Unable to Clean PC - Please Help

**Tomk_** · April 2, 2014

Aha.... I didn't notice before, but it would appear that some of the tools were ran on the Wayne account and some on Melanie. Let's see if we can get them equally clean.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it as fixlist.txt

Start
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION
SearchScopes: HKLM - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-06-2011
SearchScopes: HKCU - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-06-2011
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={25D99A8D-853E-425F-B221-3FC6FAD554AB}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=us&ds=AVG&pr=fr&d=2011-12-11 08:48:03&v=9.0.0.18&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {98d8c683-126b-4a29-816d-853af6e31c3f} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.co...id=80357&lng=en
FF Plugin-x32: @CelebSauce.com/Plugin - C:\Program Files (x86)\CelebSauce\bar\1.bin\NPkaStub.dll No File
FF Plugin-x32: @DictionaryBoss.com/Plugin - C:\Program Files (x86)\DictionaryBoss\bar\1.bin\NPv4Stub.dll No File
FF Extension: CelebSauce - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\kaffxtbr@CelebSauce.com [2014-02-27]
FF Extension: DictionaryBoss - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\v4ffxtbr@DictionaryBoss.com [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [kaffxtbr@CelebSauce.com] - C:\Program Files (x86)\CelebSauce\bar\1.bin
CHR DefaultSearchURL: http://isearch.avg.com/search?cid={6F5006E6-11C5-47C1-ACE4-0E369BEBFC99}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=en&ds=AVG&pr=fr&d=2013-04-13 11:56:51&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
2014-03-19 20:25 - 2013-02-05 22:57 - 00000000 ____D () C:\Users\Melanie\AppData\Local\DictionaryBoss
2014-03-19 20:21 - 2012-09-08 13:50 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CelebSauce
C:\Users\Melanie\AppData\Local\Temp\sbbsapw\ssnvdpb\wow.dll
end

.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

wkandravi · April 2, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Melanie at 2014-04-02 13:57:50 Run:1
Running from C:\Users\Melanie\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\AVG <====== ATTENTION
SearchScopes: HKLM - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-06-2011
SearchScopes: HKCU - {053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-06-2011
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={25D99A8D-853E-425F-B221-3FC6FAD554AB}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=us&ds=AVG&pr=fr&d=2011-12-11 08:48:03&v=9.0.0.18&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {98d8c683-126b-4a29-816d-853af6e31c3f} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2559647
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.co...id=80357&lng=en
FF Plugin-x32: @CelebSauce.com/Plugin - C:\Program Files (x86)\CelebSauce\bar\1.bin\NPkaStub.dll No File
FF Plugin-x32: @DictionaryBoss.com/Plugin - C:\Program Files (x86)\DictionaryBoss\bar\1.bin\NPv4Stub.dll No File
FF Extension: CelebSauce - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\kaffxtbr@CelebSauce.com [2014-02-27]
FF Extension: DictionaryBoss - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\v4ffxtbr@DictionaryBoss.com [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [kaffxtbr@CelebSauce.com] - C:\Program Files (x86)\CelebSauce\bar\1.bin
CHR DefaultSearchURL: http://isearch.avg.com/search?cid={6F5006E6-11C5-47C1-ACE4-0E369BEBFC99}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=en&ds=AVG&pr=fr&d=2013-04-13 11:56:51&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
2014-03-19 20:25 - 2013-02-05 22:57 - 00000000 ____D () C:\Users\Melanie\AppData\Local\DictionaryBoss
2014-03-19 20:21 - 2012-09-08 13:50 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CelebSauce
C:\Users\Melanie\AppData\Local\Temp\sbbsapw\ssnvdpb\wow.dll
end
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key deleted successfully.
HKCR\CLSID\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key deleted successfully.
HKCR\CLSID\{053A3BF2-AE78-4A18-9A27-E3A4EF0C6669} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key deleted successfully.
HKCR\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{98d8c683-126b-4a29-816d-853af6e31c3f} => Key deleted successfully.
HKCR\CLSID\{98d8c683-126b-4a29-816d-853af6e31c3f} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} => Key deleted successfully.
HKCR\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@CelebSauce.com/Plugin => Key deleted successfully.
C:\Program Files (x86)\CelebSauce\bar\1.bin\NPkaStub.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@DictionaryBoss.com/Plugin => Key deleted successfully.
C:\Program Files (x86)\DictionaryBoss\bar\1.bin\NPv4Stub.dll not found.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\kaffxtbr@CelebSauce.com => Moved successfully.
C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\Extensions\v4ffxtbr@DictionaryBoss.com => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\kaffxtbr@CelebSauce.com => Value deleted successfully.
CHR DefaultSearchURL: http://isearch.avg.com/search?cid={6F5006E6-11C5-47C1-ACE4-0E369BEBFC99}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=en&ds=AVG&pr=fr&d=2013-04-13 11:56:51&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Melanie\AppData\Local\DictionaryBoss => Moved successfully.
C:\Users\Melanie\AppData\Local\CelebSauce => Moved successfully.
C:\Users\Melanie\AppData\Local\Temp\sbbsapw\ssnvdpb\wow.dll => Moved successfully.

==== End of Fixlog ====

**Tomk_** · April 2, 2014

Great.

Now please run me new FRST logs again and update me how things seem to be running.

wkandravi · April 2, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Melanie (administrator) on MELANIE-PC on 02-04-2014 14:48:45
Running from C:\Users\Melanie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Lexmark International, Inc.) C:\Windows\system32\spool\DRIVERS\x64\3\lxdnserv.exe
( ) C:\Windows\system32\lxdncoms.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1269351362\ee\aolsoftware.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-04] (Realtek Semiconductor)
HKLM\...\Run: [PC-Doctor for Windows localizer] - C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [lxdnmon.exe] - "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
HKLM\...\Run: [lxdnamon] - C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe [16040 2010-02-04] ()
HKLM-x32\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [startCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [HostManager] - C:\Program Files (x86)\Common Files\AOL\1269351362\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
HKU\S-1-5-21-3804815134-1290454183-1668720314-1001\...\Run: [AOL Fast Start] - C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE [42320 2011-01-13] (AOL Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {260ED6E3-2E55-6908-9EF8-A818F9075963} URL = http://www.bing.com/search?q={searchTerms}&pc=Z211&form=ZGAIDF&install_date=20111121&iesrc={referrer:source}
SearchScopes: HKCU - {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = http://www.bing.com/search?q={searchTerms}&pc=Z192&form=ZGAIDF&install_date=20111001&iesrc={referrer:source}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\searchplugins\bing-zugo.xml
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jd4ubnk1.default\searchplugins\inbox-search.xml

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: isearch.avg.com
CHR DefaultSearchURL: http://isearch.avg.com/search?cid={6F5006E6-11C5-47C1-ACE4-0E369BEBFC99}&mid=377d47a3c3cbf0b2b24f6b573678ddbf-f39fbe528ad6a0039c512eff6c1b0a170ad1ab36&lang=en&ds=AVG&pr=fr&d=2013-04-13 11:56:51&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (HP Product Detection Plugin) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-07-04]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]

==================== Services (Whitelisted) =================

R2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
R2 lxdn_device; C:\Windows\SysWOW64\lxdncoms.exe [589824 2007-11-28] ( )
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [218432 2010-12-02] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-03-03] (AVG Technologies)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-02 14:48 - 2014-04-02 14:48 - 00010863 _____ () C:\Users\Melanie\Downloads\FRST.txt
2014-04-02 06:00 - 2014-04-02 06:01 - 00041508 _____ () C:\Users\Melanie\Desktop\FRST.txt
2014-04-02 06:00 - 2014-04-02 06:01 - 00041107 _____ () C:\Users\Melanie\Desktop\Addition.txt
2014-04-02 05:59 - 2014-04-02 14:48 - 00000000 ____D () C:\FRST
2014-04-02 05:59 - 2014-04-02 05:58 - 02157056 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-04-02 05:58 - 2014-04-02 05:58 - 02157056 _____ (Farbar) C:\Users\Melanie\Downloads\FRST64.exe
2014-04-01 22:40 - 2014-04-01 22:40 - 00016174 _____ () C:\ComboFix.txt
2014-04-01 21:58 - 2014-04-01 21:58 - 00000326 _____ () C:\Users\Melanie\Downloads\CFScript.txt
2014-04-01 20:24 - 2014-04-01 20:24 - 00016261 _____ () C:\ComboFix_OLD.txt
2014-04-01 18:53 - 2014-04-01 18:53 - 00006985 _____ () C:\Users\Melanie\Desktop\attach.txt
2014-04-01 18:53 - 2014-04-01 18:52 - 00010801 _____ () C:\Users\Melanie\Desktop\dds.txt
2014-04-01 16:59 - 2014-04-01 16:59 - 00000385 _____ () C:\Users\Wayne\Desktop\ESET_Scan.txt
2014-04-01 12:19 - 2014-04-01 12:19 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-01 11:59 - 2014-04-01 11:59 - 02347384 _____ (ESET) C:\Users\Wayne\Downloads\esetsmartinstaller_enu.exe
2014-04-01 05:40 - 2014-04-01 17:03 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForWayne.job
2014-04-01 05:40 - 2014-04-01 05:40 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForWayne
2014-03-31 22:21 - 2014-03-31 22:21 - 00015077 _____ () C:\Users\Wayne\Desktop\AdwCleaner[s0].txt
2014-03-31 22:15 - 2014-03-31 22:19 - 00000000 ____D () C:\AdwCleaner
2014-03-31 22:07 - 2014-03-31 22:07 - 00008160 _____ () C:\Users\Wayne\Desktop\JRT.txt
2014-03-31 21:57 - 2014-03-31 21:56 - 01950720 _____ () C:\Users\Wayne\Desktop\AdwCleaner.exe
2014-03-31 21:56 - 2014-03-31 21:56 - 01950720 _____ () C:\Users\Wayne\Downloads\AdwCleaner.exe
2014-03-31 21:56 - 2014-03-31 21:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-31 21:55 - 2014-03-31 21:55 - 01038974 _____ (Thisisu) C:\Users\Wayne\Downloads\JRT.exe
2014-03-31 21:55 - 2014-03-31 21:55 - 01038974 _____ (Thisisu) C:\Users\Wayne\Desktop\JRT.exe
2014-03-31 19:10 - 2014-03-31 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-31 17:06 - 2014-03-31 17:06 - 00000028 _____ () C:\Windows\SysWOW64\u
2014-03-31 16:09 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-31 16:09 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-31 16:09 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-31 16:09 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-31 16:09 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-31 16:09 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-31 16:09 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-31 16:09 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-31 16:07 - 2014-04-01 22:40 - 00000000 ____D () C:\Qoobox
2014-03-31 16:07 - 2014-03-31 17:24 - 00000000 ____D () C:\Windows\erdnt
2014-03-31 16:05 - 2014-03-31 16:05 - 00166454 _____ () C:\Users\Wayne\Desktop\TDSSKiller.3.0.0.26_31.03.2014_14.04.42_log.zip
2014-03-31 16:00 - 2014-03-31 16:00 - 05192353 ____R (Swearware) C:\Users\Wayne\Downloads\ComboFix.exe
2014-03-31 14:17 - 2014-03-31 14:17 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-31 13:48 - 2014-03-31 13:48 - 00000000 ____D () C:\Users\Wayne\Downloads\tdsskiller
2014-03-31 13:45 - 2014-03-31 13:45 - 04113320 _____ () C:\Users\Wayne\Downloads\tdsskiller.zip
2014-03-31 13:45 - 2014-03-31 13:45 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Wayne\Downloads\tdsskiller.exe
2014-03-31 11:43 - 2014-03-31 11:43 - 00015549 _____ () C:\Users\Wayne\Desktop\attach.txt
2014-03-31 11:43 - 2014-03-31 11:43 - 00014601 _____ () C:\Users\Wayne\Desktop\dds.txt
2014-03-31 11:39 - 2014-03-31 11:39 - 00688992 ____R (Swearware) C:\Users\Wayne\Downloads\dds.com
2014-03-30 23:50 - 2014-03-30 23:50 - 00001128 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-30 23:50 - 2014-03-30 23:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-30 23:49 - 2014-03-30 23:49 - 06088072 _____ (TeamViewer GmbH) C:\Users\Wayne\Downloads\TeamViewer_Setup_en.exe
2014-03-30 23:25 - 2014-03-30 23:25 - 00049448 _____ () C:\Users\Wayne\Desktop\SophosVirusRemovalTool.txt
2014-03-30 23:06 - 2014-03-30 23:06 - 00008747 _____ () C:\Users\Wayne\Desktop\hijackthis.txt
2014-03-30 21:39 - 2014-03-30 21:39 - 00000000 ____D () C:\Users\Wayne\Downloads\lspfix
2014-03-30 21:38 - 2014-03-30 21:38 - 00201030 _____ () C:\Users\Wayne\Downloads\lspfix.zip
2014-03-30 20:57 - 2014-03-30 20:57 - 00002975 _____ () C:\Users\Wayne\Desktop\HiJackThis.lnk
2014-03-30 20:57 - 2014-03-30 20:57 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-30 20:57 - 2014-03-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-30 20:52 - 2014-03-30 20:52 - 01402880 _____ () C:\Users\Wayne\Downloads\HijackThis.msi
2014-03-30 17:34 - 2014-03-30 20:57 - 00000000 ____D () C:\Users\Wayne\AppData\Local\VirtualStore
2014-03-30 15:52 - 2014-03-30 15:52 - 00003205 _____ () C:\Users\Wayne\Desktop\Sophos Virus Removal Tool.lnk
2014-03-30 15:52 - 2014-03-30 15:52 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-03-30 15:52 - 2014-03-30 15:52 - 00000000 ____D () C:\ProgramData\Sophos
2014-03-30 15:51 - 2014-03-30 15:51 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-03-30 15:50 - 2014-03-30 15:50 - 90072576 _____ (Sophos Limited) C:\Users\Wayne\Downloads\Sophos Virus Removal Tool.exe
2014-03-30 15:44 - 2014-03-30 15:44 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-30 15:44 - 2014-03-30 15:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 15:44 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-30 15:44 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-30 15:44 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-30 14:56 - 2014-03-30 14:56 - 04471880 _____ (AVG Technologies) C:\Users\Wayne\Downloads\avg_free_stb_all_2014_4354_cnet.exe
2014-03-30 14:34 - 2014-04-01 18:12 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 14:33 - 2014-03-30 14:33 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Wayne\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Macromedia
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Macromedia
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Local\CrashDumps
2014-03-30 14:32 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Mozilla
2014-03-30 14:32 - 2014-03-30 14:32 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Mozilla
2014-03-30 14:23 - 2014-03-30 14:23 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Adobe
2014-03-30 14:20 - 2014-03-30 14:21 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Avg2013
2014-03-30 14:20 - 2014-03-30 14:20 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\TuneUp Software
2014-03-30 14:19 - 2014-03-30 14:19 - 00000000 ____D () C:\Users\Wayne\AppData\Local\MFAData
2014-03-30 14:18 - 2014-03-30 14:18 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Malwarebytes
2014-03-30 14:15 - 2014-03-31 01:12 - 00089304 _____ () C:\Users\Wayne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 14:15 - 2014-03-30 14:15 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\ATI
2014-03-30 14:15 - 2014-03-30 14:15 - 00000000 ____D () C:\Users\Wayne\AppData\Local\ATI
2014-03-30 14:14 - 2014-03-30 15:45 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Hewlett-Packard
2014-03-30 14:14 - 2014-03-30 14:14 - 00001415 _____ () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-30 14:14 - 2014-03-30 14:14 - 00001409 _____ () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-30 14:14 - 2014-03-30 14:14 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Apple Computer
2014-03-30 14:14 - 2014-03-30 14:14 - 00000000 ____D () C:\Users\Wayne\AppData\Local\AOL
2014-03-30 14:13 - 2014-04-01 05:40 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Hewlett-Packard
2014-03-30 14:13 - 2014-03-30 14:14 - 00000000 ___RD () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 14:13 - 2014-03-30 14:14 - 00000000 ___RD () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-25 10:22 - 2014-03-25 10:22 - 00002966 _____ () C:\Windows\System32\Tasks\{97267662-1DD8-48AB-8227-DFB57AAEEFDE}
2014-03-25 10:21 - 2014-03-25 10:21 - 00002966 _____ () C:\Windows\System32\Tasks\{3D4AEE9A-C594-401C-95BE-FD7CFC33CFD2}
2014-03-24 14:33 - 2014-03-31 21:39 - 00000072 _____ () C:\Windows\system32\ozoi.xda
2014-03-24 14:22 - 2014-03-24 14:22 - 00000064 _____ () C:\Windows\system32\sflwj.dey
2014-03-24 14:22 - 2014-03-24 14:22 - 00000000 _____ () C:\Windows\system32\uhkq.mtu
2014-03-24 14:06 - 2014-03-24 14:06 - 00230894 ____S () C:\Windows\system32\boxn.xod

