16fcc  MsMpSvc - ok
15:14:50.0894 0x16fcc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:50.0895 0x16fcc  MSPCLOCK - ok
15:14:50.0901 0x16fcc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:14:50.0903 0x16fcc  MSPQM - ok
15:14:50.0956 0x16fcc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:14:50.0982 0x16fcc  MsRPC - ok
15:14:51.0030 0x16fcc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:14:51.0032 0x16fcc  mssmbios - ok
15:14:51.0055 0x16fcc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:14:51.0057 0x16fcc  MSTEE - ok
15:14:51.0082 0x16fcc  [ C83829C280F0207677B7AAA151EF9C4D, 3CD9E5C42391DCD6D7AC99C1100237BD54A57F1F5511811D6382D6EFB97D444E ] msvad_simple    C:\Windows\system32\drivers\povrtdev.sys
15:14:51.0084 0x16fcc  msvad_simple - ok
15:14:51.0104 0x16fcc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:14:51.0105 0x16fcc  MTConfig - ok
15:14:51.0123 0x16fcc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:14:51.0126 0x16fcc  Mup - ok
15:14:51.0216 0x16fcc  [ A94EEBD860AD00A0BFE91C0FD3F5FEB1, 163D3368C224ED144623EFA28D6117586B9A5ECCB5104AEF0071EE44636DACE4 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:14:51.0235 0x16fcc  MyWiFiDHCPDNS - ok
15:14:51.0300 0x16fcc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:14:51.0325 0x16fcc  napagent - ok
15:14:51.0358 0x16fcc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:14:51.0373 0x16fcc  NativeWifiP - ok
15:14:51.0453 0x16fcc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:14:51.0528 0x16fcc  NDIS - ok
15:14:51.0546 0x16fcc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:14:51.0549 0x16fcc  NdisCap - ok
15:14:51.0566 0x16fcc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:51.0568 0x16fcc  NdisTapi - ok
15:14:51.0609 0x16fcc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:51.0612 0x16fcc  Ndisuio - ok
15:14:51.0662 0x16fcc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:51.0670 0x16fcc  NdisWan - ok
15:14:51.0713 0x16fcc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:14:51.0716 0x16fcc  NDProxy - ok
15:14:51.0740 0x16fcc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:14:51.0742 0x16fcc  NetBIOS - ok
15:14:51.0788 0x16fcc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:14:51.0798 0x16fcc  NetBT - ok
15:14:51.0813 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:14:51.0815 0x16fcc  Netlogon - ok
15:14:51.0867 0x16fcc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:14:51.0884 0x16fcc  Netman - ok
15:14:51.0955 0x16fcc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:51.0961 0x16fcc  NetMsmqActivator - ok
15:14:51.0980 0x16fcc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:51.0986 0x16fcc  NetPipeActivator - ok
15:14:52.0021 0x16fcc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:14:52.0047 0x16fcc  netprofm - ok
15:14:52.0058 0x16fcc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:52.0063 0x16fcc  NetTcpActivator - ok
15:14:52.0074 0x16fcc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:52.0079 0x16fcc  NetTcpPortSharing - ok
15:14:52.0437 0x16fcc  [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
15:14:52.0744 0x16fcc  NETw5s64 - ok
15:14:53.0232 0x16fcc  [ 127AB99C5901DE162AFB55290FE82C04, B711E48FD3903F8210B444A131F10820C4F27A25B81E8219A555404416183960 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw00.sys
15:14:53.0743 0x16fcc  NETwNs64 - ok
15:14:53.0829 0x16fcc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:14:53.0832 0x16fcc  nfrd960 - ok
15:14:53.0867 0x16fcc  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:14:53.0872 0x16fcc  NisDrv - ok
15:14:53.0948 0x16fcc  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:14:53.0964 0x16fcc  NisSrv - ok
15:14:54.0029 0x16fcc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:14:54.0040 0x16fcc  NlaSvc - ok
15:14:54.0070 0x16fcc  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\Windows\system32\drivers\npf.sys
15:14:54.0073 0x16fcc  NPF - ok
15:14:54.0092 0x16fcc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:14:54.0095 0x16fcc  Npfs - ok
15:14:54.0133 0x16fcc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:14:54.0136 0x16fcc  nsi - ok
15:14:54.0162 0x16fcc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:14:54.0164 0x16fcc  nsiproxy - ok
15:14:54.0263 0x16fcc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:14:54.0332 0x16fcc  Ntfs - ok
15:14:54.0362 0x16fcc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:14:54.0364 0x16fcc  Null - ok
15:14:54.0389 0x16fcc  [ B01C1E6D7477961D6D1CBDCD44AF3E67, 407BD335FE7C87DFBD9EDE49BDD828263D8C8D25C8216FF04AC70320E74AE8B6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
15:14:54.0394 0x16fcc  nusb3hub - ok
15:14:54.0420 0x16fcc  [ 796BAE22DD827DB8AD7AE7C3F775E92F, D26C921679888D90EEC6FBFDF3884FF151E4C28FD3920CE7F3AB58A8EEF3845E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:14:54.0428 0x16fcc  nusb3xhc - ok
15:14:54.0460 0x16fcc  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:14:54.0468 0x16fcc  NVHDA - ok
15:14:54.0924 0x16fcc  [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:14:55.0329 0x16fcc  nvlddmkm - ok
15:14:55.0390 0x16fcc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:14:55.0439 0x16fcc  nvraid - ok
15:14:55.0484 0x16fcc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:14:55.0526 0x16fcc  nvstor - ok
15:14:55.0630 0x16fcc  [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:14:55.0660 0x16fcc  nvsvc - ok
15:14:55.0778 0x16fcc  [ 84E035225474E48CD3A6A3CE52332095, C90E1BC112EDED3035F2D440DDA6FC838D5D9B5F0D7CBE5E4672FEB1CC49F449 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:14:55.0831 0x16fcc  nvUpdatusService - ok
15:14:55.0879 0x16fcc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:14:55.0884 0x16fcc  nv_agp - ok
15:14:55.0927 0x16fcc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:14:55.0930 0x16fcc  ohci1394 - ok
15:14:56.0008 0x16fcc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:14:56.0014 0x16fcc  ose - ok
15:14:56.0257 0x16fcc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:56.0420 0x16fcc  osppsvc - ok