==================== One Month Modified Files and Folders =======

2014-04-02 14:48 - 2014-04-02 14:48 - 00010863 _____ () C:\Users\Melanie\Downloads\FRST.txt
2014-04-02 14:48 - 2014-04-02 05:59 - 00000000 ____D () C:\FRST
2014-04-02 14:43 - 2012-11-12 19:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 13:08 - 2010-01-26 15:21 - 01623638 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 12:36 - 2011-07-24 15:09 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForMelanie.job
2014-04-02 06:01 - 2014-04-02 06:00 - 00041508 _____ () C:\Users\Melanie\Desktop\FRST.txt
2014-04-02 06:01 - 2014-04-02 06:00 - 00041107 _____ () C:\Users\Melanie\Desktop\Addition.txt
2014-04-02 05:58 - 2014-04-02 05:59 - 02157056 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-04-02 05:58 - 2014-04-02 05:58 - 02157056 _____ (Farbar) C:\Users\Melanie\Downloads\FRST64.exe
2014-04-01 22:40 - 2014-04-01 22:40 - 00016174 _____ () C:\ComboFix.txt
2014-04-01 22:40 - 2014-03-31 16:07 - 00000000 ____D () C:\Qoobox
2014-04-01 22:38 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-01 21:58 - 2014-04-01 21:58 - 00000326 _____ () C:\Users\Melanie\Downloads\CFScript.txt
2014-04-01 20:25 - 2010-03-22 21:47 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CrashDumps
2014-04-01 20:24 - 2014-04-01 20:24 - 00016261 _____ () C:\ComboFix_OLD.txt
2014-04-01 18:53 - 2014-04-01 18:53 - 00006985 _____ () C:\Users\Melanie\Desktop\attach.txt
2014-04-01 18:52 - 2014-04-01 18:53 - 00010801 _____ () C:\Users\Melanie\Desktop\dds.txt
2014-04-01 18:12 - 2014-03-30 14:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 17:28 - 2010-03-25 12:36 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Mozilla
2014-04-01 17:10 - 2010-03-22 20:50 - 00000000 ___RD () C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-01 17:10 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-01 17:10 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-01 17:09 - 2010-03-22 20:49 - 00089304 _____ () C:\Users\Melanie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 17:07 - 2009-07-14 01:13 - 00783620 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 17:03 - 2014-04-01 05:40 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForWayne.job
2014-04-01 17:03 - 2012-09-03 16:03 - 00015295 _____ () C:\Windows\setupact.log
2014-04-01 17:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 17:02 - 2012-09-11 10:59 - 00153536 _____ () C:\Windows\PFRO.log
2014-04-01 16:59 - 2014-04-01 16:59 - 00000385 _____ () C:\Users\Wayne\Desktop\ESET_Scan.txt
2014-04-01 12:19 - 2014-04-01 12:19 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-01 11:59 - 2014-04-01 11:59 - 02347384 _____ (ESET) C:\Users\Wayne\Downloads\esetsmartinstaller_enu.exe
2014-04-01 05:40 - 2014-04-01 05:40 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForWayne
2014-04-01 05:40 - 2014-03-30 14:13 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Hewlett-Packard
2014-03-31 22:21 - 2014-03-31 22:21 - 00015077 _____ () C:\Users\Wayne\Desktop\AdwCleaner[s0].txt
2014-03-31 22:20 - 2012-07-10 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 22:19 - 2014-03-31 22:15 - 00000000 ____D () C:\AdwCleaner
2014-03-31 22:07 - 2014-03-31 22:07 - 00008160 _____ () C:\Users\Wayne\Desktop\JRT.txt
2014-03-31 21:56 - 2014-03-31 21:57 - 01950720 _____ () C:\Users\Wayne\Desktop\AdwCleaner.exe
2014-03-31 21:56 - 2014-03-31 21:56 - 01950720 _____ () C:\Users\Wayne\Downloads\AdwCleaner.exe
2014-03-31 21:56 - 2014-03-31 21:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-31 21:55 - 2014-03-31 21:55 - 01038974 _____ (Thisisu) C:\Users\Wayne\Downloads\JRT.exe
2014-03-31 21:55 - 2014-03-31 21:55 - 01038974 _____ (Thisisu) C:\Users\Wayne\Desktop\JRT.exe
2014-03-31 21:39 - 2014-03-24 14:33 - 00000072 _____ () C:\Windows\system32\ozoi.xda
2014-03-31 19:57 - 2014-03-30 14:32 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Mozilla
2014-03-31 19:11 - 2014-03-31 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-31 17:26 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-03-31 17:24 - 2014-03-31 16:07 - 00000000 ____D () C:\Windows\erdnt
2014-03-31 17:08 - 2013-04-13 11:37 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-31 17:06 - 2014-03-31 17:06 - 00000028 _____ () C:\Windows\SysWOW64\u
2014-03-31 16:05 - 2014-03-31 16:05 - 00166454 _____ () C:\Users\Wayne\Desktop\TDSSKiller.3.0.0.26_31.03.2014_14.04.42_log.zip
2014-03-31 16:00 - 2014-03-31 16:00 - 05192353 ____R (Swearware) C:\Users\Wayne\Downloads\ComboFix.exe
2014-03-31 14:17 - 2014-03-31 14:17 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-03-31 13:48 - 2014-03-31 13:48 - 00000000 ____D () C:\Users\Wayne\Downloads\tdsskiller
2014-03-31 13:45 - 2014-03-31 13:45 - 04113320 _____ () C:\Users\Wayne\Downloads\tdsskiller.zip
2014-03-31 13:45 - 2014-03-31 13:45 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Wayne\Downloads\tdsskiller.exe
2014-03-31 11:43 - 2014-03-31 11:43 - 00015549 _____ () C:\Users\Wayne\Desktop\attach.txt
2014-03-31 11:43 - 2014-03-31 11:43 - 00014601 _____ () C:\Users\Wayne\Desktop\dds.txt
2014-03-31 11:39 - 2014-03-31 11:39 - 00688992 ____R (Swearware) C:\Users\Wayne\Downloads\dds.com
2014-03-31 10:00 - 2010-03-22 23:24 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-03-31 01:12 - 2014-03-30 14:15 - 00089304 _____ () C:\Users\Wayne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-31 01:10 - 2009-07-14 00:45 - 00349416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-30 23:50 - 2014-03-30 23:50 - 00001128 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-30 23:50 - 2014-03-30 23:50 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-30 23:49 - 2014-03-30 23:49 - 06088072 _____ (TeamViewer GmbH) C:\Users\Wayne\Downloads\TeamViewer_Setup_en.exe
2014-03-30 23:49 - 2012-03-09 12:13 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-03-30 23:49 - 2012-03-09 12:13 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-03-30 23:25 - 2014-03-30 23:25 - 00049448 _____ () C:\Users\Wayne\Desktop\SophosVirusRemovalTool.txt
2014-03-30 23:06 - 2014-03-30 23:06 - 00008747 _____ () C:\Users\Wayne\Desktop\hijackthis.txt
2014-03-30 21:39 - 2014-03-30 21:39 - 00000000 ____D () C:\Users\Wayne\Downloads\lspfix
2014-03-30 21:38 - 2014-03-30 21:38 - 00201030 _____ () C:\Users\Wayne\Downloads\lspfix.zip
2014-03-30 20:57 - 2014-03-30 20:57 - 00002975 _____ () C:\Users\Wayne\Desktop\HiJackThis.lnk
2014-03-30 20:57 - 2014-03-30 20:57 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-30 20:57 - 2014-03-30 20:57 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-30 20:57 - 2014-03-30 17:34 - 00000000 ____D () C:\Users\Wayne\AppData\Local\VirtualStore
2014-03-30 20:52 - 2014-03-30 20:52 - 01402880 _____ () C:\Users\Wayne\Downloads\HijackThis.msi
2014-03-30 15:52 - 2014-03-30 15:52 - 00003205 _____ () C:\Users\Wayne\Desktop\Sophos Virus Removal Tool.lnk
2014-03-30 15:52 - 2014-03-30 15:52 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-03-30 15:52 - 2014-03-30 15:52 - 00000000 ____D () C:\ProgramData\Sophos
2014-03-30 15:51 - 2014-03-30 15:51 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-03-30 15:50 - 2014-03-30 15:50 - 90072576 _____ (Sophos Limited) C:\Users\Wayne\Downloads\Sophos Virus Removal Tool.exe
2014-03-30 15:45 - 2014-03-30 14:14 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Hewlett-Packard
2014-03-30 15:44 - 2014-03-30 15:44 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-30 15:44 - 2014-03-30 15:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 15:27 - 2010-03-23 22:31 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\WinBatch
2014-03-30 15:27 - 2010-03-23 09:37 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\AOL
2014-03-30 14:56 - 2014-03-30 14:56 - 04471880 _____ (AVG Technologies) C:\Users\Wayne\Downloads\avg_free_stb_all_2014_4354_cnet.exe
2014-03-30 14:33 - 2014-03-30 14:33 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Wayne\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Macromedia
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Macromedia
2014-03-30 14:33 - 2014-03-30 14:33 - 00000000 ____D () C:\Users\Wayne\AppData\Local\CrashDumps
2014-03-30 14:33 - 2013-07-04 14:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 14:32 - 2014-03-30 14:32 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Mozilla
2014-03-30 14:25 - 2012-06-29 11:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-30 14:23 - 2014-03-30 14:23 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Adobe
2014-03-30 14:21 - 2014-03-30 14:20 - 00000000 ____D () C:\Users\Wayne\AppData\Local\Avg2013
2014-03-30 14:20 - 2014-03-30 14:20 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\TuneUp Software
2014-03-30 14:19 - 2014-03-30 14:19 - 00000000 ____D () C:\Users\Wayne\AppData\Local\MFAData
2014-03-30 14:18 - 2014-03-30 14:18 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Malwarebytes
2014-03-30 14:15 - 2014-03-30 14:15 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\ATI
2014-03-30 14:15 - 2014-03-30 14:15 - 00000000 ____D () C:\Users\Wayne\AppData\Local\ATI
2014-03-30 14:14 - 2014-03-30 14:14 - 00001415 _____ () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-30 14:14 - 2014-03-30 14:14 - 00001409 _____ () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-30 14:14 - 2014-03-30 14:14 - 00000000 ____D () C:\Users\Wayne\AppData\Roaming\Apple Computer
2014-03-30 14:14 - 2014-03-30 14:14 - 00000000 ____D () C:\Users\Wayne\AppData\Local\AOL
2014-03-30 14:14 - 2014-03-30 14:13 - 00000000 ___RD () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 14:14 - 2014-03-30 14:13 - 00000000 ___RD () C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-30 14:13 - 2012-03-09 12:21 - 00000000 ____D () C:\Users\Wayne
2014-03-30 12:17 - 2013-03-14 06:49 - 00000055 _____ () C:\Users\Melanie\AppData\Roaming\mbam.context.scan
2014-03-25 10:22 - 2014-03-25 10:22 - 00002966 _____ () C:\Windows\System32\Tasks\{97267662-1DD8-48AB-8227-DFB57AAEEFDE}
2014-03-25 10:21 - 2014-03-25 10:21 - 00002966 _____ () C:\Windows\System32\Tasks\{3D4AEE9A-C594-401C-95BE-FD7CFC33CFD2}
2014-03-24 23:46 - 2010-03-22 20:41 - 00000000 ____D () C:\Users\Melanie
2014-03-24 23:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-24 23:44 - 2011-02-22 20:45 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.6
2014-03-24 23:44 - 2009-07-14 03:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-24 23:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-03-24 14:22 - 2014-03-24 14:22 - 00000064 _____ () C:\Windows\system32\sflwj.dey
2014-03-24 14:22 - 2014-03-24 14:22 - 00000000 _____ () C:\Windows\system32\uhkq.mtu
2014-03-24 14:06 - 2014-03-24 14:06 - 00230894 ____S () C:\Windows\system32\boxn.xod
2014-03-17 16:01 - 2014-01-30 20:07 - 00011862 _____ () C:\Users\Melanie\Documents\Walgreens credit sheet.xlr
2014-03-17 16:01 - 2014-01-10 16:24 - 00017750 _____ () C:\Users\Melanie\Documents\Wd0000022.wps
2014-03-17 16:01 - 2013-06-12 17:17 - 00000000 ____D () C:\Users\Melanie\Downloads\Careers Center - Wellness Ambassador_files
2014-03-17 16:01 - 2012-10-19 19:40 - 00000000 ____D () C:\Users\Melanie\Documents\Trail camera pic
2014-03-17 16:01 - 2012-10-19 19:39 - 06597462 _____ () C:\Users\Melanie\Documents\SUNP0029.zip
2014-03-17 16:01 - 2012-08-16 22:59 - 00000000 ____D () C:\Users\Melanie\Documents\to type letter JSC letterhead
2014-03-17 16:01 - 2011-10-31 10:15 - 00000000 ____D () C:\Users\Melanie\Documents\Slide3
2014-03-17 16:01 - 2011-09-11 20:36 - 00000000 ____D () C:\Users\Melanie\Downloads\Morrisville Kitchen makeover
2014-03-17 16:01 - 2011-09-11 20:22 - 00000000 ____D () C:\Users\Melanie\Downloads\Morrisville Bathroom redue
2014-03-17 16:00 - 2014-02-21 16:40 - 00299606 _____ () C:\Users\Melanie\Documents\LiveDatabaseArea.zip
2014-03-17 16:00 - 2014-02-21 16:40 - 00000000 ____D () C:\Users\Melanie\Documents\LiveDatabaseArea
2014-03-17 16:00 - 2014-01-28 20:32 - 00014166 _____ () C:\Users\Melanie\Documents\Bills resume 2013.wps
2014-03-17 16:00 - 2014-01-15 12:39 - 00010326 _____ () C:\Users\Melanie\Documents\michaels address.wps
2014-03-17 16:00 - 2013-01-20 14:54 - 00011350 _____ () C:\Users\Melanie\Documents\Channel list for Fios.wps
2014-03-17 16:00 - 2012-12-25 20:59 - 05112406 _____ () C:\Users\Melanie\Documents\Christmas at the Sweeneys 2012.zip
2014-03-17 16:00 - 2012-12-25 20:59 - 00000000 ____D () C:\Users\Melanie\Documents\IMG_0382
2014-03-17 16:00 - 2012-12-01 13:47 - 00010838 _____ () C:\Users\Melanie\Documents\michaels sayings.wps
2014-03-17 16:00 - 2012-05-20 06:13 - 01364054 _____ () C:\Users\Melanie\Documents\DSC00005.zip
2014-03-17 16:00 - 2012-02-06 20:17 - 00052566 _____ () C:\Users\Melanie\Documents\New est template for 2012.wps
2014-03-17 16:00 - 2011-10-17 07:24 - 00000000 ____D () C:\Users\Melanie\Documents\MELS STUFF
2014-03-17 16:00 - 2011-10-15 13:24 - 00020054 _____ () C:\Users\Melanie\Documents\2011 2012 Books for JSC.xlr
2014-03-17 16:00 - 2011-10-01 15:35 - 00012630 _____ () C:\Users\Melanie\Documents\JSC Flyer.wps
2014-03-17 16:00 - 2011-08-12 13:23 - 02341462 _____ () C:\Users\Melanie\Documents\ALReportFormInstructions.zip
2014-03-17 16:00 - 2011-08-12 13:23 - 00000000 ____D () C:\Users\Melanie\Documents\Angies List Review Form
2014-03-17 16:00 - 2011-04-16 14:29 - 00016214 _____ () C:\Users\Melanie\Documents\Jones and Sons Letter for angies list.wps
2014-03-17 16:00 - 2010-03-23 09:58 - 00024918 _____ () C:\Users\Melanie\Documents\Estimates for 2011.wps
2014-03-17 15:58 - 2014-02-27 21:21 - 00000000 ____D () C:\Users\Melanie\AppData\Local\AZFworks
2014-03-17 15:58 - 2012-06-08 19:14 - 00000000 ____D () C:\ProgramData\{80E49840-FEC9-4009-B2F2-83DD9B68A990}
2014-03-17 15:57 - 2011-06-03 17:00 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-17 15:52 - 2011-10-29 14:47 - 00000000 ____D () C:\Program Files (x86)\Stamps.com Internet Postage
2014-03-17 15:51 - 2012-07-27 08:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-17 15:51 - 2009-11-13 02:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-17 15:48 - 2010-08-23 20:08 - 00000000 ____D () C:\Program Files (x86)\Lexmark 2600 Series
2014-03-17 15:46 - 2012-07-27 08:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-17 15:44 - 2009-11-13 01:33 - 00000000 ____D () C:\Program Files (x86)\hp
2014-03-17 15:26 - 2011-10-01 12:22 - 00000000 ____D () C:\Program Files (x86)\Easy Flyer Creator 3.0
2014-03-17 15:02 - 2009-11-13 01:35 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-17 15:01 - 2010-03-23 09:35 - 00000000 ____D () C:\Program Files (x86)\AOL 9.5
2014-03-17 15:00 - 2009-11-13 01:58 - 00000000 ____D () C:\Program Files\PC-Doctor for Windows
2014-03-17 14:58 - 2012-07-27 08:53 - 00000000 ____D () C:\Program Files\iPod
2014-03-16 17:54 - 2011-10-30 21:47 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-16 17:54 - 2010-05-12 09:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-14 18:36 - 2011-07-24 15:09 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMelanie
2014-03-12 04:43 - 2012-11-12 19:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 04:43 - 2012-11-12 19:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 04:43 - 2011-06-03 17:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-06 19:28 - 2010-03-23 22:31 - 00000854 _____ () C:\FINIS_IT.TXT
2014-03-06 13:51 - 2010-03-22 20:56 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Adobe
2014-03-05 09:26 - 2014-03-30 15:44 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-30 15:44 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-30 15:44 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 01:22 - 2013-04-13 11:56 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-31 02:42