15:14:56.0478 0x16fcc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:14:56.0493 0x16fcc  p2pimsvc - ok
15:14:56.0547 0x16fcc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:14:56.0564 0x16fcc  p2psvc - ok
15:14:56.0608 0x16fcc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:14:56.0611 0x16fcc  Parport - ok
15:14:56.0650 0x16fcc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:14:56.0654 0x16fcc  partmgr - ok
15:14:56.0675 0x16fcc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:14:56.0684 0x16fcc  PcaSvc - ok
15:14:56.0707 0x16fcc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:14:56.0715 0x16fcc  pci - ok
15:14:56.0753 0x16fcc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:14:56.0754 0x16fcc  pciide - ok
15:14:56.0777 0x16fcc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:14:56.0784 0x16fcc  pcmcia - ok
15:14:56.0796 0x16fcc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:14:56.0798 0x16fcc  pcw - ok
15:14:56.0838 0x16fcc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:14:56.0864 0x16fcc  PEAUTH - ok
15:14:56.0925 0x16fcc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:14:56.0974 0x16fcc  PeerDistSvc - ok
15:14:57.0078 0x16fcc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:14:57.0080 0x16fcc  PerfHost - ok
15:14:57.0193 0x16fcc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:14:57.0258 0x16fcc  pla - ok
15:14:57.0305 0x16fcc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:14:57.0331 0x16fcc  PlugPlay - ok
15:14:57.0356 0x16fcc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:14:57.0359 0x16fcc  PNRPAutoReg - ok
15:14:57.0387 0x16fcc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:14:57.0400 0x16fcc  PNRPsvc - ok
15:14:57.0455 0x16fcc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:14:57.0484 0x16fcc  PolicyAgent - ok
15:14:57.0535 0x16fcc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:14:57.0543 0x16fcc  Power - ok
15:14:57.0589 0x16fcc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:14:57.0594 0x16fcc  PptpMiniport - ok
15:14:57.0612 0x16fcc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:14:57.0615 0x16fcc  Processor - ok
15:14:57.0654 0x16fcc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:14:57.0664 0x16fcc  ProfSvc - ok
15:14:57.0696 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:14:57.0698 0x16fcc  ProtectedStorage - ok
15:14:57.0740 0x16fcc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:14:57.0745 0x16fcc  Psched - ok
15:14:57.0838 0x16fcc  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
15:14:57.0840 0x16fcc  PST Service - ok
15:14:57.0874 0x16fcc  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:14:57.0877 0x16fcc  PxHlpa64 - ok
15:14:57.0918 0x16fcc  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
15:14:57.0920 0x16fcc  qicflt - ok
15:14:58.0014 0x16fcc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:14:58.0083 0x16fcc  ql2300 - ok
15:14:58.0108 0x16fcc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:14:58.0115 0x16fcc  ql40xx - ok
15:14:58.0165 0x16fcc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:14:58.0175 0x16fcc  QWAVE - ok
15:14:58.0208 0x16fcc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:14:58.0211 0x16fcc  QWAVEdrv - ok
15:14:58.0232 0x16fcc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:14:58.0233 0x16fcc  RasAcd - ok
15:14:58.0273 0x16fcc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:14:58.0275 0x16fcc  RasAgileVpn - ok
15:14:58.0297 0x16fcc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:14:58.0303 0x16fcc  RasAuto - ok
15:14:58.0342 0x16fcc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:58.0347 0x16fcc  Rasl2tp - ok
15:14:58.0399 0x16fcc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:14:58.0425 0x16fcc  RasMan - ok
15:14:58.0444 0x16fcc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:58.0449 0x16fcc  RasPppoe - ok
15:14:58.0459 0x16fcc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:14:58.0463 0x16fcc  RasSstp - ok
15:14:58.0507 0x16fcc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:14:58.0523 0x16fcc  rdbss - ok
15:14:58.0551 0x16fcc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:14:58.0553 0x16fcc  rdpbus - ok
15:14:58.0571 0x16fcc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:58.0572 0x16fcc  RDPCDD - ok
15:14:58.0641 0x16fcc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:14:58.0648 0x16fcc  RDPDR - ok
15:14:58.0656 0x16fcc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:14:58.0657 0x16fcc  RDPENCDD - ok
15:14:58.0671 0x16fcc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:14:58.0672 0x16fcc  RDPREFMP - ok
15:14:58.0732 0x16fcc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:14:58.0734 0x16fcc  RdpVideoMiniport - ok
15:14:58.0760 0x16fcc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:14:58.0768 0x16fcc  RDPWD - ok
15:14:58.0808 0x16fcc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:14:58.0817 0x16fcc  rdyboost - ok
15:14:58.0871 0x16fcc  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:14:58.0873 0x16fcc  RealNetworks Downloader Resolver Service - ok
15:14:58.0961 0x16fcc  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
15:14:58.0963 0x16fcc  RegFilter - ok
15:14:59.0069 0x16fcc  [ 6108654C5EBEA28A606D6890B4DE6DE3, BDFF0796BE175E929A178BA3A9160AEF42DF07D34631F162DC1750C8582B5C4A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:14:59.0153 0x16fcc  RegSrvc - ok
15:14:59.0191 0x16fcc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:14:59.0197 0x16fcc  RemoteAccess - ok
15:14:59.0244 0x16fcc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:14:59.0252 0x16fcc  RemoteRegistry - ok
15:14:59.0298 0x16fcc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:14:59.0304 0x16fcc  RFCOMM - ok
15:14:59.0343 0x16fcc  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:14:59.0346 0x16fcc  RimVSerPort - ok
15:14:59.0365 0x16fcc  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
15:14:59.0366 0x16fcc  ROOTMODEM - ok
15:14:59.0518 0x16fcc  [ 05FC44D32A144925EAE45570029FD6E1, 843976755AC807920C84D769D91C04AFA9CD02B71F4E8F20B0C16493AA878923 ] RoxMediaDB10    c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
15:14:59.0610 0x16fcc  RoxMediaDB10 - ok
15:14:59.0642 0x16fcc  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
15:14:59.0647 0x16fcc  rpcapd - ok
15:14:59.0665 0x16fcc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:14:59.0669 0x16fcc  RpcEptMapper - ok
15:14:59.0706 0x16fcc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:14:59.0709 0x16fcc  RpcLocator - ok
15:14:59.0764 0x16fcc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:14:59.0783 0x16fcc  RpcSs - ok
15:14:59.0802 0x16fcc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:14:59.0806 0x16fcc  rspndr - ok
15:14:59.0885 0x16fcc  [ B85642BE0761159B63CFFC137384E17F, ACB04AC581EE475543AEA3003E3643DC2A007C4D3F1831C120F1D07BDAFF2FA4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:14:59.0896 0x16fcc  RtkAudioService - ok
15:14:59.0966 0x16fcc  [ 6F593C7B14264FE2C6F3B96165BD95E5, 4D38B4EAFE5B5EAD409250DEA1FD45860751A9E8477D3775E97FF386895182A2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:15:00.0008 0x16fcc  RTL8167 - ok
15:15:00.0048 0x16fcc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:15:00.0049 0x16fcc  s3cap - ok
15:15:00.0062 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:15:00.0065 0x16fcc  SamSs - ok
15:15:00.0115 0x16fcc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:15:00.0120 0x16fcc  sbp2port - ok
15:15:00.0146 0x16fcc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:15:00.0155 0x16fcc  SCardSvr - ok
15:15:00.0192 0x16fcc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:15:00.0194 0x16fcc  scfilter - ok
15:15:00.0277 0x16fcc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:15:00.0325 0x16fcc  Schedule - ok
15:15:00.0363 0x16fcc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:15:00.0366 0x16fcc  SCPolicySvc - ok
15:15:00.0404 0x16fcc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:15:00.0412 0x16fcc  SDRSVC - ok
15:15:00.0433 0x16fcc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:15:00.0435 0x16fcc  secdrv - ok
15:15:00.0468 0x16fcc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:15:00.0471 0x16fcc  seclogon - ok
15:15:00.0508 0x16fcc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
15:15:00.0512 0x16fcc  SENS - ok
15:15:00.0542 0x16fcc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:15:00.0545 0x16fcc  SensrSvc - ok
15:15:00.0565 0x16fcc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:15:00.0567 0x16fcc  Serenum - ok
15:15:00.0620 0x16fcc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:15:00.0670 0x16fcc  Serial - ok
15:15:00.0731 0x16fcc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:15:00.0776 0x16fcc  sermouse - ok
15:15:00.0842 0x16fcc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:15:00.0849 0x16fcc  SessionEnv - ok
15:15:00.0906 0x16fcc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:15:00.0908 0x16fcc  sffdisk - ok
15:15:00.0930 0x16fcc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:15:00.0932 0x16fcc  sffp_mmc - ok
15:15:00.0949 0x16fcc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:15:00.0951 0x16fcc  sffp_sd - ok
15:15:00.0971 0x16fcc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:15:00.0972 0x16fcc  sfloppy - ok
15:15:01.0053 0x16fcc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:15:01.0070 0x16fcc  SharedAccess - ok
15:15:01.0132 0x16fcc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:15:01.0166 0x16fcc  ShellHWDetection - ok
15:15:01.0223 0x16fcc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:15:01.0225 0x16fcc  SiSRaid2 - ok
15:15:01.0250 0x16fcc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:15:01.0254 0x16fcc  SiSRaid4 - ok
15:15:01.0311 0x16fcc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:15:01.0318 0x16fcc  SkypeUpdate - ok
15:15:01.0351 0x16fcc  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
15:15:01.0353 0x16fcc  SmartDefragDriver - ok
15:15:01.0376 0x16fcc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:15:01.0381 0x16fcc  Smb - ok
15:15:01.0409 0x16fcc  [ 678D197CAD249F930B7FDD2AFA4C91B0, 5CE65B8A72225B663534A14BA31DCAB8EA5A7CE9BE05C3A18837FE8B554EF1FA ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
15:15:01.0411 0x16fcc  SmbDrvI - ok
15:15:01.0494 0x16fcc  [ 2F7A6F88A9516EB47B0BF13024434244, 5FC5635D077AAA42853F78306C941995B56E939015CC3F27D376CBD9395C7410 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
15:15:01.0504 0x16fcc  snapman - ok
15:15:01.0548 0x16fcc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:15:01.0552 0x16fcc  SNMPTRAP - ok
15:15:01.0634 0x16fcc  [ CE006FD4E7742A0ABEC3FDD47EDB2E4F, E3E5D079CEF4E8A863BD450C55AAB4115C788986F060EAA6D675A83775CB57D6 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
15:15:01.0666 0x16fcc  SplashtopRemoteService - ok
15:15:01.0686 0x16fcc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:15:01.0688 0x16fcc  spldr - ok
15:15:01.0749 0x16fcc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:15:01.0783 0x16fcc  Spooler - ok
15:15:01.0973 0x16fcc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:15:02.0122 0x16fcc  sppsvc - ok
15:15:02.0143 0x16fcc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:15:02.0148 0x16fcc  sppuinotify - ok
15:15:02.0189 0x16fcc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:15:02.0215 0x16fcc  srv - ok
15:15:02.0244 0x16fcc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:15:02.0269 0x16fcc  srv2 - ok
15:15:02.0304 0x16fcc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:15:02.0311 0x16fcc  srvnet - ok
15:15:02.0332 0x16fcc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:15:02.0342 0x16fcc  SSDPSRV - ok
15:15:02.0362 0x16fcc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:15:02.0368 0x16fcc  SstpSvc - ok
15:15:02.0429 0x16fcc  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:15:02.0437 0x16fcc  ssudmdm - ok