==================== End Of Log ============================

Still getting blank screens when logging into AOL Desktop

**Tomk_** · April 2, 2014

Still getting blank screens when logging into AOL Desktop

Hmm... I've heard of that in IE but haven't run into it in Firefox.

First off... try rebooting your system and verifying that problem still occurs.

Then Try rebuilding AOL adapter. Instructions can be found here: http://help.aol.com/help/microsites/microsite.do?cmd=displayKCPopup&docType=kc&externalId=15242

If no joy...

Try AOL quick restore. Instruction can be found here: http://help.aol.com/help/microsites/microsite.do?cmd=displayKCPopup&docType=kc&externalId=15524

If still no joy... let me know and I'll continue to research.

wkandravi · April 2, 2014

Trying to run Windows Update an get this. I already checked Windows Services an it is running. I restarted the service and restarted the machine to no avail. Still working on AOL issues as well.

Edited April 2, 2014 by wkandravi

**Tomk_** · April 2, 2014

Well, let's get a look at the update files.

Please download [url=http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/]Farbar Service Scanner[/url] and run it on the computer with the issue.

[*]Make sure all file options are checked.
[*]Press "Scan".
[*]It will create a log (FSS.txt) in the same directory the tool is run.
[*]Please copy and paste the log to your reply.
[/list]

wkandravi · April 2, 2014

Farbar Service Scanner Version: 25-02-2014
Ran by Melanie (administrator) on 02-04-2014 at 17:37:02
Running from "C:\Users\Melanie\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

**Tomk_** · April 3, 2014

That reports everything is OK with windows update.

Perhaps you could try update again?

wkandravi · April 3, 2014

No good... Aol still acting up and Win Update still failing to run.

**Tomk_** · April 3, 2014

Would you please look, using the Melanie account, in the downloads folder and see if you can find addition.txt. Please open it and post the information again. When you posted it originally it was incomplete.

wkandravi · April 3, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Melanie at 2014-04-02 06:00:41
Running from C:\Users\Melanie\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.4.6 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{EFAE7CBC-804C-6E01-ABD2-EB2127C23D4E}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2115 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Easy Flyer Creator 3.0 (HKLM-x32\...\{B07CB2BA-819B-41C5-BBE0-484A4C23972E}) (Version: 3.0.0 - Peridot Technologies)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.1.3317 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3601 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.2219 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.1.2219 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Product Detection (HKLM-x32\...\{ACAA0152-96A4-4D93-92F5-1B4728C3D984}) (Version: 11.15.0008 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.11.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
LogMeIn (HKLM-x32\...\{2BFDA78F-39F7-4537-9995-71424CFA88BB}) (Version: 4.1.2138 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL LLC) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper 2.0.40 Driver 4.8.0 (HKLM-x32\...\MotoHelper) (Version: 2.0.40 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 4.8.0 (Version: 4.8.0 - Motorola Inc.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5932 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
Stamps.com (x32 Version: 9.5.4.2264 - Stamps.com, Inc.) Hidden
Stamps.com Address Book Support for Common Harmony (x32 Version: 6.2.0.1488 - Stamps.com, Inc.) Hidden
Stamps.com Address Book Support for Outlook Express, Works, IE (x32 Version: 6.2.0.1488 - Stamps.com, Inc.) Hidden
Stamps.com support for Harmony (HKLM-x32\...\Stamps.com support for Harmony) (Version: - Stamps.com, Inc.)
Stamps.com support for Outlook Express, Works, IE (HKLM-x32\...\Stamps.com support for Outlook Express, Works, IE) (Version: - Stamps.com, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer)
Uninstall AOL Emergency Connect Utility 1.0 (HKLM-x32\...\AOL Emergency Connect Utility 1.0) (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.14 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {11170C28-5F2C-47DA-BFCE-08DC8755EAE4} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2B122AAA-1FEE-47A4-BB68-CB1CD668298D} - System32\Tasks\{CB05DAEA-7886-4216-85D7-87C89E54A941} => C:\Program Files (x86)\Lexmark 2600 Series\app4r.exe [2009-02-09] ()
Task: {2B72D0E6-8FB9-414E-810D-4C9961E8D400} - System32\Tasks\{7DA3712D-3CC5-4F2B-8EA5-378DDBE1036A} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2C5D66E8-FE38-4FF7-A4F4-8A0AAA0E21E0} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-12-02] ()
Task: {365DAB75-7EF0-40BC-8CA6-7407E7D0718B} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-12-02] ()
Task: {3696A577-03D9-487A-9B53-B8EDF7B9C8A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {500FD94E-BD85-4608-B16C-32FFD5E7F8A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {512E31B9-4A62-45BA-B2C5-3E1AADD7C3AA} - System32\Tasks\HPCeeScheduleForWayne => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {63619C7B-0ACC-40D4-9A2B-99FF19117FD7} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {898A5AD3-0DE8-49A7-A8C5-5C4A73AFB385} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-12-02] ()
Task: {A1F4755B-4758-452E-A8D9-DDDF4A37816A} - System32\Tasks\{433AFF5F-7AC7-474A-BCB6-544203D34E00} => C:\Users\Melanie\Desktop\cj2600en64.exe
Task: {A245A505-80DC-471A-9820-96AA813B25B6} - System32\Tasks\{97267662-1DD8-48AB-8227-DFB57AAEEFDE} => C:\Program Files (x86)\AOL Desktop 9.6\aol.exe [2011-01-13] (AOL Inc.)
Task: {A3F6B5A7-6544-4B35-A75F-826D26FFF80B} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {A635B109-5B3C-4D0A-BE3F-86250D53144F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {A8067D97-D205-4A8A-AB0E-E4B096B5A4BF} - System32\Tasks\HPCeeScheduleForMelanie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AFC7D586-A868-4330-ABDA-1288162F0308} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B93517CE-DEB5-4FEA-B692-AB1E2447FB73} - System32\Tasks\{B4CE35C0-1F00-49B5-AE6A-D430CF3729C6} => C:\Program Files (x86)\AOL Desktop 9.6\aol.exe [2011-01-13] (AOL Inc.)
Task: {CC195F16-88DC-4E53-8DB3-32CB9154A3FA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CDF86F74-C2BB-4A84-B3D1-C8DAC0E4AF30} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2010-12-02] ()
Task: {CFBE10F6-DDE1-40BF-B608-198E6D5AA6CA} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {D390549A-F5B5-4C12-87D0-D24E8415A97A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D63BF94B-E16A-4358-986E-5E2FD83DB812} - System32\Tasks\{3D4AEE9A-C594-401C-95BE-FD7CFC33CFD2} => C:\Program Files (x86)\AOL Desktop 9.6\aol.exe [2011-01-13] (AOL Inc.)
Task: {DEF7F4C5-68B0-40E9-AF6A-C7F9D120A016} - System32\Tasks\{25319CAE-31A0-49DB-B6A5-BF2B4F1430FF} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E6FDFBD4-0301-4315-B68B-946514E99127} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {ECBA321E-85B8-474C-8715-EB94810A2D96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F1847BE7-291C-45F7-8D0B-042D39CDC285} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {F5A62B7B-6D03-4429-B3CD-DC53690F079A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {FF4E689D-FA1B-4BAF-BC39-27E55D122051} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMelanie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForWayne.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2010-08-23 20:10 - 2009-08-13 12:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2014-03-30 23:51 - 2013-10-17 11:32 - 00020472 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2010-12-02 15:45 - 2010-12-02 15:45 - 00218432 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2010-12-02 15:45 - 2010-12-02 15:45 - 00664896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2009-06-08 20:45 - 2009-06-08 20:45 - 00098304 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-13 01:36 - 2009-11-13 01:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-01 20:49 - 2009-12-01 20:49 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-03-31 19:10 - 2014-03-31 19:11 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 04:43 - 2014-03-12 04:43 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AOL ACS => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: vToolbarUpdater => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1269351362\ee\AOLSoftware.exe
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: Itibiti.exe => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/02/2014 00:31:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/01/2014 09:59:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/01/2014 08:24:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001e3244
Faulting process id: 0x1e90
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 08:24:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002e3244
Faulting process id: 0x10a4
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 08:24:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00183244
Faulting process id: 0x2d98
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 08:24:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00073244
Faulting process id: 0x2a84
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 08:24:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00073244
Faulting process id: 0x2f84
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 08:24:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00223244
Faulting process id: 0x3304
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 07:56:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00183244
Faulting process id: 0x2894
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

Error: (04/01/2014 07:55:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore, version: 0.0.0.0, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00073244
Faulting process id: 0x2ac8
Faulting application start time: 0xiexplore0
Faulting application path: iexplore1
Faulting module path: iexplore2
Report Id: iexplore3

System errors:
=============
Error: (04/02/2014 02:38:47 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (04/01/2014 10:38:19 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/01/2014 10:29:48 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/01/2014 08:21:13 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/01/2014 08:03:22 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/01/2014 07:05:11 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/01/2014 06:43:55 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/01/2014 05:03:04 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/01/2014 05:03:04 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (04/01/2014 03:18:43 PM) (Source: atikmdag) (User: )
Description: Display is not active

Microsoft Office Sessions:
=========================
Error: (04/02/2014 00:31:09 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/01/2014 09:59:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wayne\Downloads\esetsmartinstaller_enu.exe

Error: (04/01/2014 08:24:57 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005001e32441e9001cf4e09f28d77b6c:\program files\internet explorer\iexploreunknown379cd1c4-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 08:24:40 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005002e324410a401cf4e0900960543c:\program files\internet explorer\iexploreunknown2dadbeca-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 08:24:40 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005001832442d9801cf4e092a218a98c:\program files\internet explorer\iexploreunknown2d7ff7cb-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 08:24:34 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005000732442a8401cf4e09dee468ccc:\program files\internet explorer\iexploreunknown2a4058b8-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 08:24:26 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005000732442f8401cf4e09d551312fc:\program files\internet explorer\iexploreunknown254db021-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 08:24:06 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c000000500223244330401cf4e095c800a09c:\program files\internet explorer\iexploreunknown196c6670-b9fd-11e3-ba04-00038a000015

Error: (04/01/2014 07:56:02 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c000000500183244289401cf4e059a73086ac:\program files\internet explorer\iexploreunknown2db538f8-b9f9-11e3-ba04-00038a000015

Error: (04/01/2014 07:55:25 PM) (Source: Application Error)(User: )
Description: iexplore0.0.0.04a5bc6b7unknown0.0.0.000000000c0000005000732442ac801cf4e059a68a81cc:\program files\internet explorer\iexploreunknown17cfcd22-b9f9-11e3-ba04-00038a000015

CodeIntegrity Errors:
===================================
Date: 2014-03-31 16:29:07.345
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-31 16:29:07.187
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-06 12:51:40.801
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\654818.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-06 12:51:40.645
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\654818.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 3838.43 MB
Available physical RAM: 2213.81 MB
Total Pagefile: 7675.05 MB
Available Pagefile: 5831.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:287.69 GB) (Free:226.28 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.3 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

==================== End Of Log ============================

**Tomk_** · April 3, 2014

Sorry that I've been so long responding. I've been working through several different approaches, and keep changing my mind as to what might be best. I've finally decided that I'd like to try "replowing" some of the ground that we've already been over. I'm working with the assumption that something along the way did not complete it's task.

So...

I'd like you to run TDSSKiller again.