15:15:02.0513 0x16fcc  [ 504C33FE3B4E2AF11FE5875DDCA8EBEA, 7A3A5B5B23422A58F597DDE5FC0593EDE8EF31A7FB9CB77DB3A6AAFCCA369F3D ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
15:15:02.0544 0x16fcc  SSUService - ok
15:15:02.0588 0x16fcc  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
15:15:02.0590 0x16fcc  stdcfltn - ok
15:15:02.0642 0x16fcc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:15:02.0645 0x16fcc  stexstor - ok
15:15:02.0685 0x16fcc  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:15:02.0687 0x16fcc  StillCam - ok
15:15:02.0753 0x16fcc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:15:02.0787 0x16fcc  stisvc - ok
15:15:02.0859 0x16fcc  [ FF5EB78AF7DFB68C2FB363537AAF753E, BF34EBC28A18D31ADA21098FCD2F2D5FACE7AA9B49DB1AFA4AD248B2A58FE86E ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:15:02.0863 0x16fcc  stllssvr - ok
15:15:02.0905 0x16fcc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:15:02.0908 0x16fcc  storflt - ok
15:15:02.0938 0x16fcc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:15:02.0940 0x16fcc  storvsc - ok
15:15:02.0979 0x16fcc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:15:02.0980 0x16fcc  swenum - ok
15:15:03.0027 0x16fcc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:15:03.0047 0x16fcc  swprv - ok
15:15:03.0390 0x16fcc  [ D5996EC1A6715849022344D1CB4FA53D, 3D104364C2D10ED63187D775850913D434668E51046B4AD3CFFAAAD84D923978 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
15:15:03.0600 0x16fcc  syncagentsrv - ok
15:15:03.0697 0x16fcc  [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:15:03.0755 0x16fcc  SynTP - ok
15:15:03.0894 0x16fcc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:15:03.0968 0x16fcc  SysMain - ok
15:15:04.0014 0x16fcc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:15:04.0020 0x16fcc  TabletInputService - ok
15:15:04.0071 0x16fcc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:15:04.0096 0x16fcc  TapiSrv - ok
15:15:04.0114 0x16fcc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:15:04.0119 0x16fcc  TBS - ok
15:15:04.0249 0x16fcc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:15:04.0342 0x16fcc  Tcpip - ok
15:15:04.0424 0x16fcc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:15:04.0482 0x16fcc  TCPIP6 - ok
15:15:04.0534 0x16fcc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:15:04.0537 0x16fcc  tcpipreg - ok
15:15:04.0582 0x16fcc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:15:04.0584 0x16fcc  TDPIPE - ok
15:15:04.0629 0x16fcc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:15:04.0631 0x16fcc  TDTCP - ok
15:15:04.0677 0x16fcc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:15:04.0683 0x16fcc  tdx - ok
15:15:04.0733 0x16fcc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:15:04.0736 0x16fcc  TermDD - ok
15:15:04.0816 0x16fcc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:15:04.0850 0x16fcc  TermService - ok
15:15:04.0873 0x16fcc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:15:04.0877 0x16fcc  Themes - ok
15:15:04.0889 0x93d0  Object required for P2P: [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid
15:15:04.0929 0x16fcc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:15:04.0932 0x16fcc  THREADORDER - ok
15:15:05.0019 0x16fcc  [ E0BABFD8D7391252874A1C812CB0050E, 1C54A9C499DE8C64ECB05F3021AA40F67A7AF11DEEA27BB19CDE77DA90D1B2F4 ] tib             C:\Windows\system32\DRIVERS\tib.sys
15:15:05.0058 0x16fcc  tib - ok
15:15:05.0089 0x16fcc  [ 42129994A3FE633D608936F21959D2C2, 60557E4FE467EA36151927B6126921E6BA6834FB95B27594B711A9E40279377F ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
15:15:05.0098 0x16fcc  tib_mounter - ok
15:15:05.0121 0x16fcc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:15:05.0127 0x16fcc  TrkWks - ok
15:15:05.0198 0x16fcc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:15:05.0204 0x16fcc  TrustedInstaller - ok
15:15:05.0259 0x16fcc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:15:05.0261 0x16fcc  tssecsrv - ok
15:15:05.0290 0x16fcc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:15:05.0293 0x16fcc  TsUsbFlt - ok
15:15:05.0338 0x16fcc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:15:05.0342 0x16fcc  tunnel - ok
15:15:05.0375 0x16fcc  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
15:15:05.0376 0x16fcc  TurboB - ok
15:15:05.0438 0x16fcc  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:15:05.0442 0x16fcc  TurboBoost - ok
15:15:05.0478 0x16fcc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:15:05.0481 0x16fcc  uagp35 - ok
15:15:05.0532 0x16fcc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:15:05.0546 0x16fcc  udfs - ok
15:15:05.0585 0x16fcc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:15:05.0588 0x16fcc  UI0Detect - ok
15:15:05.0600 0x16fcc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:15:05.0603 0x16fcc  uliagpkx - ok
15:15:05.0645 0x16fcc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:15:05.0648 0x16fcc  umbus - ok
15:15:05.0667 0x16fcc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:15:05.0669 0x16fcc  UmPass - ok
15:15:05.0721 0x16fcc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:15:05.0729 0x16fcc  UmRdpService - ok
15:15:05.0965 0x16fcc  [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:15:06.0116 0x16fcc  UNS - ok
15:15:06.0277 0x16fcc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:15:06.0292 0x16fcc  upnphost - ok
15:15:06.0320 0x16fcc  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
15:15:06.0322 0x16fcc  UrlFilter - ok
15:15:06.0344 0x16fcc  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:15:06.0348 0x16fcc  USBAAPL64 - ok
15:15:06.0395 0x16fcc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:15:06.0400 0x16fcc  usbccgp - ok
15:15:06.0434 0x16fcc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:15:06.0439 0x16fcc  usbcir - ok
15:15:06.0509 0x16fcc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:15:06.0512 0x16fcc  usbehci - ok
15:15:06.0543 0x16fcc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:15:06.0575 0x16fcc  usbhub - ok
15:15:06.0611 0x16fcc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:15:06.0613 0x16fcc  usbohci - ok