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

wkandravi · April 4, 2014

20:23:37.0774 0x010c TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43

20:23:38.0148 0x010c ============================================================
20:23:38.0148 0x010c Current date / time: 2014/04/03 20:23:38.0148
20:23:38.0148 0x010c SystemInfo:
20:23:38.0148 0x010c
20:23:38.0148 0x010c OS Version: 6.1.7601 ServicePack: 1.0
20:23:38.0148 0x010c Product type: Workstation
20:23:38.0148 0x010c ComputerName: MELANIE-PC
20:23:38.0148 0x010c UserName: Melanie
20:23:38.0148 0x010c Windows directory: C:\Windows
20:23:38.0148 0x010c System windows directory: C:\Windows
20:23:38.0148 0x010c Running under WOW64
20:23:38.0148 0x010c Processor architecture: Intel x64
20:23:38.0148 0x010c Number of processors: 2
20:23:38.0148 0x010c Page size: 0x1000
20:23:38.0148 0x010c Boot type: Normal boot
20:23:38.0148 0x010c ============================================================
20:23:38.0148 0x010c BG loaded
20:23:38.0569 0x010c System UUID: {933A77F4-53E5-BB79-B620-AB05622914F2}
20:23:39.0786 0x010c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:39.0817 0x010c ============================================================
20:23:39.0817 0x010c \Device\Harddisk0\DR0:
20:23:39.0833 0x010c MBR partitions:
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23F61000
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23F93800, BlocksNum 0x149A800
20:23:39.0833 0x010c ============================================================
20:23:40.0176 0x010c C: <-> \Device\Harddisk0\DR0\Partition2
20:23:40.0379 0x010c D: <-> \Device\Harddisk0\DR0\Partition3
20:23:40.0379 0x010c ============================================================
20:23:40.0379 0x010c Initialize success
20:23:40.0379 0x010c ============================================================
20:23:51.0644 0x0dd4 ============================================================
20:23:51.0644 0x0dd4 Scan started
20:23:51.0644 0x0dd4 Mode: Manual; SigCheck; TDLFS;
20:23:51.0644 0x0dd4 ============================================================
20:23:51.0644 0x0dd4 KSN ping started
20:23:54.0109 0x0dd4 KSN ping finished: true
20:23:55.0949 0x0dd4 ================ Scan system memory ========================
20:23:55.0949 0x0dd4 System memory - ok
20:23:55.0949 0x0dd4 ================ Scan services =============================
20:23:56.0261 0x0dd4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:23:56.0433 0x0dd4 1394ohci - ok
20:23:56.0495 0x0dd4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:23:56.0527 0x0dd4 ACPI - ok
20:23:56.0558 0x0dd4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:23:56.0620 0x0dd4 AcpiPmi - ok
20:23:56.0807 0x0dd4 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:56.0823 0x0dd4 AdobeFlashPlayerUpdateSvc - ok
20:23:56.0917 0x0dd4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:23:56.0963 0x0dd4 adp94xx - ok
20:23:57.0010 0x0dd4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:23:57.0041 0x0dd4 adpahci - ok
20:23:57.0073 0x0dd4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:23:57.0088 0x0dd4 adpu320 - ok
20:23:57.0135 0x0dd4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:23:57.0260 0x0dd4 AeLookupSvc - ok
20:23:57.0338 0x0dd4 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
20:23:57.0431 0x0dd4 AERTFilters - ok
20:23:57.0509 0x0dd4 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
20:23:57.0587 0x0dd4 AFD - ok
20:23:57.0634 0x0dd4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:23:57.0650 0x0dd4 agp440 - ok
20:23:57.0665 0x0dd4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:23:57.0728 0x0dd4 ALG - ok
20:23:57.0759 0x0dd4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:23:57.0775 0x0dd4 aliide - ok
20:23:57.0821 0x0dd4 [ F238BE4FA4E55EB67F17281FADF69851, 99BABE626502E431A0BBD7C57606E9FF2A0559355BE14B25870AF2889E773DDE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:23:57.0884 0x0dd4 AMD External Events Utility - ok
20:23:57.0884 0x0dd4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:23:57.0915 0x0dd4 amdide - ok
20:23:57.0962 0x0dd4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:23:58.0009 0x0dd4 AmdK8 - ok
20:23:58.0040 0x0dd4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:23:58.0071 0x0dd4 AmdPPM - ok
20:23:58.0102 0x0dd4 [ F747497A0EE5498F79B207F215B3D2D8, 9052AD0746CF9DC9DC811C49B639CFD4C96A3A0CDB02125E45148301D4DEEEA3 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:23:58.0118 0x0dd4 amdsata - ok
20:23:58.0165 0x0dd4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:23:58.0180 0x0dd4 amdsbs - ok
20:23:58.0196 0x0dd4 [ 2946D695E158615BAAA16248E63C7ADB, 059B261BF275CC8EE67453C80B1CDFBE17B383BC7DA22BD66F2CCD4D444D24C7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:23:58.0211 0x0dd4 amdxata - ok
20:23:58.0321 0x0dd4 [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
20:23:58.0367 0x0dd4 AOL ACS - ok
20:23:58.0414 0x0dd4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:23:58.0539 0x0dd4 AppID - ok
20:23:58.0586 0x0dd4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:23:58.0648 0x0dd4 AppIDSvc - ok
20:23:58.0679 0x0dd4 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
20:23:58.0742 0x0dd4 Appinfo - ok
20:23:58.0820 0x0dd4 [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:23:58.0835 0x0dd4 Apple Mobile Device - ok
20:23:58.0913 0x0dd4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:23:58.0929 0x0dd4 arc - ok
20:23:58.0945 0x0dd4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:23:58.0960 0x0dd4 arcsas - ok
20:23:59.0194 0x0dd4 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:23:59.0257 0x0dd4 aspnet_state - ok
20:23:59.0303 0x0dd4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:59.0381 0x0dd4 AsyncMac - ok
20:23:59.0444 0x0dd4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:23:59.0459 0x0dd4 atapi - ok
20:23:59.0537 0x0dd4 [ E0FABC10635C670BD7D89FD214A405D7, DB1A7755F38F92D1BFCBC8EC710CB997C1AEE88E4FD7461B0E2A7C1EF3D2F5E4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:23:59.0662 0x0dd4 athr - ok
20:24:00.0021 0x0dd4 [ 2DB9047AAC9D981F59CE06D04D70C4D8, 693BF867B01B3C0864B5228A2FB50DA779578E8359E98B139F703CF3538CF976 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:24:00.0364 0x0dd4 atikmdag - ok
20:24:00.0395 0x0dd4 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:24:00.0411 0x0dd4 AtiPcie - ok
20:24:00.0473 0x0dd4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:00.0567 0x0dd4 AudioEndpointBuilder - ok
20:24:00.0614 0x0dd4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:00.0692 0x0dd4 AudioSrv - ok
20:24:00.0739 0x0dd4 [ D23F69FA8C0C94C4FE57B57D50F6DB66, 36C4D2DCD5ADBA59411755DCB1DB3AE52F55C46EEE8C96DD0D0765AB61A4DCE1 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
20:24:00.0754 0x0dd4 avgtp - ok
20:24:00.0801 0x0dd4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:00.0895 0x0dd4 AxInstSV - ok
20:24:00.0957 0x0dd4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:24:01.0019 0x0dd4 b06bdrv - ok
20:24:01.0051 0x0dd4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:01.0097 0x0dd4 b57nd60a - ok
20:24:01.0175 0x0dd4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:01.0222 0x0dd4 BDESVC - ok
20:24:01.0222 0x0dd4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:01.0300 0x0dd4 Beep - ok
20:24:01.0363 0x0dd4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:24:01.0441 0x0dd4 BFE - ok
20:24:01.0503 0x0dd4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
20:24:01.0597 0x0dd4 BITS - ok
20:24:01.0628 0x0dd4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:24:01.0659 0x0dd4 blbdrive - ok
20:24:01.0753 0x0dd4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:01.0768 0x0dd4 Bonjour Service - ok
20:24:01.0831 0x0dd4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:01.0862 0x0dd4 bowser - ok
20:24:01.0877 0x0dd4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:24:01.0940 0x0dd4 BrFiltLo - ok
20:24:01.0955 0x0dd4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:24:01.0987 0x0dd4 BrFiltUp - ok
20:24:02.0033 0x0dd4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:24:02.0096 0x0dd4 BridgeMP - ok
20:24:02.0143 0x0dd4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:24:02.0189 0x0dd4 Browser - ok
20:24:02.0252 0x0dd4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:02.0299 0x0dd4 Brserid - ok
20:24:02.0314 0x0dd4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:02.0361 0x0dd4 BrSerWdm - ok
20:24:02.0377 0x0dd4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:02.0408 0x0dd4 BrUsbMdm - ok
20:24:02.0423 0x0dd4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:02.0455 0x0dd4 BrUsbSer - ok
20:24:02.0486 0x0dd4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:24:02.0533 0x0dd4 BTHMODEM - ok
20:24:02.0579 0x0dd4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:24:02.0642 0x0dd4 bthserv - ok
20:24:02.0673 0x0dd4 catchme - ok
20:24:02.0704 0x0dd4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:02.0782 0x0dd4 cdfs - ok
20:24:02.0845 0x0dd4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:24:02.0891 0x0dd4 cdrom - ok
20:24:02.0923 0x0dd4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:02.0985 0x0dd4 CertPropSvc - ok
20:24:03.0032 0x0dd4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:24:03.0063 0x0dd4 circlass - ok
20:24:03.0094 0x0dd4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:24:03.0125 0x0dd4 CLFS - ok
20:24:03.0188 0x0dd4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:03.0219 0x0dd4 clr_optimization_v2.0.50727_32 - ok
20:24:03.0250 0x0dd4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:03.0266 0x0dd4 clr_optimization_v2.0.50727_64 - ok
20:24:03.0375 0x0dd4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:03.0484 0x0dd4 clr_optimization_v4.0.30319_32 - ok
20:24:03.0547 0x0dd4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:03.0625 0x0dd4 clr_optimization_v4.0.30319_64 - ok
20:24:03.0687 0x0dd4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:24:03.0718 0x0dd4 CmBatt - ok
20:24:03.0749 0x0dd4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:03.0765 0x0dd4 cmdide - ok
20:24:03.0859 0x0dd4 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:03.0905 0x0dd4 CNG - ok
20:24:03.0937 0x0dd4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:24:03.0968 0x0dd4 Compbatt - ok
20:24:04.0015 0x0dd4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:04.0061 0x0dd4 CompositeBus - ok
20:24:04.0093 0x0dd4 COMSysApp - ok
20:24:04.0108 0x0dd4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:24:04.0124 0x0dd4 crcdisk - ok
20:24:04.0186 0x0dd4 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:04.0233 0x0dd4 CryptSvc - ok
20:24:04.0280 0x0dd4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:04.0373 0x0dd4 DcomLaunch - ok
20:24:04.0467 0x0dd4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:04.0545 0x0dd4 defragsvc - ok
20:24:04.0592 0x0dd4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:04.0670 0x0dd4 DfsC - ok
20:24:04.0732 0x0dd4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:04.0795 0x0dd4 Dhcp - ok
20:24:04.0826 0x0dd4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:24:04.0873 0x0dd4 discache - ok
20:24:04.0919 0x0dd4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:24:04.0935 0x0dd4 Disk - ok
20:24:04.0982 0x0dd4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:05.0044 0x0dd4 Dnscache - ok
20:24:05.0107 0x0dd4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:05.0200 0x0dd4 dot3svc - ok
20:24:05.0247 0x0dd4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:24:05.0309 0x0dd4 DPS - ok
20:24:05.0356 0x0dd4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:05.0387 0x0dd4 drmkaud - ok
20:24:05.0481 0x0dd4 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:05.0528 0x0dd4 DXGKrnl - ok
20:24:05.0575 0x0dd4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:05.0653 0x0dd4 EapHost - ok
20:24:06.0058 0x0dd4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:24:06.0277 0x0dd4 ebdrv - ok
20:24:06.0323 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
20:24:06.0370 0x0dd4 EFS - ok
20:24:06.0542 0x0dd4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:06.0651 0x0dd4 ehRecvr - ok
20:24:06.0667 0x0dd4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:24:06.0713 0x0dd4 ehSched - ok
20:24:06.0776 0x0dd4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:24:06.0823 0x0dd4 elxstor - ok
20:24:06.0854 0x0dd4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:06.0885 0x0dd4 ErrDev - ok
20:24:06.0932 0x0dd4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:24:07.0010 0x0dd4 EventSystem - ok
20:24:07.0103 0x0dd4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:07.0166 0x0dd4 exfat - ok
20:24:07.0228 0x0dd4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:07.0291 0x0dd4 fastfat - ok
20:24:07.0384 0x0dd4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:24:07.0447 0x0dd4 Fax - ok
20:24:07.0493 0x0dd4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:24:07.0509 0x0dd4 fdc - ok
20:24:07.0540 0x0dd4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:07.0603 0x0dd4 fdPHost - ok
20:24:07.0618 0x0dd4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:07.0681 0x0dd4 FDResPub - ok
20:24:07.0727 0x0dd4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:07.0743 0x0dd4 FileInfo - ok
20:24:07.0759 0x0dd4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:07.0821 0x0dd4 Filetrace - ok
20:24:07.0852 0x0dd4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:24:07.0868 0x0dd4 flpydisk - ok
20:24:07.0899 0x0dd4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:07.0930 0x0dd4 FltMgr - ok
20:24:07.0993 0x0dd4 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
20:24:08.0086 0x0dd4 FontCache - ok
20:24:08.0149 0x0dd4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:08.0164 0x0dd4 FontCache3.0.0.0 - ok
20:24:08.0180 0x0dd4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:08.0211 0x0dd4 FsDepends - ok
20:24:08.0258 0x0dd4 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:24:08.0273 0x0dd4 fssfltr - ok
20:24:08.0398 0x0dd4 [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:24:08.0492 0x0dd4 fsssvc - ok
20:24:08.0539 0x0dd4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:08.0570 0x0dd4 Fs_Rec - ok
20:24:08.0632 0x0dd4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:08.0679 0x0dd4 fvevol - ok
20:24:08.0726 0x0dd4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:24:08.0757 0x0dd4 gagp30kx - ok
20:24:08.0851 0x0dd4 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:24:08.0866 0x0dd4 GamesAppService - ok
20:24:08.0913 0x0dd4 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:24:08.0929 0x0dd4 GEARAspiWDM - ok
20:24:09.0007 0x0dd4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:09.0100 0x0dd4 gpsvc - ok
20:24:09.0147 0x0dd4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:09.0194 0x0dd4 hcw85cir - ok
20:24:09.0241 0x0dd4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:09.0272 0x0dd4 HDAudBus - ok
20:24:09.0287 0x0dd4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:24:09.0319 0x0dd4 HidBatt - ok
20:24:09.0350 0x0dd4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:24:09.0521 0x0dd4 HidBth - ok
20:24:09.0537 0x0dd4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:24:09.0568 0x0dd4 HidIr - ok
20:24:09.0584 0x0dd4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
20:24:09.0646 0x0dd4 hidserv - ok
20:24:09.0693 0x0dd4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:09.0709 0x0dd4 HidUsb - ok
20:24:09.0755 0x0dd4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:09.0818 0x0dd4 hkmsvc - ok
20:24:09.0865 0x0dd4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:09.0911 0x0dd4 HomeGroupListener - ok
20:24:09.0958 0x0dd4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:09.0989 0x0dd4 HomeGroupProvider - ok
20:24:10.0099 0x0dd4 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:24:10.0114 0x0dd4 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
20:24:13.0094 0x0dd4 Detect skipped due to KSN trusted
20:24:13.0094 0x0dd4 HP Support Assistant Service - ok
20:24:13.0234 0x0dd4 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:24:13.0312 0x0dd4 hpqwmiex - ok
20:24:13.0375 0x0dd4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:13.0406 0x0dd4 HpSAMD - ok
20:24:13.0577 0x0dd4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:13.0687 0x0dd4 HTTP - ok
20:24:13.0765 0x0dd4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:13.0780 0x0dd4 hwpolicy - ok
20:24:13.0827 0x0dd4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:13.0858 0x0dd4 i8042prt - ok
20:24:13.0905 0x0dd4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:13.0952 0x0dd4 iaStorV - ok
20:24:13.0999 0x0dd4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:14.0061 0x0dd4 idsvc - ok
20:24:14.0123 0x0dd4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:24:14.0139 0x0dd4 iirsp - ok
20:24:14.0264 0x0dd4 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:14.0357 0x0dd4 IKEEXT - ok
20:24:14.0482 0x0dd4 [ 430AAB6C09AF99D5BEB311795349E9DD, 5B4502BB9202B2DC59731BC4777755D770C380840B266C351940905DDB3E42BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:14.0591 0x0dd4 IntcAzAudAddService - ok
20:24:14.0623 0x0dd4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:14.0638 0x0dd4 intelide - ok
20:24:14.0669 0x0dd4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:14.0701 0x0dd4 intelppm - ok
20:24:14.0747 0x0dd4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:14.0810 0x0dd4 IPBusEnum - ok
20:24:14.0857 0x0dd4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:14.0950 0x0dd4 IpFilterDriver - ok
20:24:14.0997 0x0dd4 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:15.0106 0x0dd4 iphlpsvc - ok
20:24:15.0153 0x0dd4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:15.0200 0x0dd4 IPMIDRV - ok
20:24:15.0231 0x0dd4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:15.0309 0x0dd4 IPNAT - ok
20:24:15.0418 0x0dd4 [ A9AB99EE7D39725EAFEC82732D2B3271, 962F231608C36BA0B2EAE5981BB9BAC85B6CAA3A5F656D786B97D9B421A831A6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:24:15.0465 0x0dd4 iPod Service - ok
20:24:15.0512 0x0dd4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:15.0559 0x0dd4 IRENUM - ok
20:24:15.0590 0x0dd4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:15.0605 0x0dd4 isapnp - ok
20:24:15.0652 0x0dd4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:15.0683 0x0dd4 iScsiPrt - ok
20:24:15.0715 0x0dd4 [ 41E6C1F0F85F6F75E53A56DD6BF809AB, 7965AF5A28160E79D191A4D310D1C52CE9CAD1AE23AF83F51779CCE6A0B1F61F ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:24:15.0777 0x0dd4 JMCR - ok
20:24:15.0793 0x0dd4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:15.0824 0x0dd4 kbdclass - ok
20:24:15.0839 0x0dd4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:15.0886 0x0dd4 kbdhid - ok
20:24:15.0917 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
20:24:15.0949 0x0dd4 KeyIso - ok
20:24:15.0995 0x0dd4 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:16.0011 0x0dd4 KSecDD - ok
20:24:16.0042 0x0dd4 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:16.0073 0x0dd4 KSecPkg - ok
20:24:16.0089 0x0dd4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:16.0151 0x0dd4 ksthunk - ok
20:24:16.0214 0x0dd4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:16.0307 0x0dd4 KtmRm - ok
20:24:16.0354 0x0dd4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:24:16.0448 0x0dd4 LanmanServer - ok
20:24:16.0479 0x0dd4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:16.0573 0x0dd4 LanmanWorkstation - ok
20:24:16.0619 0x0dd4 [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:24:16.0651 0x0dd4 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:24:19.0225 0x0dd4 Detect skipped due to KSN trusted
20:24:19.0225 0x0dd4 LightScribeService - ok
20:24:19.0256 0x0dd4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:19.0349 0x0dd4 lltdio - ok
20:24:19.0396 0x0dd4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:19.0490 0x0dd4 lltdsvc - ok
20:24:19.0521 0x0dd4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:19.0599 0x0dd4 lmhosts - ok
20:24:19.0646 0x0dd4 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
20:24:19.0677 0x0dd4 lmimirr - ok
20:24:19.0708 0x0dd4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:24:19.0771 0x0dd4 LSI_FC - ok
20:24:19.0786 0x0dd4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:24:19.0833 0x0dd4 LSI_SAS - ok
20:24:19.0849 0x0dd4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:24:19.0911 0x0dd4 LSI_SAS2 - ok
20:24:19.0927 0x0dd4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:24:19.0973 0x0dd4 LSI_SCSI - ok
20:24:20.0005 0x0dd4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:20.0114 0x0dd4 luafv - ok
20:24:20.0192 0x0dd4 [ 4208B958E35F0E596AA241EFB664636B, 16848BA9052A58D03B420E2E803605CDE59D99E01691CA0FEA92EFE43CB8F318 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
20:24:20.0254 0x0dd4 lxdnCATSCustConnectService - ok
20:24:20.0285 0x0dd4 lxdn_device - ok
20:24:20.0317 0x0dd4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:20.0395 0x0dd4 Mcx2Svc - ok
20:24:20.0426 0x0dd4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:24:20.0457 0x0dd4 megasas - ok
20:24:20.0504 0x0dd4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:24:20.0566 0x0dd4 MegaSR - ok
20:24:20.0597 0x0dd4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:24:20.0691 0x0dd4 MMCSS - ok
20:24:20.0722 0x0dd4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:20.0816 0x0dd4 Modem - ok
20:24:20.0847 0x0dd4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:20.0925 0x0dd4 monitor - ok
20:24:20.0956 0x0dd4 [ A70BF78713B104C46C4E6E7858B6F02E, BB1625076B5126053816471D19981B3DD22D344183F69529811BF605138F34D5 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
20:24:21.0034 0x0dd4 motccgp - ok
20:24:21.0081 0x0dd4 [ D51E009BAEDA07EBC107D49D224C2414, F8EF80E91D67697337DD82FE0489448D2566C97C6B189BBBB4733B42BF26AB0C ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
20:24:21.0159 0x0dd4 motccgpfl - ok
20:24:21.0190 0x0dd4 [ 705568B735847B3304F9602834DEF733, 443D79EF206EB257058BA73364310F02DFD161BEF6B44CB1DAF398AC77F9590B ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
20:24:21.0237 0x0dd4 MotoHelper - ok
20:24:21.0268 0x0dd4 [ EBD05F60CAFC5BBA2602B8D7101082D3, 9144E1E7C4DD6150C0E97B4C628DE0216ED372062F5F0FB216C81CAF93DBBF07 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:24:21.0331 0x0dd4 MotoSwitchService - ok
20:24:21.0346 0x0dd4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:24:21.0393 0x0dd4 mouclass - ok
20:24:21.0440 0x0dd4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:24:21.0502 0x0dd4 mouhid - ok
20:24:21.0533 0x0dd4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:21.0596 0x0dd4 mountmgr - ok
20:24:21.0643 0x0dd4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:21.0721 0x0dd4 MozillaMaintenance - ok
20:24:21.0752 0x0dd4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:21.0783 0x0dd4 mpio - ok
20:24:21.0877 0x0dd4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:21.0955 0x0dd4 mpsdrv - ok
20:24:22.0018 0x0dd4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:22.0127 0x0dd4 MpsSvc - ok
20:24:22.0174 0x0dd4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:22.0252 0x0dd4 MRxDAV - ok
20:24:22.0299 0x0dd4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:22.0533 0x0dd4 mrxsmb - ok
20:24:22.0580 0x0dd4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:22.0658 0x0dd4 mrxsmb10 - ok
20:24:22.0673 0x0dd4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:22.0720 0x0dd4 mrxsmb20 - ok
20:24:22.0736 0x0dd4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:22.0782 0x0dd4 msahci - ok
20:24:22.0814 0x0dd4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:22.0860 0x0dd4 msdsm - ok
20:24:22.0892 0x0dd4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:22.0970 0x0dd4 MSDTC - ok
20:24:23.0002 0x0dd4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:23.0095 0x0dd4 Msfs - ok
20:24:23.0111 0x0dd4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:23.0220 0x0dd4 mshidkmdf - ok
20:24:23.0236 0x0dd4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:23.0283 0x0dd4 msisadrv - ok
20:24:23.0329 0x0dd4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:23.0423 0x0dd4 MSiSCSI - ok
20:24:23.0439 0x0dd4 msiserver - ok
20:24:23.0454 0x0dd4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:23.0548 0x0dd4 MSKSSRV - ok
20:24:23.0563 0x0dd4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:23.0657 0x0dd4 MSPCLOCK - ok
20:24:23.0688 0x0dd4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:23.0766 0x0dd4 MSPQM - ok
20:24:23.0829 0x0dd4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:23.0860 0x0dd4 MsRPC - ok
20:24:23.0891 0x0dd4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:23.0922 0x0dd4 mssmbios - ok
20:24:23.0953 0x0dd4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:24.0000 0x0dd4 MSTEE - ok
20:24:24.0016 0x0dd4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:24:24.0047 0x0dd4 MTConfig - ok
20:24:24.0094 0x0dd4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:24.0109 0x0dd4 Mup - ok
20:24:24.0172 0x0dd4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:24:24.0250 0x0dd4 napagent - ok
20:24:24.0281 0x0dd4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:24.0328 0x0dd4 NativeWifiP - ok
20:24:24.0406 0x0dd4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:24.0468 0x0dd4 NDIS - ok
20:24:24.0499 0x0dd4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:24.0546 0x0dd4 NdisCap - ok
20:24:24.0593 0x0dd4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:24.0640 0x0dd4 NdisTapi - ok
20:24:24.0687 0x0dd4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:24.0733 0x0dd4 Ndisuio - ok
20:24:24.0765 0x0dd4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:24.0827 0x0dd4 NdisWan - ok
20:24:24.0858 0x0dd4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:24.0921 0x0dd4 NDProxy - ok
20:24:24.0936 0x0dd4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:24.0999 0x0dd4 NetBIOS - ok
20:24:25.0045 0x0dd4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:25.0108 0x0dd4 NetBT - ok
20:24:25.0139 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
20:24:25.0155 0x0dd4 Netlogon - ok
20:24:25.0217 0x0dd4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:24:25.0295 0x0dd4 Netman - ok
20:24:25.0326 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0389 0x0dd4 NetMsmqActivator - ok
20:24:25.0420 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0435 0x0dd4 NetPipeActivator - ok
20:24:25.0482 0x0dd4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:24:25.0576 0x0dd4 netprofm - ok
20:24:25.0591 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0607 0x0dd4 NetTcpActivator - ok
20:24:25.0623 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0638 0x0dd4 NetTcpPortSharing - ok
20:24:25.0669 0x0dd4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:24:25.0701 0x0dd4 nfrd960 - ok
20:24:25.0747 0x0dd4 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:25.0810 0x0dd4 NlaSvc - ok
20:24:25.0841 0x0dd4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:25.0888 0x0dd4 Npfs - ok
20:24:25.0935 0x0dd4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:24:25.0981 0x0dd4 nsi - ok
20:24:25.0997 0x0dd4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:26.0038 0x0dd4 nsiproxy - ok
20:24:26.0147 0x0dd4 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:26.0257 0x0dd4 Ntfs - ok
20:24:26.0272 0x0dd4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:24:26.0319 0x0dd4 Null - ok
20:24:26.0366 0x0dd4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:26.0397 0x0dd4 nvraid - ok
20:24:26.0444 0x0dd4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:26.0459 0x0dd4 nvstor - ok
20:24:26.0491 0x0dd4&