15:15:06.0636 0x16fcc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:15:06.0638 0x16fcc  usbprint - ok
15:15:06.0668 0x16fcc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:15:06.0671 0x16fcc  usbscan - ok
15:15:06.0705 0x16fcc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:15:06.0709 0x16fcc  USBSTOR - ok
15:15:06.0736 0x16fcc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:15:06.0738 0x16fcc  usbuhci - ok
15:15:06.0763 0x16fcc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:15:06.0771 0x16fcc  usbvideo - ok
15:15:06.0801 0x16fcc  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:15:06.0803 0x16fcc  usb_rndisx - ok
15:15:06.0822 0x16fcc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:15:06.0826 0x16fcc  UxSms - ok
15:15:06.0845 0x16fcc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:15:06.0848 0x16fcc  VaultSvc - ok
15:15:06.0879 0x16fcc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:15:06.0882 0x16fcc  vdrvroot - ok
15:15:06.0953 0x16fcc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:15:06.0977 0x16fcc  vds - ok
15:15:07.0000 0x16fcc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:15:07.0003 0x16fcc  vga - ok
15:15:07.0023 0x16fcc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:15:07.0025 0x16fcc  VgaSave - ok
15:15:07.0077 0x16fcc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:15:07.0085 0x16fcc  vhdmp - ok
15:15:07.0121 0x16fcc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:15:07.0122 0x16fcc  viaide - ok
15:15:07.0151 0x16fcc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:15:07.0161 0x16fcc  vmbus - ok
15:15:07.0195 0x16fcc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:15:07.0198 0x16fcc  VMBusHID - ok
15:15:07.0217 0x16fcc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:15:07.0221 0x16fcc  volmgr - ok
15:15:07.0277 0x16fcc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:15:07.0302 0x16fcc  volmgrx - ok
15:15:07.0336 0x16fcc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:15:07.0347 0x16fcc  volsnap - ok
15:15:07.0364 0x16fcc  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
15:15:07.0372 0x16fcc  vpcbus - ok
15:15:07.0417 0x16fcc  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:15:07.0420 0x16fcc  vpcnfltr - ok
15:15:07.0442 0x16fcc  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
15:15:07.0447 0x16fcc  vpcusb - ok
15:15:07.0501 0x16fcc  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
15:15:07.0529 0x16fcc  vpcvmm - ok
15:15:07.0557 0x16fcc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:15:07.0564 0x16fcc  vsmraid - ok
15:15:07.0664 0x16fcc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:15:07.0731 0x16fcc  VSS - ok
15:15:07.0761 0x16fcc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:15:07.0764 0x16fcc  vwifibus - ok
15:15:07.0780 0x16fcc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:15:07.0783 0x16fcc  vwififlt - ok
15:15:07.0819 0x16fcc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:15:07.0821 0x16fcc  vwifimp - ok
15:15:07.0848 0x93d0  Object send P2P result: true
15:15:07.0858 0x93d0  Object required for P2P: [ ABBF174CB394F5C437410A788B7E404A ] iaStor
15:15:07.0874 0x16fcc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:15:07.0907 0x16fcc  W32Time - ok
15:15:07.0933 0x16fcc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:15:07.0936 0x16fcc  WacomPen - ok
15:15:07.0961 0x16fcc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:15:07.0965 0x16fcc  WANARP - ok
15:15:07.0975 0x16fcc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:15:07.0978 0x16fcc  Wanarpv6 - ok
15:15:08.0057 0x16fcc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:15:08.0115 0x16fcc  WatAdminSvc - ok
15:15:08.0218 0x16fcc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:15:08.0287 0x16fcc  wbengine - ok
15:15:08.0310 0x16fcc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:15:08.0320 0x16fcc  WbioSrvc - ok
15:15:08.0374 0x16fcc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:15:08.0407 0x16fcc  wcncsvc - ok
15:15:08.0427 0x16fcc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:15:08.0431 0x16fcc  WcsPlugInService - ok
15:15:08.0451 0x16fcc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:15:08.0454 0x16fcc  Wd - ok
15:15:08.0507 0x16fcc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:15:08.0543 0x16fcc  Wdf01000 - ok
15:15:08.0555 0x16fcc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:15:08.0561 0x16fcc  WdiServiceHost - ok
15:15:08.0575 0x16fcc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:15:08.0581 0x16fcc  WdiSystemHost - ok
15:15:08.0613 0x16fcc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:15:08.0625 0x16fcc  WebClient - ok
15:15:08.0644 0x16fcc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:15:08.0655 0x16fcc  Wecsvc - ok
15:15:08.0667 0x16fcc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:15:08.0672 0x16fcc  wercplsupport - ok
15:15:08.0683 0x16fcc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:15:08.0689 0x16fcc  WerSvc - ok
15:15:08.0712 0x16fcc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:15:08.0714 0x16fcc  WfpLwf - ok
15:15:08.0824 0x16fcc  [ 971423A6B38DDC1501BF1752987DCFD6, 24E984A1DED67E5BA964A89809418F0A465579AF60D7A85A6CC38C98CB205B76 ] WiMAXAppSrv     C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
15:15:08.0866 0x16fcc  WiMAXAppSrv - ok
15:15:08.0915 0x16fcc  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:15:08.0922 0x16fcc  WimFltr - ok
15:15:08.0939 0x16fcc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:15:08.0941 0x16fcc  WIMMount - ok
15:15:08.0982 0x16fcc  WinDefend - ok
15:15:09.0024 0x16fcc  WinHttpAutoProxySvc - ok
15:15:09.0114 0x16fcc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:15:09.0123 0x16fcc  Winmgmt - ok
15:15:09.0180 0x16fcc  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
15:15:09.0181 0x16fcc  WinRing0_1_2_0 - ok
15:15:09.0293 0x16fcc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:15:09.0409 0x16fcc  WinRM - ok
15:15:09.0480 0x16fcc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:15:09.0482 0x16fcc  WinUsb - ok
15:15:09.0549 0x16fcc  [ BC03B490677005B4204E99E8716F1F65, 891D4F3F04FDD6085FECD68985E58E437A47FDC2CBC7F94F36C7F66F1261166B ] WINZIPSSDiskOptimizer C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe
15:15:09.0564 0x16fcc  WINZIPSSDiskOptimizer - ok
15:15:09.0636 0x16fcc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:15:09.0704 0x16fcc  Wlansvc - ok
15:15:09.0871 0x16fcc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:15:09.0992 0x16fcc  wlidsvc - ok
15:15:10.0037 0x16fcc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:15:10.0039 0x16fcc  WmiAcpi - ok
15:15:10.0099 0x16fcc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:15:10.0107 0x16fcc  wmiApSrv - ok
15:15:10.0152 0x16fcc  WMPNetworkSvc - ok
15:15:10.0179 0x16fcc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:15:10.0182 0x16fcc  WPCSvc - ok
15:15:10.0235 0x16fcc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:15:10.0242 0x16fcc  WPDBusEnum - ok
15:15:10.0284 0x16fcc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:15:10.0286 0x16fcc  ws2ifsl - ok
15:15:10.0313 0x16fcc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:15:10.0319 0x16fcc  wscsvc - ok
15:15:10.0328 0x16fcc  WSearch - ok
15:15:10.0483 0x16fcc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:15:10.0594 0x16fcc  wuauserv - ok
15:15:10.0647 0x16fcc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:15:10.0651 0x16fcc  WudfPf - ok
15:15:10.0680 0x16fcc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:15:10.0688 0x16fcc  WUDFRd - ok
15:15:10.0730 0x16fcc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:15:10.0735 0x16fcc  wudfsvc - ok
15:15:10.0769 0x16fcc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:15:10.0785 0x16fcc  WwanSvc - ok
15:15:10.0849 0x16fcc  ================ Scan global ===============================
15:15:10.0901 0x16fcc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:15:10.0928 0x16fcc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:15:10.0953 0x16fcc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:15:11.0000 0x16fcc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:15:11.0052 0x16fcc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:15:11.0067 0x16fcc  [ Global ] - ok
15:15:11.0068 0x16fcc  ================ Scan MBR ==================================
15:15:11.0090 0x16fcc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:15:11.0338 0x93d0  Object send P2P result: true
15:15:11.0361 0x93d0  Object required for P2P: [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide
15:15:11.0709 0x16fcc  \Device\Harddisk0\DR0 - ok
15:15:12.0501 0x16fcc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR6
15:15:12.0517 0x16fcc  \Device\Harddisk1\DR6 - ok
15:15:12.0518 0x16fcc  ================ Scan VBR ==================================
15:15:12.0521 0x16fcc  [ 5A616D274189A0ED689590B7D60DBBC8 ] \Device\Harddisk0\DR0\Partition1
15:15:12.0523 0x16fcc  \Device\Harddisk0\DR0\Partition1 - ok
15:15:12.0526 0x16fcc  [ F709F0B0CE7D4C5B127C89424DB45D1A ] \Device\Harddisk0\DR0\Partition2
15:15:12.0528 0x16fcc  \Device\Harddisk0\DR0\Partition2 - ok
15:15:12.0532 0x16fcc  [ F0F58B385A84D1DF39C14D10FBB42C20 ] \Device\Harddisk1\DR6\Partition1
15:15:12.0588 0x16fcc  \Device\Harddisk1\DR6\Partition1 - ok
15:15:12.0589 0x16fcc  ================ Scan generic autorun ======================
15:15:12.0789 0x16fcc  [ 74E6E1E62E35661679A6CAFF392B96E9, 03AB89AE3B205DDF31497FDECCFF9BA389892C3DAF05D0D408C2627FBA06164D ] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
15:15:12.0893 0x16fcc  EKIJ5000StatusMonitor - ok
15:15:13.0239 0x16fcc  [ 26E56C4065A4AFB61F38CE9F9DB2BBB9, F969A8EB22CB9F8A5F9E47E7DD53F14F5AF813665DE8A465895A5C216DFA927A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
15:15:13.0545 0x16fcc  RTHDVCPL - ok
15:15:13.0623 0x16fcc  [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:15:13.0682 0x16fcc  RtHDVBg - ok
15:15:13.0763 0x16fcc  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
15:15:13.0822 0x16fcc  MSC - ok
15:15:13.0969 0x16fcc  [ 0EF158D0E8D2B6D18E0486A5A2034D70, E20E98D22ED4627AAE7DAA8E6FE7A6D74453C584DB06EFB8C2446AF68C333B0D ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:15:14.0056 0x16fcc  SynTPEnh - ok
15:15:14.0128 0x16fcc  [ 6DA9D353F7EF296B1F886ABA36A489F9, 4014DEF65E650A60437079F1DF8C82CEE4AA9C29F02205C97A1D55A4BDDFFE6D ] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
15:15:14.0180 0x16fcc  IntelWirelessWiMAX - ok
15:15:14.0303 0x16fcc  [ 13F7CF5BC56BB7D6D646545F760D75D2, 5D6A44602788C920EFD080F57DF05E50A1D273A57BF1C991EF46FE1E08AA5A8D ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
15:15:14.0376 0x16fcc  IntelWireless - ok
15:15:14.0417 0x16fcc  [ 62C16443C5997CD83DC382720F07C255, 89EFBCFADA01B431F4CC19AB2EFC5E56288A17BC9FB15A1209A0CBFE44B8D022 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
15:15:14.0436 0x16fcc  Acronis Scheduler2 Service - ok
15:15:14.0505 0x16fcc  [ CE6892CF204645111347E008CC8C99DB, 994CBFB691E973788C682C3DE491DEC2F756C5FBB2650524B9B9A912F04976C1 ] c:\program files (x86)\common files\nikon\monitor\nkmonitor.exe
15:15:14.0529 0x16fcc  Nikon Transfer Monitor - ok
15:15:14.0626 0x16fcc  [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
15:15:14.0652 0x16fcc  FreeFallProtection - ok
15:15:14.0800 0x16fcc  [ 85D827C06417E156337AEE72DEBAF9D6, FA366A24A818E3EB217ECF1E966F658C370EBEFE2B9A5F5B14AE59DD9A2D36F5 ] c:\program files (x86)\myheritage\bin\ftbcheckupdates.exe
15:15:14.0891 0x16fcc  Family Tree Builder Update - ok
15:15:15.0012 0x16fcc  [ 263DF54E9C61C401FD7FF29A3DA1FDFB, 6F3E594EB3468B1825F510512F5BF7BC2C63CD44887AADB8F4C16600B0633641 ] c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe
15:15:15.0037 0x16fcc  Desktop Disc Tool - ok
15:15:15.0131 0x16fcc  [ 30293898C1A9DFBCFE38EB6A2F7D555A, 467B0BE56B0CF06607C5C0EAE4D4703810A2E65D4137CEB6ECA581E4E848CA70 ] c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe
15:15:15.0152 0x16fcc  Dell Webcam Central - ok