wkandravi · April 4, 2014

20:23:37.0774 0x010c TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43

20:23:38.0148 0x010c ============================================================
20:23:38.0148 0x010c Current date / time: 2014/04/03 20:23:38.0148
20:23:38.0148 0x010c SystemInfo:
20:23:38.0148 0x010c
20:23:38.0148 0x010c OS Version: 6.1.7601 ServicePack: 1.0
20:23:38.0148 0x010c Product type: Workstation
20:23:38.0148 0x010c ComputerName: MELANIE-PC
20:23:38.0148 0x010c UserName: Melanie
20:23:38.0148 0x010c Windows directory: C:\Windows
20:23:38.0148 0x010c System windows directory: C:\Windows
20:23:38.0148 0x010c Running under WOW64
20:23:38.0148 0x010c Processor architecture: Intel x64
20:23:38.0148 0x010c Number of processors: 2
20:23:38.0148 0x010c Page size: 0x1000
20:23:38.0148 0x010c Boot type: Normal boot
20:23:38.0148 0x010c ============================================================
20:23:38.0148 0x010c BG loaded
20:23:38.0569 0x010c System UUID: {933A77F4-53E5-BB79-B620-AB05622914F2}
20:23:39.0786 0x010c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:39.0817 0x010c ============================================================
20:23:39.0817 0x010c \Device\Harddisk0\DR0:
20:23:39.0833 0x010c MBR partitions:
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23F61000
20:23:39.0833 0x010c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23F93800, BlocksNum 0x149A800
20:23:39.0833 0x010c ============================================================
20:23:40.0176 0x010c C: <-> \Device\Harddisk0\DR0\Partition2
20:23:40.0379 0x010c D: <-> \Device\Harddisk0\DR0\Partition3
20:23:40.0379 0x010c ============================================================
20:23:40.0379 0x010c Initialize success
20:23:40.0379 0x010c ============================================================
20:23:51.0644 0x0dd4 ============================================================
20:23:51.0644 0x0dd4 Scan started
20:23:51.0644 0x0dd4 Mode: Manual; SigCheck; TDLFS;
20:23:51.0644 0x0dd4 ============================================================
20:23:51.0644 0x0dd4 KSN ping started
20:23:54.0109 0x0dd4 KSN ping finished: true
20:23:55.0949 0x0dd4 ================ Scan system memory ========================
20:23:55.0949 0x0dd4 System memory - ok
20:23:55.0949 0x0dd4 ================ Scan services =============================
20:23:56.0261 0x0dd4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:23:56.0433 0x0dd4 1394ohci - ok
20:23:56.0495 0x0dd4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:23:56.0527 0x0dd4 ACPI - ok
20:23:56.0558 0x0dd4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:23:56.0620 0x0dd4 AcpiPmi - ok
20:23:56.0807 0x0dd4 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:56.0823 0x0dd4 AdobeFlashPlayerUpdateSvc - ok
20:23:56.0917 0x0dd4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:23:56.0963 0x0dd4 adp94xx - ok
20:23:57.0010 0x0dd4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:23:57.0041 0x0dd4 adpahci - ok
20:23:57.0073 0x0dd4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:23:57.0088 0x0dd4 adpu320 - ok
20:23:57.0135 0x0dd4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:23:57.0260 0x0dd4 AeLookupSvc - ok
20:23:57.0338 0x0dd4 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
20:23:57.0431 0x0dd4 AERTFilters - ok
20:23:57.0509 0x0dd4 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
20:23:57.0587 0x0dd4 AFD - ok
20:23:57.0634 0x0dd4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:23:57.0650 0x0dd4 agp440 - ok
20:23:57.0665 0x0dd4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:23:57.0728 0x0dd4 ALG - ok
20:23:57.0759 0x0dd4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:23:57.0775 0x0dd4 aliide - ok
20:23:57.0821 0x0dd4 [ F238BE4FA4E55EB67F17281FADF69851, 99BABE626502E431A0BBD7C57606E9FF2A0559355BE14B25870AF2889E773DDE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:23:57.0884 0x0dd4 AMD External Events Utility - ok
20:23:57.0884 0x0dd4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:23:57.0915 0x0dd4 amdide - ok
20:23:57.0962 0x0dd4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:23:58.0009 0x0dd4 AmdK8 - ok
20:23:58.0040 0x0dd4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:23:58.0071 0x0dd4 AmdPPM - ok
20:23:58.0102 0x0dd4 [ F747497A0EE5498F79B207F215B3D2D8, 9052AD0746CF9DC9DC811C49B639CFD4C96A3A0CDB02125E45148301D4DEEEA3 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:23:58.0118 0x0dd4 amdsata - ok
20:23:58.0165 0x0dd4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:23:58.0180 0x0dd4 amdsbs - ok
20:23:58.0196 0x0dd4 [ 2946D695E158615BAAA16248E63C7ADB, 059B261BF275CC8EE67453C80B1CDFBE17B383BC7DA22BD66F2CCD4D444D24C7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:23:58.0211 0x0dd4 amdxata - ok
20:23:58.0321 0x0dd4 [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
20:23:58.0367 0x0dd4 AOL ACS - ok
20:23:58.0414 0x0dd4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:23:58.0539 0x0dd4 AppID - ok
20:23:58.0586 0x0dd4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:23:58.0648 0x0dd4 AppIDSvc - ok
20:23:58.0679 0x0dd4 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
20:23:58.0742 0x0dd4 Appinfo - ok
20:23:58.0820 0x0dd4 [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:23:58.0835 0x0dd4 Apple Mobile Device - ok
20:23:58.0913 0x0dd4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:23:58.0929 0x0dd4 arc - ok
20:23:58.0945 0x0dd4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:23:58.0960 0x0dd4 arcsas - ok
20:23:59.0194 0x0dd4 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:23:59.0257 0x0dd4 aspnet_state - ok
20:23:59.0303 0x0dd4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:59.0381 0x0dd4 AsyncMac - ok
20:23:59.0444 0x0dd4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:23:59.0459 0x0dd4 atapi - ok
20:23:59.0537 0x0dd4 [ E0FABC10635C670BD7D89FD214A405D7, DB1A7755F38F92D1BFCBC8EC710CB997C1AEE88E4FD7461B0E2A7C1EF3D2F5E4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:23:59.0662 0x0dd4 athr - ok
20:24:00.0021 0x0dd4 [ 2DB9047AAC9D981F59CE06D04D70C4D8, 693BF867B01B3C0864B5228A2FB50DA779578E8359E98B139F703CF3538CF976 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:24:00.0364 0x0dd4 atikmdag - ok
20:24:00.0395 0x0dd4 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:24:00.0411 0x0dd4 AtiPcie - ok
20:24:00.0473 0x0dd4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:00.0567 0x0dd4 AudioEndpointBuilder - ok
20:24:00.0614 0x0dd4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:00.0692 0x0dd4 AudioSrv - ok
20:24:00.0739 0x0dd4 [ D23F69FA8C0C94C4FE57B57D50F6DB66, 36C4D2DCD5ADBA59411755DCB1DB3AE52F55C46EEE8C96DD0D0765AB61A4DCE1 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
20:24:00.0754 0x0dd4 avgtp - ok
20:24:00.0801 0x0dd4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:00.0895 0x0dd4 AxInstSV - ok
20:24:00.0957 0x0dd4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:24:01.0019 0x0dd4 b06bdrv - ok
20:24:01.0051 0x0dd4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:01.0097 0x0dd4 b57nd60a - ok
20:24:01.0175 0x0dd4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:01.0222 0x0dd4 BDESVC - ok
20:24:01.0222 0x0dd4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:01.0300 0x0dd4 Beep - ok
20:24:01.0363 0x0dd4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:24:01.0441 0x0dd4 BFE - ok
20:24:01.0503 0x0dd4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
20:24:01.0597 0x0dd4 BITS - ok
20:24:01.0628 0x0dd4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:24:01.0659 0x0dd4 blbdrive - ok
20:24:01.0753 0x0dd4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:01.0768 0x0dd4 Bonjour Service - ok
20:24:01.0831 0x0dd4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:01.0862 0x0dd4 bowser - ok
20:24:01.0877 0x0dd4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:24:01.0940 0x0dd4 BrFiltLo - ok
20:24:01.0955 0x0dd4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:24:01.0987 0x0dd4 BrFiltUp - ok
20:24:02.0033 0x0dd4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:24:02.0096 0x0dd4 BridgeMP - ok
20:24:02.0143 0x0dd4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:24:02.0189 0x0dd4 Browser - ok
20:24:02.0252 0x0dd4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:02.0299 0x0dd4 Brserid - ok
20:24:02.0314 0x0dd4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:02.0361 0x0dd4 BrSerWdm - ok
20:24:02.0377 0x0dd4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:02.0408 0x0dd4 BrUsbMdm - ok
20:24:02.0423 0x0dd4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:02.0455 0x0dd4 BrUsbSer - ok
20:24:02.0486 0x0dd4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:24:02.0533 0x0dd4 BTHMODEM - ok
20:24:02.0579 0x0dd4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:24:02.0642 0x0dd4 bthserv - ok
20:24:02.0673 0x0dd4 catchme - ok
20:24:02.0704 0x0dd4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:02.0782 0x0dd4 cdfs - ok
20:24:02.0845 0x0dd4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:24:02.0891 0x0dd4 cdrom - ok
20:24:02.0923 0x0dd4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:02.0985 0x0dd4 CertPropSvc - ok
20:24:03.0032 0x0dd4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:24:03.0063 0x0dd4 circlass - ok
20:24:03.0094 0x0dd4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:24:03.0125 0x0dd4 CLFS - ok
20:24:03.0188 0x0dd4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:03.0219 0x0dd4 clr_optimization_v2.0.50727_32 - ok
20:24:03.0250 0x0dd4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:03.0266 0x0dd4 clr_optimization_v2.0.50727_64 - ok
20:24:03.0375 0x0dd4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:03.0484 0x0dd4 clr_optimization_v4.0.30319_32 - ok
20:24:03.0547 0x0dd4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:03.0625 0x0dd4 clr_optimization_v4.0.30319_64 - ok
20:24:03.0687 0x0dd4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:24:03.0718 0x0dd4 CmBatt - ok
20:24:03.0749 0x0dd4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:03.0765 0x0dd4 cmdide - ok
20:24:03.0859 0x0dd4 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:03.0905 0x0dd4 CNG - ok
20:24:03.0937 0x0dd4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:24:03.0968 0x0dd4 Compbatt - ok
20:24:04.0015 0x0dd4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:04.0061 0x0dd4 CompositeBus - ok
20:24:04.0093 0x0dd4 COMSysApp - ok
20:24:04.0108 0x0dd4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:24:04.0124 0x0dd4 crcdisk - ok
20:24:04.0186 0x0dd4 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:04.0233 0x0dd4 CryptSvc - ok
20:24:04.0280 0x0dd4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:04.0373 0x0dd4 DcomLaunch - ok
20:24:04.0467 0x0dd4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:04.0545 0x0dd4 defragsvc - ok
20:24:04.0592 0x0dd4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:04.0670 0x0dd4 DfsC - ok
20:24:04.0732 0x0dd4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:04.0795 0x0dd4 Dhcp - ok
20:24:04.0826 0x0dd4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:24:04.0873 0x0dd4 discache - ok
20:24:04.0919 0x0dd4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:24:04.0935 0x0dd4 Disk - ok
20:24:04.0982 0x0dd4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:05.0044 0x0dd4 Dnscache - ok
20:24:05.0107 0x0dd4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:05.0200 0x0dd4 dot3svc - ok
20:24:05.0247 0x0dd4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:24:05.0309 0x0dd4 DPS - ok
20:24:05.0356 0x0dd4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:05.0387 0x0dd4 drmkaud - ok
20:24:05.0481 0x0dd4 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:05.0528 0x0dd4 DXGKrnl - ok
20:24:05.0575 0x0dd4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:05.0653 0x0dd4 EapHost - ok
20:24:06.0058 0x0dd4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:24:06.0277 0x0dd4 ebdrv - ok
20:24:06.0323 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
20:24:06.0370 0x0dd4 EFS - ok
20:24:06.0542 0x0dd4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:06.0651 0x0dd4 ehRecvr - ok
20:24:06.0667 0x0dd4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:24:06.0713 0x0dd4 ehSched - ok
20:24:06.0776 0x0dd4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:24:06.0823 0x0dd4 elxstor - ok
20:24:06.0854 0x0dd4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:06.0885 0x0dd4 ErrDev - ok
20:24:06.0932 0x0dd4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:24:07.0010 0x0dd4 EventSystem - ok
20:24:07.0103 0x0dd4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:07.0166 0x0dd4 exfat - ok
20:24:07.0228 0x0dd4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:07.0291 0x0dd4 fastfat - ok
20:24:07.0384 0x0dd4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:24:07.0447 0x0dd4 Fax - ok
20:24:07.0493 0x0dd4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:24:07.0509 0x0dd4 fdc - ok
20:24:07.0540 0x0dd4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:07.0603 0x0dd4 fdPHost - ok
20:24:07.0618 0x0dd4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:07.0681 0x0dd4 FDResPub - ok
20:24:07.0727 0x0dd4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:07.0743 0x0dd4 FileInfo - ok
20:24:07.0759 0x0dd4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:07.0821 0x0dd4 Filetrace - ok
20:24:07.0852 0x0dd4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:24:07.0868 0x0dd4 flpydisk - ok
20:24:07.0899 0x0dd4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:07.0930 0x0dd4 FltMgr - ok
20:24:07.0993 0x0dd4 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
20:24:08.0086 0x0dd4 FontCache - ok
20:24:08.0149 0x0dd4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:08.0164 0x0dd4 FontCache3.0.0.0 - ok
20:24:08.0180 0x0dd4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:08.0211 0x0dd4 FsDepends - ok
20:24:08.0258 0x0dd4 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:24:08.0273 0x0dd4 fssfltr - ok
20:24:08.0398 0x0dd4 [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:24:08.0492 0x0dd4 fsssvc - ok
20:24:08.0539 0x0dd4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:08.0570 0x0dd4 Fs_Rec - ok
20:24:08.0632 0x0dd4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:08.0679 0x0dd4 fvevol - ok
20:24:08.0726 0x0dd4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:24:08.0757 0x0dd4 gagp30kx - ok
20:24:08.0851 0x0dd4 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:24:08.0866 0x0dd4 GamesAppService - ok
20:24:08.0913 0x0dd4 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:24:08.0929 0x0dd4 GEARAspiWDM - ok
20:24:09.0007 0x0dd4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:09.0100 0x0dd4 gpsvc - ok
20:24:09.0147 0x0dd4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:09.0194 0x0dd4 hcw85cir - ok
20:24:09.0241 0x0dd4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:09.0272 0x0dd4 HDAudBus - ok
20:24:09.0287 0x0dd4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:24:09.0319 0x0dd4 HidBatt - ok
20:24:09.0350 0x0dd4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:24:09.0521 0x0dd4 HidBth - ok
20:24:09.0537 0x0dd4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:24:09.0568 0x0dd4 HidIr - ok
20:24:09.0584 0x0dd4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
20:24:09.0646 0x0dd4 hidserv - ok
20:24:09.0693 0x0dd4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:09.0709 0x0dd4 HidUsb - ok
20:24:09.0755 0x0dd4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:09.0818 0x0dd4 hkmsvc - ok
20:24:09.0865 0x0dd4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:09.0911 0x0dd4 HomeGroupListener - ok
20:24:09.0958 0x0dd4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:09.0989 0x0dd4 HomeGroupProvider - ok
20:24:10.0099 0x0dd4 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:24:10.0114 0x0dd4 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
20:24:13.0094 0x0dd4 Detect skipped due to KSN trusted
20:24:13.0094 0x0dd4 HP Support Assistant Service - ok
20:24:13.0234 0x0dd4 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:24:13.0312 0x0dd4 hpqwmiex - ok
20:24:13.0375 0x0dd4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:13.0406 0x0dd4 HpSAMD - ok
20:24:13.0577 0x0dd4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:13.0687 0x0dd4 HTTP - ok
20:24:13.0765 0x0dd4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:13.0780 0x0dd4 hwpolicy - ok
20:24:13.0827 0x0dd4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:13.0858 0x0dd4 i8042prt - ok
20:24:13.0905 0x0dd4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:13.0952 0x0dd4 iaStorV - ok
20:24:13.0999 0x0dd4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:14.0061 0x0dd4 idsvc - ok
20:24:14.0123 0x0dd4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:24:14.0139 0x0dd4 iirsp - ok
20:24:14.0264 0x0dd4 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:14.0357 0x0dd4 IKEEXT - ok
20:24:14.0482 0x0dd4 [ 430AAB6C09AF99D5BEB311795349E9DD, 5B4502BB9202B2DC59731BC4777755D770C380840B266C351940905DDB3E42BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:14.0591 0x0dd4 IntcAzAudAddService - ok
20:24:14.0623 0x0dd4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:14.0638 0x0dd4 intelide - ok
20:24:14.0669 0x0dd4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:14.0701 0x0dd4 intelppm - ok
20:24:14.0747 0x0dd4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:14.0810 0x0dd4 IPBusEnum - ok
20:24:14.0857 0x0dd4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:14.0950 0x0dd4 IpFilterDriver - ok
20:24:14.0997 0x0dd4 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:15.0106 0x0dd4 iphlpsvc - ok
20:24:15.0153 0x0dd4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:15.0200 0x0dd4 IPMIDRV - ok
20:24:15.0231 0x0dd4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:15.0309 0x0dd4 IPNAT - ok
20:24:15.0418 0x0dd4 [ A9AB99EE7D39725EAFEC82732D2B3271, 962F231608C36BA0B2EAE5981BB9BAC85B6CAA3A5F656D786B97D9B421A831A6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:24:15.0465 0x0dd4 iPod Service - ok
20:24:15.0512 0x0dd4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:15.0559 0x0dd4 IRENUM - ok
20:24:15.0590 0x0dd4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:15.0605 0x0dd4 isapnp - ok
20:24:15.0652 0x0dd4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:15.0683 0x0dd4 iScsiPrt - ok
20:24:15.0715 0x0dd4 [ 41E6C1F0F85F6F75E53A56DD6BF809AB, 7965AF5A28160E79D191A4D310D1C52CE9CAD1AE23AF83F51779CCE6A0B1F61F ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:24:15.0777 0x0dd4 JMCR - ok
20:24:15.0793 0x0dd4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:15.0824 0x0dd4 kbdclass - ok
20:24:15.0839 0x0dd4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:15.0886 0x0dd4 kbdhid - ok
20:24:15.0917 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
20:24:15.0949 0x0dd4 KeyIso - ok
20:24:15.0995 0x0dd4 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:16.0011 0x0dd4 KSecDD - ok
20:24:16.0042 0x0dd4 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:16.0073 0x0dd4 KSecPkg - ok
20:24:16.0089 0x0dd4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:16.0151 0x0dd4 ksthunk - ok
20:24:16.0214 0x0dd4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:16.0307 0x0dd4 KtmRm - ok
20:24:16.0354 0x0dd4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:24:16.0448 0x0dd4 LanmanServer - ok
20:24:16.0479 0x0dd4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:16.0573 0x0dd4 LanmanWorkstation - ok
20:24:16.0619 0x0dd4 [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:24:16.0651 0x0dd4 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
20:24:19.0225 0x0dd4 Detect skipped due to KSN trusted
20:24:19.0225 0x0dd4 LightScribeService - ok
20:24:19.0256 0x0dd4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:19.0349 0x0dd4 lltdio - ok
20:24:19.0396 0x0dd4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:19.0490 0x0dd4 lltdsvc - ok
20:24:19.0521 0x0dd4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:19.0599 0x0dd4 lmhosts - ok
20:24:19.0646 0x0dd4 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
20:24:19.0677 0x0dd4 lmimirr - ok
20:24:19.0708 0x0dd4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:24:19.0771 0x0dd4 LSI_FC - ok
20:24:19.0786 0x0dd4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:24:19.0833 0x0dd4 LSI_SAS - ok
20:24:19.0849 0x0dd4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:24:19.0911 0x0dd4 LSI_SAS2 - ok
20:24:19.0927 0x0dd4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:24:19.0973 0x0dd4 LSI_SCSI - ok
20:24:20.0005 0x0dd4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:20.0114 0x0dd4 luafv - ok
20:24:20.0192 0x0dd4 [ 4208B958E35F0E596AA241EFB664636B, 16848BA9052A58D03B420E2E803605CDE59D99E01691CA0FEA92EFE43CB8F318 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
20:24:20.0254 0x0dd4 lxdnCATSCustConnectService - ok
20:24:20.0285 0x0dd4 lxdn_device - ok
20:24:20.0317 0x0dd4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:20.0395 0x0dd4 Mcx2Svc - ok
20:24:20.0426 0x0dd4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:24:20.0457 0x0dd4 megasas - ok
20:24:20.0504 0x0dd4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:24:20.0566 0x0dd4 MegaSR - ok
20:24:20.0597 0x0dd4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:24:20.0691 0x0dd4 MMCSS - ok
20:24:20.0722 0x0dd4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:20.0816 0x0dd4 Modem - ok
20:24:20.0847 0x0dd4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:20.0925 0x0dd4 monitor - ok
20:24:20.0956 0x0dd4 [ A70BF78713B104C46C4E6E7858B6F02E, BB1625076B5126053816471D19981B3DD22D344183F69529811BF605138F34D5 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
20:24:21.0034 0x0dd4 motccgp - ok
20:24:21.0081 0x0dd4 [ D51E009BAEDA07EBC107D49D224C2414, F8EF80E91D67697337DD82FE0489448D2566C97C6B189BBBB4733B42BF26AB0C ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
20:24:21.0159 0x0dd4 motccgpfl - ok
20:24:21.0190 0x0dd4 [ 705568B735847B3304F9602834DEF733, 443D79EF206EB257058BA73364310F02DFD161BEF6B44CB1DAF398AC77F9590B ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
20:24:21.0237 0x0dd4 MotoHelper - ok
20:24:21.0268 0x0dd4 [ EBD05F60CAFC5BBA2602B8D7101082D3, 9144E1E7C4DD6150C0E97B4C628DE0216ED372062F5F0FB216C81CAF93DBBF07 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:24:21.0331 0x0dd4 MotoSwitchService - ok
20:24:21.0346 0x0dd4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:24:21.0393 0x0dd4 mouclass - ok
20:24:21.0440 0x0dd4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:24:21.0502 0x0dd4 mouhid - ok
20:24:21.0533 0x0dd4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:21.0596 0x0dd4 mountmgr - ok
20:24:21.0643 0x0dd4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:21.0721 0x0dd4 MozillaMaintenance - ok
20:24:21.0752 0x0dd4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:21.0783 0x0dd4 mpio - ok
20:24:21.0877 0x0dd4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:21.0955 0x0dd4 mpsdrv - ok
20:24:22.0018 0x0dd4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:22.0127 0x0dd4 MpsSvc - ok
20:24:22.0174 0x0dd4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:22.0252 0x0dd4 MRxDAV - ok
20:24:22.0299 0x0dd4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:22.0533 0x0dd4 mrxsmb - ok
20:24:22.0580 0x0dd4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:22.0658 0x0dd4 mrxsmb10 - ok
20:24:22.0673 0x0dd4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:22.0720 0x0dd4 mrxsmb20 - ok
20:24:22.0736 0x0dd4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:22.0782 0x0dd4 msahci - ok
20:24:22.0814 0x0dd4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:22.0860 0x0dd4 msdsm - ok
20:24:22.0892 0x0dd4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:22.0970 0x0dd4 MSDTC - ok
20:24:23.0002 0x0dd4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:23.0095 0x0dd4 Msfs - ok
20:24:23.0111 0x0dd4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:23.0220 0x0dd4 mshidkmdf - ok
20:24:23.0236 0x0dd4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:23.0283 0x0dd4 msisadrv - ok
20:24:23.0329 0x0dd4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:23.0423 0x0dd4 MSiSCSI - ok
20:24:23.0439 0x0dd4 msiserver - ok
20:24:23.0454 0x0dd4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:23.0548 0x0dd4 MSKSSRV - ok
20:24:23.0563 0x0dd4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:23.0657 0x0dd4 MSPCLOCK - ok
20:24:23.0688 0x0dd4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:23.0766 0x0dd4 MSPQM - ok
20:24:23.0829 0x0dd4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:23.0860 0x0dd4 MsRPC - ok
20:24:23.0891 0x0dd4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:23.0922 0x0dd4 mssmbios - ok
20:24:23.0953 0x0dd4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:24.0000 0x0dd4 MSTEE - ok
20:24:24.0016 0x0dd4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:24:24.0047 0x0dd4 MTConfig - ok
20:24:24.0094 0x0dd4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:24.0109 0x0dd4 Mup - ok
20:24:24.0172 0x0dd4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:24:24.0250 0x0dd4 napagent - ok
20:24:24.0281 0x0dd4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:24.0328 0x0dd4 NativeWifiP - ok
20:24:24.0406 0x0dd4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:24.0468 0x0dd4 NDIS - ok
20:24:24.0499 0x0dd4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:24.0546 0x0dd4 NdisCap - ok
20:24:24.0593 0x0dd4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:24.0640 0x0dd4 NdisTapi - ok
20:24:24.0687 0x0dd4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:24.0733 0x0dd4 Ndisuio - ok
20:24:24.0765 0x0dd4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:24.0827 0x0dd4 NdisWan - ok
20:24:24.0858 0x0dd4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:24.0921 0x0dd4 NDProxy - ok
20:24:24.0936 0x0dd4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:24.0999 0x0dd4 NetBIOS - ok
20:24:25.0045 0x0dd4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:25.0108 0x0dd4 NetBT - ok
20:24:25.0139 0x0dd4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
20:24:25.0155 0x0dd4 Netlogon - ok
20:24:25.0217 0x0dd4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:24:25.0295 0x0dd4 Netman - ok
20:24:25.0326 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0389 0x0dd4 NetMsmqActivator - ok
20:24:25.0420 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0435 0x0dd4 NetPipeActivator - ok
20:24:25.0482 0x0dd4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:24:25.0576 0x0dd4 netprofm - ok
20:24:25.0591 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0607 0x0dd4 NetTcpActivator - ok
20:24:25.0623 0x0dd4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:25.0638 0x0dd4 NetTcpPortSharing - ok
20:24:25.0669 0x0dd4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:24:25.0701 0x0dd4 nfrd960 - ok
20:24:25.0747 0x0dd4 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:25.0810 0x0dd4 NlaSvc - ok
20:24:25.0841 0x0dd4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:25.0888 0x0dd4 Npfs - ok
20:24:25.0935 0x0dd4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:24:25.0981 0x0dd4 nsi - ok
20:24:25.0997 0x0dd4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:26.0038 0x0dd4 nsiproxy - ok
20:24:26.0147 0x0dd4 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:26.0257 0x0dd4 Ntfs - ok
20:24:26.0272 0x0dd4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:24:26.0319 0x0dd4 Null - ok
20:24:26.0366 0x0dd4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:26.0397 0x0dd4 nvraid - ok
20:24:26.0444 0x0dd4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:26.0459 0x0dd4 nvstor - ok
20:24:26.0491 0x0dd4&