15:15:15.0384 0x16fcc  [ D560554BAE63D2A18197B7D2B5DA045B, 2BC9256C5759070DCF970F8F39297F9A7A804BD845A49BD3DE66A7305E307C06 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
15:15:15.0509 0x16fcc  EKStatusMonitor - ok
15:15:15.0627 0x16fcc  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
15:15:15.0638 0x16fcc  TkBellExe - ok
15:15:15.0732 0x16fcc  [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
15:15:15.0735 0x16fcc  PDVD9LanguageShortcut - ok
15:15:15.0798 0x16fcc  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
15:15:15.0821 0x16fcc  IAStorIcon - ok
15:15:16.0088 0x16fcc  [ EF103848F8E303AEDA8BD85CDAC17937, 2C2D800D09F55B4EEEAB301D33358AE473BD0E58E58A33E07FCDF925188C8178 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
15:15:16.0310 0x16fcc  TrueImageMonitor.exe - ok
15:15:16.0376 0x16fcc  [ 4BD76EC239156BD2E458DEC69E20F6A8, FB7CD3A833B06D0EA6319E5EC7362FE87E9412E64637641467588034A6028D7F ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
15:15:16.0406 0x16fcc  AcronisTibMounterMonitor - ok
15:15:16.0577 0x16fcc  [ 4F2B6D05AFC4F680DFC2392EDA749493, 47688FDDBEBB464DA5BE1B3BF134791F5368B7FE2C7E4145FAAA6DD1F8BC516D ] C:\Users\DEBBYSDELL\Documents\Freecorder1\FLVSrvc.exe
15:15:16.0598 0x16fcc  Freecorder FLV Service - ok
15:15:16.0754 0x16fcc  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:15:16.0810 0x16fcc  QuickTime Task - ok
15:15:16.0954 0x16fcc  [ 74E6E1E62E35661679A6CAFF392B96E9, 03AB89AE3B205DDF31497FDECCFF9BA389892C3DAF05D0D408C2627FBA06164D ] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
15:15:17.0060 0x16fcc  EKIJ5000StatusMonitor - ok
15:15:17.0231 0x16fcc  [ 93D4E7E780D6A385FCC226D1596E0ACA, 2F079B84BBF289CF484745544AE084A9BA83FB398259FB3D0042EA7E9A0AABC0 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
15:15:17.0308 0x16fcc  Malwarebytes Anti-Exploit - ok
15:15:17.0344 0x16fcc  [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
15:15:17.0348 0x16fcc  RemoteControl9 - ok
15:15:17.0397 0x16fcc  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:15:17.0403 0x16fcc  iTunesHelper - ok
15:15:17.0467 0x16fcc  [ 26BD05327CC13D286210D7096640EF64, 666B1DC40C6F9DBCB3A742EBA9D62F2C248E9EAA0F15767EDED894478EF1FD27 ] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
15:15:17.0471 0x16fcc  FATrayAlert - ok
15:15:17.0530 0x16fcc  [ 545A3086C2101A465314537244F59BD2, ECFC908766B8722ADC189B6F72A7EC4233268BEB202DD3C150AC5A2A788DF8FE ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
15:15:17.0537 0x16fcc  BDRegion - ok
15:15:17.0611 0x16fcc  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:15:17.0613 0x16fcc  APSDaemon - ok
15:15:17.0744 0x16fcc  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:15:17.0797 0x16fcc  Adobe ARM - ok
15:15:17.0874 0x16fcc  [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:15:17.0878 0x16fcc  NUSB3MON - ok
15:15:18.0178 0x16fcc  [ D2DB27182DABB702260922BB42FA3326, 3F2F446582DF841BB656F346C9491BED7AF9D555538A80E80F0DA979A07EE071 ] C:\Program Files\CCleaner\CCleaner64.exe
15:15:18.0425 0x16fcc  CCleaner Monitoring - ok
15:15:18.0531 0x16fcc  [ D07DC842842F5563B3B01B9ED0420CBB, BD60685713510FF332E373758BB279E8CEC98D8C2239106A922E6C97AE5AA141 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
15:15:18.0556 0x16fcc  SmartRAM - ok
15:15:18.0667 0x16fcc  [ C13B42E5692C98A2660135E4BEB26A1A, 13E5B4BEAE604BDCD514A6A960D9FBC5927A8AD1BB1BD0EA0049BA1B7165D939 ] c:\users\debbysdell\appdata\roaming\sandisk\sansa updater\sansadispatch.exe
15:15:18.0686 0x16fcc  SansaDispatch - ok
15:15:18.0778 0x16fcc  [ 272634F0402717FC082B378618D4DB32, A8509D1FC9BEF27C84F3946D8B48B0F888657FA4ECF267CAA68F61257C36EC12 ] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk
15:15:18.0778 0x16fcc  MotoCast - ok
15:15:18.0881 0x16fcc  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
15:15:18.0882 0x16fcc  swg - ok
15:15:19.0006 0x16fcc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:15:19.0056 0x16fcc  Sidebar - ok
15:15:19.0098 0x16fcc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:15:19.0104 0x16fcc  mctadmin - ok
15:15:19.0157 0x16fcc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:15:19.0201 0x16fcc  Sidebar - ok
15:15:19.0212 0x16fcc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:15:19.0216 0x16fcc  mctadmin - ok
15:15:19.0217 0x16fcc  Waiting for KSN requests completion. In queue: 247
15:15:20.0217 0x16fcc  Waiting for KSN requests completion. In queue: 247
15:15:21.0217 0x16fcc  Waiting for KSN requests completion. In queue: 247
15:15:22.0217 0x16fcc  Waiting for KSN requests completion. In queue: 247
15:15:22.0818 0x15064  Object required for P2P: [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB
15:15:23.0217 0x16fcc  Waiting for KSN requests completion. In queue: 192
15:15:24.0217 0x16fcc  Waiting for KSN requests completion. In queue: 192
15:15:25.0217 0x16fcc  Waiting for KSN requests completion. In queue: 192
15:15:26.0217 0x16fcc  Waiting for KSN requests completion. In queue: 192
15:15:26.0246 0x15064  Object send P2P result: true
15:15:26.0246 0x15064  Object required for P2P: [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost
15:15:27.0218 0x16fcc  Waiting for KSN requests completion. In queue: 191
15:15:28.0218 0x16fcc  Waiting for KSN requests completion. In queue: 191
15:15:29.0218 0x16fcc  Waiting for KSN requests completion. In queue: 191
15:15:30.0218 0x16fcc  Waiting for KSN requests completion. In queue: 191
15:15:30.0322 0x15064  Object send P2P result: true
15:15:31.0218 0x16fcc  Waiting for KSN requests completion. In queue: 69
15:15:31.0367 0x93d0  Object send P2P result: false
15:15:32.0231 0x16fcc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
15:15:32.0235 0x16fcc  Win FW state via NFP2: disabled
15:15:35.0395 0x16fcc  ============================================================
15:15:35.0395 0x16fcc  Scan finished
15:15:35.0395 0x16fcc  ============================================================
15:15:35.0404 0x5c10  Detected object count: 0
15:15:35.0404 0x5c10  Actual detected object count: 0
15:16:56.0171 0x14934  Deinitialize success
 



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 04:48 PM

Hi Debby.

You can post it all together. Go ahead and post aswMBR then we will deal with IE. Still having issues with FF?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 07:07 PM

Hi again,

The slide over ads are still there put I did not see the youradexchange.com window open and I opened about 5 windows however a Windows pc supoort window opened on its own and it is not from MS but from someplace called securitylog.systems. I shut them all down again. Debby

Here is the aswMRB log.

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-02-10 16:02:49
-----------------------------
16:02:49.289    OS Version: Windows x64 6.1.7601 Service Pack 1
16:02:49.289    Number of processors: 8 586 0x1E05
16:02:49.290    ComputerName: DEBBYSDELL-PC  UserName: DEBBYSDELL
16:02:56.689    Initialize success
16:02:56.693    VM: initialized successfully
16:02:56.694    VM: Intel CPU supported
16:03:00.831    VM: disk I/O iaStorA.sys
16:32:11.089    AVAST engine defs: 15021001
16:51:19.702    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007f
16:51:19.705    Disk 0 Vendor: ATA_____ 1A01 Size: 715404MB BusType: 11
16:51:19.955    Disk 0 MBR read successfully
16:51:19.960    Disk 0 MBR scan
16:51:19.966    Disk 0 Windows 7 default MBR code
16:51:20.032    Disk 0 Partition 1 00     DE Dell Utility MSDOS5.0   133121 MB offset 2048
16:51:20.107    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 272633856
16:51:20.138    Disk 0 default boot code
16:51:20.201    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       567282 MB offset 303353856
16:51:20.358    Disk 0 scanning C:\Windows\system32\drivers
16:51:47.843    Service scanning
16:52:22.757    Modules scanning
16:52:22.771    Disk 0 trace - called modules:
16:52:22.821    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
16:52:22.828    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007f38060]
16:52:22.835    3 CLASSPNP.SYS[fffff88001f5143f] -> nt!IofCallDriver -> [0xfffffa8007d78930]
16:52:22.843    5 iaStorF.sys[fffff88002068168] -> nt!IofCallDriver -> \Device\0000007f[0xfffffa8007bb79c0]
16:52:25.046    AVAST engine scan C:\Windows
16:52:30.692    AVAST engine scan C:\Windows\system32
16:56:45.986    AVAST engine scan C:\Windows\system32\drivers
16:57:22.086    AVAST engine scan C:\Users\DEBBYSDELL
17:06:53.409    File: C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe  **INFECTED** Win32:Malware-gen
17:41:09.051    AVAST engine scan C:\ProgramData
17:54:11.460    Disk 0 statistics 6314000/0/0 @ 0.94 MB/s
17:54:11.471    Scan finished successfully
17:54:51.205    Disk 0 MBR has been saved successfully to "C:\Users\DEBBYSDELL\Desktop\MBR.dat"
17:54:51.212    The log file has been saved successfully to "C:\Users\DEBBYSDELL\Desktop\aswMBR.txt"

 



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:24 PM

Posted 10 February 2015 - 08:34 PM

Thanks Debby,

Do you get the slide ads only with the BleepingComputer web site?

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Ads?
  • Fixlog.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 PreciousMazie

PreciousMazie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:24 PM

Posted 10 February 2015 - 09:07 PM

No its not the only one, I get them on Amazon.com and any website where there is some text. Then I get the underlined words which are popup ads and on some sites there are both top and bottom banner ads and slide outs, to the point that you can hardly see the original website. So far the only ad I get on your site if I open it up in FF is the one for tech support with a phone number 1-844-261-5446 and some little ad that I can't see all of because of the tech support ad. The longer the web sites are opened the more ads slide out or pop up. I could send you a screen shot in an ms word doc if you like.

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by DEBBYSDELL at 2015-02-10 19:51:57 Run:3
Running from C:\Users\DEBBYSDELL\Desktop
Loaded Profiles: DEBBYSDELL (Available profiles: DEBBYSDELL & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web

*****************

C:\Users\DEBBYSDELL\AppData\Roaming\Booster-Web => Moved successfully.

==== End of Fixlog 19:51:57 ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users