wkandravi · April 4, 2014

Also found this issue. This happens no matter what picture format I try to open.

**Tomk_** · April 4, 2014

The TDSSKiller log is incomplete. Did you, perhaps, post the first "half" of the report twice?

wkandravi · April 4, 2014

It wouldn't let me post the full text so I'm attaching the log file. Sorry

TDSSKiller.3.0.0.26_03.04.2014_20.23.37_log.zip

**Tomk_** · April 4, 2014

Not a problem... that worked fine. The good news is that it didn't find anything... the bad news is we need to keep looking for the root of the evil.

Please download Malwarebytes Anti-Rootkit.
Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe.
Follow the instructions in the wizard to update and allow the programme to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
If threats were detected, perform another scan with MBAR to verify that no threats remain. If no threats were detected, there is no need to repeat the scan.
When done, please post the two logs produced. You will find them in the MBAR folder (mbar-log.txt and system-log.txt).

wkandravi · April 4, 2014

Here's those 2 logs. Said no threats found

mbar-log-2014-04-03 (21-45-28).txt

system-log.txt

**Tomk_** · April 4, 2014

Everything looks great. We should be able to comfortably assume that there are not rootkits hiding somewhere that were exposed by previous cleaning of the system.

Now, let's check the system files. These program will lead you through that as well as check standard settings.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Go to Step 4 and under "System Restore" click on Create button:

Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

wkandravi · April 4, 2014

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: MELANIE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Melanie
Current Profile SID: S-1-5-21-3804815134-1290454183-1668720314-1001
Current Profile Classes: S-1-5-21-3804815134-1290454183-1668720314-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Melanie\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:46:43

Process Count: 59
Commit Total: 1.30 GB
Commit Limit: 7.50 GB
Commit Peak: 1.48 GB
Handle Count: 16426
Kernel Total: 213.39 MB
Kernel Paged: 174.67 MB
Kernel Non Paged: 38.73 MB
System Cache: 1.23 GB
Thread Count: 732
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.75 GB
Memory Used: 1.09 GB(28.9835%)
Memory Avail.: 2.66 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.75 GB
Memory Used: 941.20 MB(24.5203%)
Memory Avail.: 2.83 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (4/4/2014 6:52:13 AM)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (4/4/2014 6:52:13 AM)
Running Repair Under Current User Account
Done (4/4/2014 6:52:17 AM)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (4/4/2014 6:52:17 AM)
Running Repair Under System Account
Done (4/4/2014 6:53:34 AM)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (4/4/2014 6:53:34 AM)
Running Repair Under System Account
Done (4/4/2014 6:54:26 AM)

02 - Reset File Permissions: C:
C: & Sub Folders
Start (4/4/2014 6:54:26 AM)
Running Repair Under System Account
Done (4/4/2014 7:00:16 AM)

02 - Reset File Permissions: D:
D: & Sub Folders
Start (4/4/2014 7:00:16 AM)
Running Repair Under System Account
Done (4/4/2014 7:00:27 AM)

02 - Reset File Permissions: All Profiles
C:\Users & Sub Folders
Start (4/4/2014 7:00:27 AM)
Running Repair Under System Account
Done (4/4/2014 7:00:50 AM)

02 - Reset File Permissions: Current Profile
C:\Users\Melanie & Sub Folders
Start (4/4/2014 7:00:50 AM)
Running Repair Under System Account
Done (4/4/2014 7:01:22 AM)

02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (4/4/2014 7:01:22 AM)
Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>
Reading the SD from <\\?\C:\Users\Default\Cookies> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Melanie\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Wayne\Documents\My Videos>

SetACL finished successfully.
Done (4/4/2014 7:01:29 AM)

03 - Register System Files
Start (4/4/2014 7:01:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:02:00 AM)

04 - Repair WMI
Start (4/4/2014 7:02:00 AM)
Running Repair Under Current User Account
Done (4/4/2014 7:05:28 AM)

05 - Repair Windows Firewall
Start (4/4/2014 7:05:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:06:10 AM)

06 - Repair Internet Explorer
Start (4/4/2014 7:06:10 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:06:53 AM)

07 - Repair MDAC/MS Jet
Start (4/4/2014 7:06:53 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:07:09 AM)

08 - Repair Hosts File
Start (4/4/2014 7:07:09 AM)
Running Repair Under System Account
Done (4/4/2014 7:07:11 AM)

09 - Remove Policies Set By Infections
Start (4/4/2014 7:07:11 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:07:16 AM)

11 - Repair Icons
Start (4/4/2014 7:07:16 AM)
Running Repair Under Current User Account
Done (4/4/2014 7:07:18 AM)

12 - Repair Winsock & DNS Cache
Start (4/4/2014 7:07:18 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:07:37 AM)

14 - Repair Proxy Settings
Start (4/4/2014 7:07:37 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:07:42 AM)

16 - Repair Windows Updates
Start (4/4/2014 7:07:42 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:07 AM)

17 - Repair CD/DVD Missing/Not Working
Start (4/4/2014 7:08:07 AM)
iTunes was found, adding UpperFilters for iTunes Reg Key
UpperFilters added?: True
Done (4/4/2014 7:08:07 AM)

18 - Repair Volume Shadow Copy Service
Start (4/4/2014 7:08:07 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:16 AM)

20 - Repair MSI (Windows Installer)
Start (4/4/2014 7:08:16 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:29 AM)

22.01 - Repair bat Association
Start (4/4/2014 7:08:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:33 AM)

22.02 - Repair cmd Association
Start (4/4/2014 7:08:33 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:38 AM)

22.03 - Repair com Association
Start (4/4/2014 7:08:38 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:43 AM)

22.04 - Repair Directory Association
Start (4/4/2014 7:08:43 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:47 AM)

22.05 - Repair Drive Association
Start (4/4/2014 7:08:47 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:52 AM)

22.06 - Repair exe Association
Start (4/4/2014 7:08:52 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:08:57 AM)

22.07 - Repair Folder Association
Start (4/4/2014 7:08:57 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:01 AM)

22.08 - Repair inf Association
Start (4/4/2014 7:09:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:06 AM)

22.09 - Repair lnk (Shortcuts) Association
Start (4/4/2014 7:09:06 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:11 AM)

22.10 - Repair msc Association
Start (4/4/2014 7:09:11 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:16 AM)

22.11 - Repair reg Association
Start (4/4/2014 7:09:16 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:20 AM)

22.12 - Repair scr Association
Start (4/4/2014 7:09:20 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:25 AM)

23 - Repair Windows Safe Mode
Start (4/4/2014 7:09:25 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:30 AM)

24 - Repair Print Spooler
Start (4/4/2014 7:09:30 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:09:43 AM)

25 - Restore Important Windows Services
Start (4/4/2014 7:09:43 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:10:08 AM)

26 - Set Windows Services To Default Startup
Start (4/4/2014 7:10:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/4/2014 7:10:19 AM)

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Cleaning up empty logs...

All Selected Repairs Done.
Done (4/4/2014 7:10:19 AM)
Total Repair Time: 00:18:08

...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account

**Tomk_** · April 4, 2014

Good. Now please run DDS and post both logs.

wkandravi · April 4, 2014

Here are the scan logs.

Also, an update from a prior post. It looks like whatever was on the machine somehow corrupted the actual picture files on the machine. I can use Windows Picture viewer for any new JPGs, just nothing that was originally on the machine.

dds.txt

attach.txt

**Tomk_** · April 5, 2014

I don't have a good answer for you on what happened to the pictures. I had hoped that when we reset all of the permissions, maybe that would straighten them out. Obviously, that didn't work. The thing is... a picture cannot be corrupted just setting there in memory. It's only data. While setting in memory it is totally stagnant - like oil sealed in a can. It is only when you open the can that you can contaminate the oil. A picture file would need to be opened... and then the corrupt file saved... in order for there to be a corrupt picture file. That is if the actual picture file was corrupt. The only other thing that can happen, to any file including a picture file, is that the memory block it is using could fail which would corrupt the data it contained. However, it is not reasonable... or even feasible, that all of the memory blocks that store only picture files would fail. But... like I said... I don't have an answer for why the pictures won't open.

From you logs... I see that a couple of the "bad" files we removed have returned. I don't see why. It's like they were re-installed but I don't know with what. It appears that they were gone on the 2nd and are there now so they must have returned on the third. And apparently today, your ATI display drivers for your graphics card claim that they can no longer work after the update... but I don't see what was updated.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Sign In

Unable to Clean PC - Please Help

Recommended Posts

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites