Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Malware affecting browsers and Antivirus Software on Desktop [Solved]


  • This topic is locked This topic is locked
35 replies to this topic

#16 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 15 November 2014 - 01:49 AM

Hi cstruck,

 

Please do not "bold" the text of the logs, it makes it harder to read.

 

= = = = = = = = = = = = = = = = = = = =
 

TDSSKiller Log--Nothing found

Please post the TDSSKiller log.

 

= = = = = = = = = = = = = = = = = = = =

 

Bitdefender still not working correctly and Google Chrome still not responding

Please explain what issues you are having with each of these.

 

= = = = = = = = = = = = = = = = = = = =

Does the date and time keep getting changed?


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

    Advertisements

Register to Remove


#17 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 15 November 2014 - 07:34 AM

21:24:26.0616 0x0514  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
21:24:37.0485 0x0514  ============================================================
21:24:37.0485 0x0514  Current date / time: 2014/11/14 21:24:37.0485
21:24:37.0485 0x0514  SystemInfo:
21:24:37.0485 0x0514 
21:24:37.0485 0x0514  OS Version: 6.0.6002 ServicePack: 2.0
21:24:37.0485 0x0514  Product type: Workstation
21:24:37.0485 0x0514  ComputerName: CARL-PC
21:24:37.0486 0x0514  UserName: Carl
21:24:37.0486 0x0514  Windows directory: C:\Windows
21:24:37.0486 0x0514  System windows directory: C:\Windows
21:24:37.0486 0x0514  Running under WOW64
21:24:37.0486 0x0514  Processor architecture: Intel x64
21:24:37.0486 0x0514  Number of processors: 4
21:24:37.0486 0x0514  Page size: 0x1000
21:24:37.0486 0x0514  Boot type: Normal boot
21:24:37.0486 0x0514  ============================================================
21:24:39.0540 0x0514  KLMD registered as C:\Windows\system32\drivers\89695425.sys
21:24:39.0920 0x0514  System UUID: {FA0AE007-4732-FDD4-FDAF-3B0C8B375AFC}
21:24:40.0591 0x0514  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:24:40.0713 0x0514  ============================================================
21:24:40.0713 0x0514  \Device\Harddisk0\DR0:
21:24:40.0713 0x0514  MBR partitions:
21:24:40.0713 0x0514  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x494CE800
21:24:40.0713 0x0514  ============================================================
21:24:40.0754 0x0514  C: <-> \Device\Harddisk0\DR0\Partition1
21:24:40.0754 0x0514  ============================================================
21:24:40.0754 0x0514  Initialize success
21:24:40.0754 0x0514  ============================================================
21:24:46.0863 0x1634  ============================================================
21:24:46.0863 0x1634  Scan started
21:24:46.0863 0x1634  Mode: Manual;
21:24:46.0863 0x1634  ============================================================
21:24:46.0863 0x1634  KSN ping started
21:25:00.0204 0x1634  KSN ping finished: true
21:25:01.0742 0x1634  ================ Scan system memory ========================
21:25:01.0742 0x1634  System memory - ok
21:25:01.0742 0x1634  ================ Scan services =============================
21:25:01.0884 0x1634  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:25:01.0901 0x1634  ACPI - ok
21:25:01.0992 0x1634  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:25:01.0995 0x1634  AdobeARMservice - ok
21:25:02.0172 0x1634  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:25:02.0189 0x1634  AdobeFlashPlayerUpdateSvc - ok
21:25:02.0245 0x1634  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:25:02.0270 0x1634  adp94xx - ok
21:25:02.0314 0x1634  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:25:02.0331 0x1634  adpahci - ok
21:25:02.0350 0x1634  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:25:02.0355 0x1634  adpu160m - ok
21:25:02.0376 0x1634  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:25:02.0385 0x1634  adpu320 - ok
21:25:02.0418 0x1634  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:25:02.0420 0x1634  AeLookupSvc - ok
21:25:02.0477 0x1634  [ E58A17E945593544C707423F9772EEA0, FC17AFF979354EB89DCA307BF07C52B84629AF540D4C6A32DD537695CA654205 ] AFD             C:\Windows\system32\drivers\afd.sys
21:25:02.0502 0x1634  AFD - ok
21:25:02.0555 0x1634  [ 8B0D8B5BAFD4C9D57B41426BC68B32F9, 28875E7A1BE4AFAFCCB13C6BE5891B0CE5C1735AC3CE5C84A773D445AF1D9596 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
21:25:02.0557 0x1634  AgereModemAudio - ok
21:25:02.0625 0x1634  [ 385471F8147E1BD6A08C031E3AAD3910, DF011B80881CF4229332D1B1E80ECD33E5223AA276FFB437CF41EB72A5A33E32 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:25:02.0677 0x1634  AgereSoftModem - ok
21:25:02.0716 0x1634  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:25:02.0719 0x1634  agp440 - ok
21:25:02.0731 0x1634  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:25:02.0735 0x1634  aic78xx - ok
21:25:02.0748 0x1634  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
21:25:02.0751 0x1634  ALG - ok
21:25:02.0768 0x1634  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:25:02.0769 0x1634  aliide - ok
21:25:02.0776 0x1634  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:25:02.0777 0x1634  amdide - ok
21:25:02.0790 0x1634  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:25:02.0792 0x1634  AmdK8 - ok
21:25:02.0826 0x1634  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
21:25:02.0829 0x1634  Appinfo - ok
21:25:02.0892 0x1634  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:25:02.0895 0x1634  Apple Mobile Device - ok
21:25:02.0920 0x1634  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
21:25:02.0925 0x1634  arc - ok
21:25:02.0952 0x1634  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:25:02.0956 0x1634  arcsas - ok
21:25:03.0042 0x1634  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:25:03.0045 0x1634  aspnet_state - ok
21:25:03.0069 0x1634  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:25:03.0071 0x1634  AsyncMac - ok
21:25:03.0092 0x1634  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
21:25:03.0093 0x1634  atapi - ok
21:25:03.0166 0x1634  [ 18985FEE743DA6F1AE382BDF7D889430, AC26DE8C0DA9E1E27D216368F87A90EB9F9B04BDC7D2A68BA8106BDC8A0E870A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
21:25:03.0209 0x1634  Ati External Event Utility - ok
21:25:03.0440 0x1634  [ 3471469D4A85564CDD72E4459D106F0B, D4AF38087FAA098968699B58990AF912F146C302BF40020C92E5D14AE9719CE3 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:25:03.0622 0x1634  atikmdag - ok
21:25:03.0654 0x1634  [ DB0D3DE15EDC96E7529FC0D3F7760894, 357A8E2D390D2434D20DA32FD8C08D6B0888F74402ED06024FADFF446F68CE51 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
21:25:03.0656 0x1634  AtiPcie - ok
21:25:03.0714 0x1634  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:25:03.0739 0x1634  AudioEndpointBuilder - ok
21:25:03.0761 0x1634  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:25:03.0774 0x1634  AudioSrv - ok
21:25:03.0866 0x1634  [ 8E36BAD24C8961A8895C2B5F6C6BCC3E, 28905FAC50884598CCAB1229AD12BC873BFC2AA649FC9B10A56A04655D90F7D9 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
21:25:03.0916 0x1634  avc3 - ok
21:25:03.0992 0x1634  [ 1C2B62D30100E6DC3C29B5344E73F99F, 83EE77BE98786C1B25F3E17FE79BAF9DC17855FCD4C4681A244F46956438F1D0 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
21:25:03.0996 0x1634  BdDesktopParental - ok
21:25:04.0077 0x1634  [ 7A502175F1DE0BA8E79372EFE7FD347B, 7F81EE92A38556AE003AF5F57D082751AB086C948BAABBED7C5ED4962DCB4F9D ] bdftdif         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
21:25:04.0081 0x1634  bdftdif - ok
21:25:04.0122 0x1634  [ B9ECE7FD9F58DAF19450C88338DC5267, 9857DFE0BDDEA791F2DDA99C24A064D488B52E4AC1402A37EF22C244C9283681 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
21:25:04.0126 0x1634  BDSandBox - ok
21:25:04.0166 0x1634  [ 50F796CB1E8C80F3D19435CB50C3DAB5, 20CE5C1242F8D0DFEE13C8D07EF1A67F670A078BA44E810A3A042C6A060FACC9 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
21:25:04.0170 0x1634  BDVEDISK - ok
21:25:04.0211 0x1634  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
21:25:04.0237 0x1634  BFE - ok
21:25:04.0308 0x1634  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
21:25:04.0358 0x1634  BITS - ok
21:25:04.0379 0x1634  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:25:04.0382 0x1634  blbdrive - ok
21:25:04.0447 0x1634  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:25:04.0472 0x1634  Bonjour Service - ok
21:25:04.0506 0x1634  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:25:04.0509 0x1634  bowser - ok
21:25:04.0537 0x1634  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:25:04.0539 0x1634  BrFiltLo - ok
21:25:04.0550 0x1634  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:25:04.0551 0x1634  BrFiltUp - ok
21:25:04.0568 0x1634  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
21:25:04.0573 0x1634  Browser - ok
21:25:04.0603 0x1634  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:25:04.0607 0x1634  Brserid - ok
21:25:04.0623 0x1634  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:25:04.0625 0x1634  BrSerWdm - ok
21:25:04.0634 0x1634  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:25:04.0636 0x1634  BrUsbMdm - ok
21:25:04.0644 0x1634  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:25:04.0646 0x1634  BrUsbSer - ok
21:25:04.0674 0x1634  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:25:04.0676 0x1634  BTHMODEM - ok
21:25:04.0705 0x1634  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:25:04.0709 0x1634  cdfs - ok
21:25:04.0737 0x1634  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:25:04.0741 0x1634  cdrom - ok
21:25:04.0782 0x1634  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:25:04.0785 0x1634  CertPropSvc - ok
21:25:04.0809 0x1634  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:25:04.0812 0x1634  circlass - ok
21:25:04.0857 0x1634  [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS            C:\Windows\system32\CLFS.sys
21:25:04.0874 0x1634  CLFS - ok
21:25:04.0941 0x1634  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:04.0945 0x1634  clr_optimization_v2.0.50727_32 - ok
21:25:04.0973 0x1634  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:25:04.0978 0x1634  clr_optimization_v2.0.50727_64 - ok
21:25:05.0064 0x1634  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:05.0069 0x1634  clr_optimization_v4.0.30319_32 - ok
21:25:05.0113 0x1634  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:25:05.0125 0x1634  clr_optimization_v4.0.30319_64 - ok
21:25:05.0141 0x1634  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:25:05.0142 0x1634  cmdide - ok
21:25:05.0150 0x1634  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:25:05.0151 0x1634  Compbatt - ok
21:25:05.0158 0x1634  COMSysApp - ok
21:25:05.0171 0x1634  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:25:05.0173 0x1634  crcdisk - ok
21:25:05.0213 0x1634  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:25:05.0230 0x1634  CryptSvc - ok
21:25:05.0287 0x1634  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:25:05.0321 0x1634  DcomLaunch - ok
21:25:05.0362 0x1634  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:25:05.0372 0x1634  DfsC - ok
21:25:05.0536 0x1634  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
21:25:05.0679 0x1634  DFSR - ok
21:25:05.0733 0x1634  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:25:05.0750 0x1634  Dhcp - ok
21:25:05.0778 0x1634  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
21:25:05.0781 0x1634  disk - ok
21:25:05.0815 0x1634  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:25:05.0820 0x1634  Dnscache - ok
21:25:05.0851 0x1634  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
21:25:05.0868 0x1634  dot3svc - ok
21:25:05.0922 0x1634  [ 74C02B1717740C3B8039539E23E4B53F, FF17BC1DAAE92C99D17EAE5C43FCFCC4B76E390D05EE2C603E5579C78A5536F0 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:25:05.0929 0x1634  Dot4 - ok
21:25:05.0944 0x1634  [ 08321D1860235BF42CF2854234337AEA, 39BD593B373A43C34FDDE283BA17F8127558036E8B5604D7C7091BC99CA9D739 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:25:05.0945 0x1634  Dot4Print - ok
21:25:05.0965 0x1634  [ 4ADCCF0124F2B6911D3786A5D0E779E5, 950B6FA2B9ABF353036A64133ED441EF58EEE36DC4BF5D5C4FFB71796438B5AA ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:25:05.0968 0x1634  dot4usb - ok
21:25:05.0993 0x1634  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
21:25:06.0000 0x1634  DPS - ok
21:25:06.0036 0x1634  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:25:06.0037 0x1634  drmkaud - ok
21:25:06.0093 0x1634  [ 362CCEF305F45829316D62D3410F2062, 35033749E9B6B5AFC9C8C305F4AA1597E9776D465E7BBC24A20E836B7BEF0D73 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:25:06.0134 0x1634  DXGKrnl - ok
21:25:06.0175 0x1634  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
21:25:06.0181 0x1634  E1G60 - ok
21:25:06.0200 0x1634  EagleX64 - ok
21:25:06.0222 0x1634  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
21:25:06.0226 0x1634  EapHost - ok
21:25:06.0252 0x1634  [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:25:06.0258 0x1634  Ecache - ok
21:25:06.0298 0x1634  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:25:06.0312 0x1634  ehRecvr - ok
21:25:06.0334 0x1634  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
21:25:06.0341 0x1634  ehSched - ok
21:25:06.0363 0x1634  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
21:25:06.0364 0x1634  ehstart - ok
21:25:06.0398 0x1634  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:25:06.0415 0x1634  elxstor - ok
21:25:06.0467 0x1634  [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:25:06.0467 0x131c  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
21:25:06.0493 0x1634  EMDMgmt - ok
21:25:06.0504 0x1634  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:25:06.0505 0x1634  ErrDev - ok
21:25:06.0568 0x1634  [ 4D06D9A26227AC485305133916888DF1, CBBCED63666DD5965A7F0B4577995FBD347B38F5391DC5429CAFC1CF3A4C2B1E ] ETService       C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
21:25:06.0569 0x1634  ETService - ok
21:25:06.0619 0x1634  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
21:25:06.0637 0x1634  EventSystem - ok
21:25:06.0670 0x1634  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
21:25:06.0678 0x1634  exfat - ok
21:25:06.0708 0x1634  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:25:06.0725 0x1634  fastfat - ok
21:25:06.0751 0x1634  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:25:06.0753 0x1634  fdc - ok
21:25:06.0777 0x1634  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:25:06.0779 0x1634  fdPHost - ok
21:25:06.0795 0x1634  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:25:06.0797 0x1634  FDResPub - ok
21:25:06.0821 0x1634  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:25:06.0824 0x1634  FileInfo - ok
21:25:06.0835 0x1634  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:25:06.0838 0x1634  Filetrace - ok
21:25:06.0854 0x1634  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:25:06.0856 0x1634  flpydisk - ok
21:25:06.0882 0x1634  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:25:06.0893 0x1634  FltMgr - ok
21:25:06.0986 0x1634  [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache       C:\Windows\system32\FntCache.dll
21:25:07.0036 0x1634  FontCache - ok
21:25:07.0076 0x1634  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:25:07.0078 0x1634  FontCache3.0.0.0 - ok
21:25:07.0102 0x1634  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:25:07.0105 0x1634  fssfltr - ok
21:25:07.0329 0x1634  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:25:07.0430 0x1634  fsssvc - ok
21:25:07.0495 0x1634  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:25:07.0509 0x1634  Fs_Rec - ok
21:25:07.0541 0x1634  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:25:07.0544 0x1634  gagp30kx - ok
21:25:07.0615 0x1634  [ 2E7E49077C7BBEB2947BD6D03C8454B5, 2B0FABCEACDD039537B9B267012E112ECED12EFD4941A9606AF9E510A8A7ED3E ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
21:25:07.0633 0x1634  GameConsoleService - ok
21:25:07.0745 0x1634  [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
21:25:07.0779 0x1634  Garmin Core Update Service - ok
21:25:07.0814 0x1634  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:25:07.0816 0x1634  GEARAspiWDM - ok
21:25:07.0872 0x1634  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:25:07.0905 0x1634  gpsvc - ok
21:25:07.0940 0x1634  [ 2ED7FF3E1ADA4092632393781518B3A7, FDB82CF74BE31806A6BFFC9724E54A74F822DFB4E137EEA38209418BDBCDAAB6 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
21:25:07.0942 0x1634  grmnusb - ok
21:25:07.0985 0x1634  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:07.0989 0x1634  gupdate - ok
21:25:08.0009 0x1634  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:25:08.0013 0x1634  gupdatem - ok
21:25:08.0051 0x1634  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:25:08.0067 0x1634  gusvc - ok
21:25:08.0092 0x1634  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
21:25:08.0098 0x1634  gzflt - ok
21:25:08.0143 0x1634  [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:25:08.0159 0x1634  HdAudAddService - ok
21:25:08.0241 0x1634  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:25:08.0283 0x1634  HDAudBus - ok
21:25:08.0299 0x1634  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:25:08.0310 0x1634  HidBth - ok
21:25:08.0329 0x1634  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:25:08.0331 0x1634  HidIr - ok
21:25:08.0349 0x1634  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
21:25:08.0352 0x1634  hidserv - ok
21:25:08.0379 0x1634  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:25:08.0381 0x1634  HidUsb - ok
21:25:08.0406 0x1634  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:25:08.0410 0x1634  hkmsvc - ok
21:25:08.0446 0x1634  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:25:08.0448 0x1634  HpCISSs - ok
21:25:08.0650 0x1634  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:25:08.0667 0x1634  hpqcxs08 - ok
21:25:08.0694 0x1634  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:25:08.0700 0x1634  hpqddsvc - ok
21:25:08.0743 0x1634  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:25:08.0794 0x1634  HTTP - ok
21:25:08.0815 0x1634  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:25:08.0818 0x1634  i2omp - ok
21:25:08.0849 0x1634  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:25:08.0852 0x1634  i8042prt - ok
21:25:08.0874 0x1634  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:25:08.0892 0x1634  iaStorV - ok
21:25:08.0955 0x1634  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:25:08.0999 0x1634  idsvc - ok
21:25:09.0017 0x1634  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:25:09.0019 0x1634  iirsp - ok
21:25:09.0055 0x1634  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
21:25:09.0081 0x1634  IKEEXT - ok
21:25:09.0152 0x131c  Object send P2P result: true
21:25:09.0191 0x1634  [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4, 04243A34AF13B89DABE4C4D24204438094AA36A83591092E1251AD67E623C10F ] int15           C:\Windows\SysWOW64\drivers\int15_64.sys
21:25:09.0195 0x1634  int15 - ok
21:25:09.0292 0x1634  [ 6FDF709500C20362FFC5057F0D1E0C8D, 218D35658E58588ABA3615961472C7CC16B434C8D313F81A3582EEC1C6046121 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:25:09.0359 0x1634  IntcAzAudAddService - ok
21:25:09.0377 0x1634  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
21:25:09.0378 0x1634  intelide - ok
21:25:09.0396 0x1634  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:25:09.0398 0x1634  intelppm - ok
21:25:09.0472 0x1634  [ 3DC635B66DD7412E1C9C3A77B8D78F25, D3894065DA2D08744863ECC5EE9027A0E39711A6A56AAB599F1CAF4BB996F42A ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
21:25:09.0473 0x1634  IntuitUpdateService - ok
21:25:09.0519 0x1634  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:25:09.0521 0x1634  IntuitUpdateServiceV4 - ok
21:25:09.0569 0x1634  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:25:09.0574 0x1634  IPBusEnum - ok
21:25:09.0601 0x1634  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:25:09.0605 0x1634  IpFilterDriver - ok
21:25:09.0634 0x1634  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:25:09.0651 0x1634  iphlpsvc - ok
21:25:09.0656 0x1634  IpInIp - ok
21:25:09.0671 0x1634  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:25:09.0675 0x1634  IPMIDRV - ok
21:25:09.0689 0x1634  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:25:09.0694 0x1634  IPNAT - ok
21:25:09.0736 0x1634  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:25:09.0770 0x1634  iPod Service - ok
21:25:09.0782 0x1634  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:25:09.0783 0x1634  IRENUM - ok
21:25:09.0806 0x1634  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:25:09.0808 0x1634  isapnp - ok
21:25:09.0844 0x1634  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:25:09.0860 0x1634  iScsiPrt - ok
21:25:09.0877 0x1634  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:25:09.0880 0x1634  iteatapi - ok
21:25:09.0907 0x1634  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:25:09.0909 0x1634  iteraid - ok
21:25:09.0918 0x1634  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:25:09.0921 0x1634  kbdclass - ok
21:25:09.0946 0x1634  [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:25:09.0949 0x1634  kbdhid - ok
21:25:09.0971 0x1634  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
21:25:09.0973 0x1634  KeyIso - ok
21:25:10.0011 0x1634  [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:25:10.0036 0x1634  KSecDD - ok
21:25:10.0046 0x1634  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:25:10.0048 0x1634  ksthunk - ok
21:25:10.0081 0x1634  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:25:10.0107 0x1634  KtmRm - ok
21:25:10.0149 0x1634  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:25:10.0166 0x1634  LanmanServer - ok
21:25:10.0200 0x1634  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:25:10.0210 0x1634  LanmanWorkstation - ok
21:25:10.0235 0x1634  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:25:10.0239 0x1634  lltdio - ok
21:25:10.0274 0x1634  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:25:10.0291 0x1634  lltdsvc - ok
21:25:10.0304 0x1634  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:25:10.0307 0x1634  lmhosts - ok
21:25:10.0324 0x1634  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:25:10.0329 0x1634  LSI_FC - ok
21:25:10.0344 0x1634  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:25:10.0349 0x1634  LSI_SAS - ok
21:25:10.0382 0x1634  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:25:10.0386 0x1634  LSI_SCSI - ok
21:25:10.0401 0x1634  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:25:10.0406 0x1634  luafv - ok
21:25:10.0450 0x1634  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:25:10.0451 0x1634  LVPr2M64 - ok
21:25:10.0456 0x1634  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:25:10.0458 0x1634  LVPr2Mon - ok
21:25:10.0505 0x1634  [ 9CD0DC863BE5D40A762F7D84F11A8471, 5824EF34618CA613C63684DBFD7D7DB743A92D632888095B9062A52B512034D9 ] LVPrcS64        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
21:25:10.0522 0x1634  LVPrcS64 - ok
21:25:10.0795 0x1634  [ BFBA84B8A9C233AE42B11CF7BDFC6C01, 77CEE3313B8F19AB7997E07444C2778DDD0500CEF04943247A8AE3D03F70E691 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:25:11.0044 0x1634  LVUVC64 - ok
21:25:11.0076 0x1634  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:25:11.0080 0x1634  Mcx2Svc - ok
21:25:11.0106 0x1634  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:25:11.0108 0x1634  megasas - ok
21:25:11.0133 0x1634  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
21:25:11.0159 0x1634  MegaSR - ok
21:25:11.0170 0x1634  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
21:25:11.0173 0x1634  MMCSS - ok
21:25:11.0184 0x1634  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
21:25:11.0187 0x1634  Modem - ok
21:25:11.0216 0x1634  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:25:11.0218 0x1634  monitor - ok
21:25:11.0231 0x1634  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:25:11.0233 0x1634  mouclass - ok
21:25:11.0270 0x1634  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:25:11.0272 0x1634  mouhid - ok
21:25:11.0281 0x1634  [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:25:11.0284 0x1634  MountMgr - ok
21:25:11.0323 0x1634  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
21:25:11.0328 0x1634  mpio - ok
21:25:11.0346 0x1634  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:25:11.0350 0x1634  mpsdrv - ok
21:25:11.0399 0x1634  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:25:11.0434 0x1634  MpsSvc - ok
21:25:11.0455 0x1634  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:25:11.0458 0x1634  Mraid35x - ok
21:25:11.0477 0x1634  [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:25:11.0483 0x1634  MRxDAV - ok
21:25:11.0526 0x1634  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:25:11.0532 0x1634  mrxsmb - ok
21:25:11.0558 0x1634  [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:25:11.0575 0x1634  mrxsmb10 - ok
21:25:11.0586 0x1634  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:25:11.0591 0x1634  mrxsmb20 - ok
21:25:11.0609 0x1634  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
21:25:11.0611 0x1634  msahci - ok
21:25:11.0626 0x1634  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:25:11.0631 0x1634  msdsm - ok
21:25:11.0646 0x1634  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
21:25:11.0652 0x1634  MSDTC - ok
21:25:11.0671 0x1634  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:25:11.0673 0x1634  Msfs - ok
21:25:11.0705 0x1634  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:25:11.0707 0x1634  msisadrv - ok
21:25:11.0734 0x1634  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:25:11.0743 0x1634  MSiSCSI - ok
21:25:11.0749 0x1634  msiserver - ok
21:25:11.0774 0x1634  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:25:11.0776 0x1634  MSKSSRV - ok
21:25:11.0790 0x1634  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:25:11.0791 0x1634  MSPCLOCK - ok
21:25:11.0806 0x1634  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:25:11.0808 0x1634  MSPQM - ok
21:25:11.0842 0x1634  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:25:11.0859 0x1634  MsRPC - ok
21:25:11.0870 0x1634  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:25:11.0872 0x1634  mssmbios - ok
21:25:11.0880 0x1634  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:25:11.0881 0x1634  MSTEE - ok
21:25:11.0893 0x1634  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:25:11.0896 0x1634  Mup - ok
21:25:11.0922 0x1634  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
21:25:11.0948 0x1634  napagent - ok
21:25:11.0990 0x1634  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:25:12.0006 0x1634  NativeWifiP - ok
21:25:12.0070 0x1634  [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:25:12.0103 0x1634  NDIS - ok
21:25:12.0112 0x1634  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:25:12.0114 0x1634  NdisTapi - ok
21:25:12.0120 0x1634  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:25:12.0122 0x1634  Ndisuio - ok
21:25:12.0146 0x1634  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:25:12.0162 0x1634  NdisWan - ok
21:25:12.0173 0x1634  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:25:12.0176 0x1634  NDProxy - ok
21:25:12.0209 0x1634  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:25:12.0213 0x1634  Net Driver HPZ12 - ok
21:25:12.0241 0x1634  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:25:12.0252 0x1634  NetBIOS - ok
21:25:12.0299 0x1634  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:25:12.0327 0x1634  netbt - ok
21:25:12.0336 0x1634  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
21:25:12.0338 0x1634  Netlogon - ok
21:25:12.0375 0x1634  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
21:25:12.0393 0x1634  Netman - ok
21:25:12.0451 0x1634  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:12.0457 0x1634  NetMsmqActivator - ok
21:25:12.0476 0x1634  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:12.0481 0x1634  NetPipeActivator - ok
21:25:12.0506 0x1634  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
21:25:12.0523 0x1634  netprofm - ok
21:25:12.0533 0x1634  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:12.0538 0x1634  NetTcpActivator - ok
21:25:12.0548 0x1634  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:25:12.0553 0x1634  NetTcpPortSharing - ok
21:25:12.0571 0x1634  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:25:12.0574 0x1634  nfrd960 - ok
21:25:12.0593 0x1634  [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:25:12.0610 0x1634  NlaSvc - ok
21:25:12.0627 0x1634  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:25:12.0629 0x1634  Npfs - ok
21:25:12.0640 0x1634  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
21:25:12.0644 0x1634  nsi - ok
21:25:12.0651 0x1634  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:25:12.0653 0x1634  nsiproxy - ok
21:25:12.0739 0x1634  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:25:12.0810 0x1634  Ntfs - ok
21:25:12.0835 0x1634  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
21:25:12.0836 0x1634  Null - ok
21:25:12.0853 0x1634  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:25:12.0858 0x1634  nvraid - ok
21:25:12.0875 0x1634  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:25:12.0878 0x1634  nvstor - ok
21:25:12.0912 0x1634  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:25:12.0917 0x1634  nv_agp - ok
21:25:12.0923 0x1634  NwlnkFlt - ok
21:25:12.0932 0x1634  NwlnkFwd - ok
21:25:13.0007 0x1634  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:25:13.0033 0x1634  odserv - ok
21:25:13.0066 0x1634  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:25:13.0069 0x1634  ohci1394 - ok
21:25:13.0107 0x1634  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:25:13.0113 0x1634  ose - ok
21:25:13.0186 0x1634  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:25:13.0229 0x1634  p2pimsvc - ok
21:25:13.0278 0x1634  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:25:13.0304 0x1634  p2psvc - ok
21:25:13.0323 0x1634  [ 4C6A7FD04DDF4DB88791048382E3EDB1, 0F3827F8C41549C4B41A688ED78B8EE27EBBF5F907595481D37C635D2583DBA6 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:25:13.0328 0x1634  Parport - ok
21:25:13.0368 0x1634  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:25:13.0372 0x1634  partmgr - ok
21:25:13.0391 0x1634  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:25:13.0396 0x1634  PcaSvc - ok
21:25:13.0411 0x1634  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
21:25:13.0427 0x1634  pci - ok
21:25:13.0449 0x1634  [ 2657F6C0B78C36D95034BE109336E382, C85CFDA57A64B7CC1BB09225C2F81629CEF21C5F25735B098F214397D6DE0D2C ] pciide          C:\Windows\system32\drivers\pciide.sys
21:25:13.0451 0x1634  pciide - ok
21:25:13.0470 0x1634  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:25:13.0487 0x1634  pcmcia - ok
21:25:13.0523 0x1634  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:25:13.0557 0x1634  PEAUTH - ok
21:25:13.0595 0x1634  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:25:13.0598 0x1634  PerfHost - ok
21:25:13.0706 0x1634  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
21:25:13.0773 0x1634  pla - ok
21:25:13.0814 0x1634  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:25:13.0831 0x1634  PlugPlay - ok
21:25:13.0858 0x1634  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:25:13.0862 0x1634  Pml Driver HPZ12 - ok
21:25:13.0903 0x1634  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:25:13.0931 0x1634  PNRPAutoReg - ok
21:25:13.0978 0x1634  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:25:14.0005 0x1634  PNRPsvc - ok
21:25:14.0052 0x1634  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:25:14.0079 0x1634  PolicyAgent - ok
21:25:14.0112 0x1634  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:25:14.0116 0x1634  PptpMiniport - ok
21:25:14.0139 0x1634  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:25:14.0141 0x1634  Processor - ok
21:25:14.0173 0x1634  [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc         C:\Windows\system32\profsvc.dll
21:25:14.0180 0x1634  ProfSvc - ok
21:25:14.0195 0x1634  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:25:14.0197 0x1634  ProtectedStorage - ok
21:25:14.0217 0x1634  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:25:14.0221 0x1634  PSched - ok
21:25:14.0283 0x1634  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:25:14.0334 0x1634  ql2300 - ok
21:25:14.0352 0x1634  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:25:14.0357 0x1634  ql40xx - ok
21:25:14.0388 0x1634  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
21:25:14.0405 0x1634  QWAVE - ok
21:25:14.0421 0x1634  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:25:14.0423 0x1634  QWAVEdrv - ok
21:25:14.0436 0x1634  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:25:14.0438 0x1634  RasAcd - ok
21:25:14.0455 0x1634  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
21:25:14.0460 0x1634  RasAuto - ok
21:25:14.0479 0x1634  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:25:14.0484 0x1634  Rasl2tp - ok
21:25:14.0510 0x1634  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
21:25:14.0527 0x1634  RasMan - ok
21:25:14.0544 0x1634  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:25:14.0546 0x1634  RasPppoe - ok
21:25:14.0584 0x1634  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:25:14.0587 0x1634  RasSstp - ok
21:25:14.0608 0x1634  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:25:14.0620 0x1634  rdbss - ok
21:25:14.0637 0x1634  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:25:14.0639 0x1634  RDPCDD - ok
21:25:14.0663 0x1634  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:25:14.0680 0x1634  rdpdr - ok
21:25:14.0687 0x1634  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:25:14.0688 0x1634  RDPENCDD - ok
21:25:14.0732 0x1634  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:25:14.0749 0x1634  RDPWD - ok
21:25:14.0803 0x1634  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:25:14.0808 0x1634  RemoteAccess - ok
21:25:14.0836 0x1634  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:25:14.0852 0x1634  RemoteRegistry - ok
21:25:14.0913 0x1634  [ D1F1D0EE50F8C070A612796676971699, 4C742FDC3D6F274EF350395E324444C8148F270E2D8096E7AF61E1E096887BFE ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:25:14.0932 0x1634  RichVideo - ok
21:25:14.0952 0x1634  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
21:25:14.0954 0x1634  RpcLocator - ok
21:25:15.0003 0x1634  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
21:25:15.0026 0x1634  RpcSs - ok
21:25:15.0039 0x1634  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:25:15.0043 0x1634  rspndr - ok
21:25:15.0090 0x1634  [ F8DA8FC39CE5859C0D8C0FE6524CE465, 8089946E568CF45871BE643FF4BCF59443911660D59D49BB12DF1EE90FCB4D5C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:25:15.0107 0x1634  RTHDMIAzAudService - ok
21:25:15.0143 0x1634  [ B6B74A05F4DA0231D5D275568A104F89, 18145B313E50201F8023B9E34018F3BFEFCF082213747E53332A8AC94FD60FD0 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR64.SYS
21:25:15.0146 0x1634  RTSTOR - ok
21:25:15.0187 0x1634  [ E228C336F195FA629D00B02F9FFC5667, 114F562882EF2A439EC4783029A977A53588F3870AED158B46F8DA51B4CB2715 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
21:25:15.0191 0x1634  SafeBox - ok
21:25:15.0204 0x1634  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
21:25:15.0205 0x1634  SamSs - ok
21:25:15.0218 0x1634  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:25:15.0222 0x1634  sbp2port - ok
21:25:15.0310 0x1634  [ 14C2C9B87F1A06E15B060EC897DE6401, BB0BA12253CD214C12A3486F988D507E5EBE19E8BF58E3332BF4FE39052438A0 ] scan            C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll
21:25:15.0328 0x1634  scan - ok
21:25:15.0358 0x1634  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:25:15.0374 0x1634  SCardSvr - ok
21:25:15.0430 0x1634  [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule        C:\Windows\system32\schedsvc.dll
21:25:15.0472 0x1634  Schedule - ok
21:25:15.0498 0x1634  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:25:15.0500 0x1634  SCPolicySvc - ok
21:25:15.0517 0x1634  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:25:15.0524 0x1634  SDRSVC - ok
21:25:15.0534 0x1634  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:25:15.0535 0x1634  secdrv - ok
21:25:15.0545 0x1634  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll
21:25:15.0548 0x1634  seclogon - ok
21:25:15.0560 0x1634  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
21:25:15.0565 0x1634  SENS - ok
21:25:15.0578 0x1634  [ 2449316316411D65BD2C761A6FFB2CE2, A428D3B4E113D3CB6DD87CC52CF71E179189A9A9E326B39FB50C7B3155A41A88 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:25:15.0580 0x1634  Serenum - ok
21:25:15.0608 0x1634  [ 4B438170BE2FC8E0BD35EE87A960F84F, A585E17607DCB3E79518BC9914C7030C39B30A1B5B5B32137DABA32FF7079858 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:25:15.0613 0x1634  Serial - ok
21:25:15.0620 0x1634  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:25:15.0622 0x1634  sermouse - ok
21:25:15.0643 0x1634  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
21:25:15.0648 0x1634  SessionEnv - ok
21:25:15.0660 0x1634  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:25:15.0662 0x1634  sffdisk - ok
21:25:15.0668 0x1634  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:25:15.0670 0x1634  sffp_mmc - ok
21:25:15.0676 0x1634  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:25:15.0679 0x1634  sffp_sd - ok
21:25:15.0685 0x1634  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:25:15.0686 0x1634  sfloppy - ok
21:25:15.0718 0x1634  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:25:15.0736 0x1634  SharedAccess - ok
21:25:15.0770 0x1634  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:25:15.0787 0x1634  ShellHWDetection - ok
21:25:15.0808 0x1634  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:25:15.0811 0x1634  SiSRaid2 - ok
21:25:15.0823 0x1634  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:25:15.0827 0x1634  SiSRaid4 - ok
21:25:15.0913 0x1634  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:25:15.0919 0x1634  SkypeUpdate - ok
21:25:16.0043 0x1634  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
21:25:16.0143 0x1634  slsvc - ok
21:25:16.0169 0x1634  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:25:16.0174 0x1634  SLUINotify - ok
21:25:16.0196 0x1634  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:25:16.0200 0x1634  Smb - ok
21:25:16.0225 0x1634  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:25:16.0228 0x1634  SNMPTRAP - ok
21:25:16.0249 0x1634  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:25:16.0251 0x1634  spldr - ok
21:25:16.0287 0x1634  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
21:25:16.0304 0x1634  Spooler - ok
21:25:16.0344 0x1634  [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:25:16.0369 0x1634  srv - ok
21:25:16.0416 0x1634  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:25:16.0424 0x1634  srv2 - ok
21:25:16.0468 0x1634  [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:25:16.0474 0x1634  srvnet - ok
21:25:16.0491 0x1634  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:25:16.0508 0x1634  SSDPSRV - ok
21:25:16.0542 0x1634  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:25:16.0559 0x1634  SstpSvc - ok
21:25:16.0591 0x1634  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
21:25:16.0616 0x1634  stisvc - ok
21:25:16.0642 0x1634  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:25:16.0644 0x1634  swenum - ok
21:25:16.0679 0x1634  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
21:25:16.0698 0x1634  swprv - ok
21:25:16.0714 0x1634  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:25:16.0716 0x1634  Symc8xx - ok
21:25:16.0732 0x1634  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:25:16.0734 0x1634  Sym_hi - ok
21:25:16.0742 0x1634  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:25:16.0745 0x1634  Sym_u3 - ok
21:25:16.0806 0x1634  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
21:25:16.0847 0x1634  SysMain - ok
21:25:16.0866 0x1634  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
21:25:16.0872 0x1634  TabletInputService - ok
21:25:16.0909 0x1634  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:25:16.0927 0x1634  TapiSrv - ok
21:25:16.0940 0x1634  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
21:25:16.0945 0x1634  TBS - ok
21:25:17.0023 0x1634  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:25:17.0079 0x1634  Tcpip - ok
21:25:17.0153 0x1634  [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:25:17.0197 0x1634  Tcpip6 - ok
21:25:17.0221 0x1634  [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:25:17.0224 0x1634  tcpipreg - ok
21:25:17.0233 0x1634  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:25:17.0236 0x1634  TDPIPE - ok
21:25:17.0245 0x1634  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:25:17.0248 0x1634  TDTCP - ok
21:25:17.0273 0x1634  [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:25:17.0278 0x1634  tdx - ok
21:25:17.0293 0x1634  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:25:17.0296 0x1634  TermDD - ok
21:25:17.0334 0x1634  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
21:25:17.0359 0x1634  TermService - ok
21:25:17.0387 0x1634  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
21:25:17.0398 0x1634  Themes - ok
21:25:17.0411 0x1634  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:25:17.0413 0x1634  THREADORDER - ok
21:25:17.0428 0x1634  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
21:25:17.0435 0x1634  TrkWks - ok
21:25:17.0480 0x1634  [ 64A1095DEF1C2D811F706B832BFCD27A, 3018B1AFB4DF4EDA04EB844783BC64CC04E5D05EEAC1B218EF28BAB9453596F4 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
21:25:17.0497 0x1634  trufos - ok
21:25:17.0543 0x1634  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:25:17.0544 0x1634  TrustedInstaller - ok
21:25:17.0579 0x1634  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:25:17.0582 0x1634  tssecsrv - ok
21:25:17.0600 0x1634  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:25:17.0602 0x1634  tunmp - ok
21:25:17.0634 0x1634  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:25:17.0636 0x1634  tunnel - ok
21:25:17.0652 0x1634  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:25:17.0656 0x1634  uagp35 - ok
21:25:17.0690 0x1634  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:25:17.0707 0x1634  udfs - ok
21:25:17.0722 0x1634  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:25:17.0726 0x1634  UI0Detect - ok
21:25:17.0741 0x1634  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:25:17.0745 0x1634  uliagpkx - ok
21:25:17.0779 0x1634  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:25:17.0796 0x1634  uliahci - ok
21:25:17.0819 0x1634  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:25:17.0826 0x1634  UlSata - ok
21:25:17.0846 0x1634  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:25:17.0862 0x1634  ulsata2 - ok
21:25:17.0874 0x1634  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:25:17.0877 0x1634  umbus - ok
21:25:17.0922 0x1634  [ B239FDC885A77E4D5FB93AD1BA2A80EC, EA4D6DF359FD9BD6465C44D718638ECF2F68F163F44F72B1897065012FBF7426 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
21:25:17.0926 0x1634  UPDATESRV - ok
21:25:17.0957 0x1634  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
21:25:17.0974 0x1634  upnphost - ok
21:25:18.0014 0x1634  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:25:18.0017 0x1634  USBAAPL64 - ok
21:25:18.0056 0x1634  [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:25:18.0061 0x1634  usbaudio - ok
21:25:18.0102 0x1634  [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:25:18.0106 0x1634  usbccgp - ok
21:25:18.0120 0x1634  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:25:18.0124 0x1634  usbcir - ok
21:25:18.0161 0x1634  [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:25:18.0163 0x1634  usbehci - ok
21:25:18.0211 0x1634  [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:25:18.0227 0x1634  usbhub - ok
21:25:18.0248 0x1634  [ 396041C6EA61202991221AA6A3B16190, 42B2372CF3496F53710C1DEBE49E18B1DAD38F7474A72B0F744DD98EBD3E21E5 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:25:18.0250 0x1634  usbohci - ok
21:25:18.0266 0x1634  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:25:18.0268 0x1634  usbprint - ok
21:25:18.0301 0x1634  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:25:18.0304 0x1634  usbscan - ok
21:25:18.0318 0x1634  [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:25:18.0322 0x1634  USBSTOR - ok
21:25:18.0340 0x1634  [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:25:18.0343 0x1634  usbuhci - ok
21:25:18.0368 0x1634  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:25:18.0375 0x1634  usbvideo - ok
21:25:18.0390 0x1634  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
21:25:18.0393 0x1634  UxSms - ok
21:25:18.0434 0x1634  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
21:25:18.0461 0x1634  vds - ok
21:25:18.0487 0x1634  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:25:18.0490 0x1634  vga - ok
21:25:18.0503 0x1634  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:25:18.0505 0x1634  VgaSave - ok
21:25:18.0517 0x1634  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
21:25:18.0519 0x1634  viaide - ok
21:25:18.0543 0x1634  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:25:18.0546 0x1634  volmgr - ok
21:25:18.0584 0x1634  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:25:18.0609 0x1634  volmgrx - ok
21:25:18.0634 0x1634  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:25:18.0651 0x1634  volsnap - ok
21:25:18.0676 0x1634  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:25:18.0682 0x1634  vsmraid - ok
21:25:18.0761 0x1634  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
21:25:18.0837 0x1634  VSS - ok
21:25:18.0924 0x1634  [ 177485B0EDB3322BFCEAA85A309756E7, 61A736F8BE41507664693CA70957BEB1EDF54C30400E64E3D216BBE078032421 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
21:25:18.0991 0x1634  VSSERV - ok
21:25:19.0033 0x1634  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
21:25:19.0049 0x1634  W32Time - ok
21:25:19.0066 0x1634  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:25:19.0068 0x1634  WacomPen - ok
21:25:19.0096 0x1634  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:25:19.0100 0x1634  Wanarp - ok
21:25:19.0107 0x1634  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:25:19.0110 0x1634  Wanarpv6 - ok
21:25:19.0147 0x1634  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:25:19.0172 0x1634  wcncsvc - ok
21:25:19.0192 0x1634  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:25:19.0196 0x1634  WcsPlugInService - ok
21:25:19.0210 0x1634  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
21:25:19.0213 0x1634  Wd - ok
21:25:19.0272 0x1634  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:25:19.0305 0x1634  Wdf01000 - ok
21:25:19.0324 0x1634  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:25:19.0330 0x1634  WdiServiceHost - ok
21:25:19.0336 0x1634  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:25:19.0341 0x1634  WdiSystemHost - ok
21:25:19.0363 0x1634  [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient       C:\Windows\System32\webclnt.dll
21:25:19.0380 0x1634  WebClient - ok
21:25:19.0412 0x1634  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:25:19.0429 0x1634  Wecsvc - ok
21:25:19.0440 0x1634  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:25:19.0446 0x1634  wercplsupport - ok
21:25:19.0457 0x1634  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:25:19.0464 0x1634  WerSvc - ok
21:25:19.0475 0x1634  WinDefend - ok
21:25:19.0485 0x1634  WinHttpAutoProxySvc - ok
21:25:19.0530 0x1634  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:25:19.0548 0x1634  Winmgmt - ok
21:25:19.0649 0x1634  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
21:25:19.0737 0x1634  WinRM - ok
21:25:19.0799 0x1634  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:25:19.0833 0x1634  Wlansvc - ok
21:25:19.0977 0x1634  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:25:20.0069 0x1634  wlidsvc - ok
21:25:20.0095 0x1634  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:25:20.0096 0x1634  WmiAcpi - ok
21:25:20.0131 0x1634  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:25:20.0149 0x1634  wmiApSrv - ok
21:25:20.0159 0x1634  WMPNetworkSvc - ok
21:25:20.0184 0x1634  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:25:20.0201 0x1634  WPCSvc - ok
21:25:20.0239 0x1634  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:25:20.0245 0x1634  WPDBusEnum - ok
21:25:20.0287 0x1634  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:25:20.0289 0x1634  WpdUsb - ok
21:25:20.0411 0x1634  [ A2BFEDF5D926CBED9C5F7BC46169A99C, 4F336C0D1DFBCDF9583F528331300FD377AE6565E0C70D58CD9E6ACE95B7273F ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:25:20.0454 0x1634  WPFFontCache_v0400 - ok
21:25:20.0468 0x1634  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:25:20.0470 0x1634  ws2ifsl - ok
21:25:20.0502 0x1634  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:25:20.0507 0x1634  wscsvc - ok
21:25:20.0513 0x1634  WSearch - ok
21:25:20.0629 0x1634  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:25:20.0730 0x1634  wuauserv - ok
21:25:20.0769 0x1634  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:25:20.0773 0x1634  WudfPf - ok
21:25:20.0805 0x1634  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:25:20.0822 0x1634  WUDFRd - ok
21:25:20.0862 0x1634  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:25:20.0867 0x1634  wudfsvc - ok
21:25:20.0882 0x1634  yksvc - ok
21:25:20.0930 0x1634  [ B681CADB266B151061E7BAA82B0D77B7, 47DBBF63C1912CE966029605276B1146C5834604A100FAC224535489BA130623 ] yukonx64        C:\Windows\system32\DRIVERS\yk60x64.sys
21:25:20.0954 0x1634  yukonx64 - ok
21:25:20.0958 0x1634  ================ Scan global ===============================
21:25:20.0992 0x1634  [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll
21:25:21.0043 0x1634  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
21:25:21.0085 0x1634  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
21:25:21.0126 0x1634  [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe
21:25:21.0151 0x1634  [ Global ] - ok
21:25:21.0152 0x1634  ================ Scan MBR ==================================
21:25:21.0163 0x1634  [ B751AF1ACDDD7A1A71313731839F4ECB ] \Device\Harddisk0\DR0
21:25:24.0137 0x1634  \Device\Harddisk0\DR0 - ok
21:25:24.0139 0x1634  ================ Scan VBR ==================================
21:25:24.0143 0x1634  [ 4095EB59D8B26087687D26EDC79B90C5 ] \Device\Harddisk0\DR0\Partition1
21:25:24.0159 0x1634  \Device\Harddisk0\DR0\Partition1 - ok
21:25:24.0159 0x1634  ================ Scan generic autorun ======================
21:25:24.0159 0x1634  Windows Defender - ok
21:25:24.0430 0x1634  [ BAA1FEA046B3F857C82595B396719AAC, EC3ABEE40212FE733484D53C4FD6E4AC6C888DE1FB95B1E9BBDFCDBC2DBE304F ] C:\Windows\RAVCpl64.exe
21:25:24.0671 0x1634  RtHDVCpl - ok
21:25:24.0771 0x1634  [ C2B406805F8F6B8642464FF053A22F8F, 76D8A7C6689C4944E62B6BF1192A0454E79829A6292FE35593932845E230E06B ] C:\Windows\Skytel.exe
21:25:24.0844 0x1634  Skytel - ok
21:25:24.0936 0x1634  [ A1C1660FB729A77C833FDF1A1345AD61, 1B3E990491E64392B2692D87DE173C61453092B67C9CF2DA37A260D30B4EFE76 ] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
21:25:25.0009 0x1634  Bdagent - ok
21:25:25.0033 0x1634  [ B94C288D7BC9760A01304880A7CE18EB, F58C78143CE48E953345A69002FAB8635563D01A22DB49C157EFAB4AF5798D87 ] C:\Windows\LchDrvKey.exe
21:25:25.0035 0x1634  LchDrvKey - ok
21:25:25.0064 0x1634  [ BFB90D4063BD1D976090790E4EB8FD7C, BD86853B1EB7787AEA9537B33DC4623421E9B9990F7702B2BF0BE44A9267EFEA ] C:\Windows\CNYHKey.exe
21:25:25.0081 0x1634  LedKey - ok
21:25:25.0124 0x1634  [ 601D77C0AA637A99073210894554B6BA, 0EE521E25512E7D303D6014D31F2D7057CEAA477F6481451111B941BCB8BF1F2 ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
21:25:25.0141 0x1634  P2Go_Menu - ok
21:25:25.0196 0x1634  [ 941A08CBDEEDF16B6C986B6BA7C9A5D0, D62C895432DD277DF2E738500649B49A706DC828174B7F58C87C3AB412F4034E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
21:25:25.0200 0x1634  hpqSRMon - ok
21:25:25.0232 0x1634  [ C4D71A917D9219C5AC69D9FF0BBAB7C8, B53855EC3B7778805D9495E581498778BAC42519A4FB3BA181876AC4AAC6FFB5 ] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
21:25:25.0249 0x1634  MSN Toolbar - ok
21:25:25.0301 0x1634  [ F8B91C91225E5CAA2B2F0370201021C0, 5EF4546D723EFAA97921CFF273FECD78AF9B7740359A5F80375A4272C3D2E7C5 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
21:25:25.0317 0x1634  Microsoft Default Manager - ok
21:25:25.0362 0x1634  [ 6CBEC289086EC51A263DA1413FF4208F, 1485C1823149C1F0D56B8A40DAB1BDD1E63F7D6D303E4AE97E1219794FA1A0E1 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
21:25:25.0368 0x1634  LWS - ok
21:25:25.0439 0x1634  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:25:25.0480 0x1634  Adobe ARM - ok
21:25:25.0506 0x1634  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:25:25.0508 0x1634  APSDaemon - ok
21:25:25.0589 0x1634  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:25:25.0637 0x1634  Sidebar - ok
21:25:25.0644 0x1634  WindowsWelcomeCenter - ok
21:25:25.0703 0x1634  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:25:25.0737 0x1634  Sidebar - ok
21:25:25.0744 0x1634  WindowsWelcomeCenter - ok
21:25:25.0791 0x1634  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:25:25.0794 0x1634  swg - ok
21:25:25.0817 0x1634  Skype - ok
21:25:25.0863 0x1634  [ 679C97CBF4AD084349602DD6AC6FD4DC, 499127D11530A9CA454D8AEDD0448537D6630845A7F2EE1C1DF0FC407D1E24E3 ] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
21:25:25.0896 0x1634  Bitdefender Wallet Agent - ok
21:25:25.0958 0x1634  [ DD5A8388F7BC7052EED93207A8B3A0B7, E3EEC0B262D2C0063C694118A634A2F09C019D7A024A18C8BE83AF60BE45ECDC ] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
21:25:25.0999 0x1634  Bitdefender Wallet - ok
21:25:26.0066 0x1634  [ DB1919F34AB9CD5F43B0ED463D7E8D28, B7FC47EACF3B0B352AC7552743A43CD1DF147D8E1F6D0BF30D300000E12859A6 ] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
21:25:26.0090 0x1634  Bitdefender Wallet Application Agent - ok
21:25:26.0164 0x1634  [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:25:26.0196 0x1634  GarminExpressTrayApp - ok
21:25:26.0199 0x1634  WMPNSCFG - ok
21:25:26.0206 0x1634  WindowsWelcomeCenter - ok
21:25:26.0241 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
21:25:26.0247 0x1634  ehTray.exe - ok
21:25:26.0449 0x1634  [ 6F0DAB13529BCB7C0F8A3082A8B1CDE9, F81501B2F23C1876345EE60DF7AFDD2FBE2FFA1D269E286535D3DF45FF926991 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
21:25:26.0609 0x1634  msnmsgr - ok
21:25:26.0626 0x1634  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:25:26.0628 0x1634  swg - ok
21:25:26.0658 0x1634  [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:25:26.0678 0x1634  GarminExpressTrayApp - ok
21:25:26.0683 0x1634  WindowsWelcomeCenter - ok
21:25:26.0699 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
21:25:26.0703 0x1634  ehTray.exe - ok
21:25:26.0704 0x1634  WMPNSCFG - ok
21:25:26.0714 0x1634  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:25:26.0716 0x1634  swg - ok
21:25:26.0725 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehtray.exe
21:25:26.0729 0x1634  Application Restart #0 - ok
21:25:26.0768 0x1634  [ B6A7E7F43234BFA6A8E6CC4110CB9448, A06503F1C1A8DF36EA20DD9A0DE34F96BE896E07E283EA5AFD0DD7FB1085BA53 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:25:26.0784 0x1634  Application Restart #1 - ok
21:25:26.0787 0x1634  WindowsWelcomeCenter - ok
21:25:26.0821 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
21:25:26.0825 0x1634  ehTray.exe - ok
21:25:26.0832 0x1634  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:25:26.0834 0x1634  swg - ok
21:25:26.0859 0x1634  LightShot - ok
21:25:26.0882 0x1634  [ CE881FB400AAFE32D3DC0A7561B547C2, A7A07EE152F9ED6BE6B2E32D58674E5915BB0CDFBECD3C66A18A16CE0F19A8C2 ] C:\Windows\Speech\Common\sapisvr.exe
21:25:26.0884 0x1634  Speech Recognition - ok
21:25:26.0885 0x1634  WMPNSCFG - ok
21:25:26.0937 0x1634  FlashPlayerUpdate - ok
21:25:26.0946 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehtray.exe
21:25:26.0950 0x1634  Application Restart #0 - ok
21:25:26.0963 0x1634  [ B6A7E7F43234BFA6A8E6CC4110CB9448, A06503F1C1A8DF36EA20DD9A0DE34F96BE896E07E283EA5AFD0DD7FB1085BA53 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:25:26.0970 0x1634  Application Restart #1 - ok
21:25:27.0027 0x1634  [ 06DE47CAE6D862847A4F24753C199394, 4FBCBAB3EE892D05F3EDC5355D8A3637C157CC99427E07EAC3BE83AF72B3D59B ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
21:25:27.0049 0x1634  Application Restart #2 - ok
21:25:27.0056 0x1634  WindowsWelcomeCenter - ok
21:25:27.0065 0x1634  [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe
21:25:27.0069 0x1634  ehTray.exe - ok
21:25:27.0245 0x1634  [ 6F0DAB13529BCB7C0F8A3082A8B1CDE9, F81501B2F23C1876345EE60DF7AFDD2FBE2FFA1D269E286535D3DF45FF926991 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
21:25:27.0363 0x1634  msnmsgr - ok
21:25:27.0401 0x1634  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:25:27.0403 0x1634  swg - ok
21:25:27.0404 0x1634  WMPNSCFG - ok
21:25:27.0408 0x1634  Waiting for KSN requests completion. In queue: 64
21:25:28.0408 0x1634  Waiting for KSN requests completion. In queue: 36
21:25:29.0408 0x1634  Waiting for KSN requests completion. In queue: 36
21:25:29.0797 0x0690  Object required for P2P: [ 06DE47CAE6D862847A4F24753C199394 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
21:25:30.0408 0x1634  Waiting for KSN requests completion. In queue: 1
21:25:31.0408 0x1634  Waiting for KSN requests completion. In queue: 1
21:25:32.0408 0x1634  Waiting for KSN requests completion. In queue: 1
21:25:32.0470 0x0690  Object send P2P result: true
21:25:33.0454 0x1634  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.29.0.1245 ), 0x41000 ( enabled : updated )
21:25:33.0457 0x1634  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.29.0.1245 ), 0x41010 ( enabled )
21:25:35.0930 0x1634  ============================================================
21:25:35.0930 0x1634  Scan finished
21:25:35.0930 0x1634  ============================================================
21:25:35.0941 0x0ea0  Detected object count: 0
21:25:35.0941 0x0ea0  Actual detected object count: 0
21:28:08.0702 0x0f38  Deinitialize success

 

When I attempt to open Google Chrome, I get the message that Google Chrome has stopped working: A problem caused the program to stop working correctly.  Windows will close the program and notify you if a solution is available.  I was able to correct this 3-4 days ago by uninstalling Chrome and downloading it.  But then this reoccurred after a restart. 

 

Bitdefender: I cannot turn on Active Virus Control, I cannot set on-access scanning to default, and Intrusion Detection System will not stay on.  These are the problems that  I have noticed. 
 

The date and time only change after the restart when I get the black screen that says CMOS Settings Wrong/CMOS date and time not set. It goes back to 2008. It has happened once since I started working with you but happend two other times over the last week. 



#18 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 15 November 2014 - 09:35 AM

Hi cstruck,

Thank you for the detailed explanation as to the issues you are experiencing.

bullseye_zpse9eaf36e.gif Uninstall Google Chrome

Windows Vista/ Windows 7/ Windows 8
  • Close all Chrome windows and tabs.
  • Go to the Start menu > Control Panel.
  • Click Programs and Features.
  • Double-click Google Chrome.
  • Click Uninstall from the confirmation dialog.
  • To delete your user profile information, like your browser preferences, bookmarks, and history, select the "Also delete your browsing data" check-box.
=========================

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • Bitdefender
=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

Re-install Bitdefender and Goodle Chrome and test.

=========================
 


The date and time only change after the restart when I get the black screen that says CMOS Settings Wrong/CMOS date and time not set. It goes back to 2008. It has happened once since I started working with you but happend two other times over the last week.


This issue might be more a technical issue than a malware problem. The CMOS settings have a small watch battery that maintain the date and time settings (among other things). It is very likely that this battery is going bad, which would cause the issue you are experiencing.
  • What is the make and model of the computer?
  • How old is the computer?
  • Have you ever changed the CMOS battery?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#19 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 15 November 2014 - 09:44 PM

Good Evening OCD, I was able to uninstall and reinstall Bitdefender and Google Chrome and both seem to be working correctly. 

 

I'm getting a double notification that Multimedia Keyboard Driver has stopped working.  I think it is associated wiht MHotkey.  This new today. 

 

Addtionally I get a desktop.ini File:  [.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787.  Is this something I should be concerned about? 

 

FInally, I've done 3 or 4 restarts and the time and date seem to be fine. 
 



#20 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 15 November 2014 - 10:40 PM

Hi cstruck,
 

I'm getting a double notification that Multimedia Keyboard Driver has stopped working. I think it is associated wiht MHotkey.

Are you having any issues with your keyboard?
  • Click on Start-Run, type msconfig, then click on OK.
  • When the System Configuration Utility loads, click on the "Startup" tab..
  • When that opens, scroll through the items and check for the listing for your mulitmedia keyboard, then UNCHECK the box next to it.
  • Click on Apply, then OK and restart the computer.
  • After the compute restarts, you'll see a warning box about the System Configuration Utility and simply place a CHECK in the box that says: "Don't show this message again".
=========================
 

Addtionally I get a desktop.ini File: [.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787. Is this something I should be concerned about?
Desktop.ini files by default have the System and Hidden attributes set. If you have Show hidden files, folders, and drives turned on, make sure Hide protected operating system files is checked under Windows Explorer's


bullseye_zpse9eaf36e.gif Hide protected operating system files
  • To show hidden files, just click on the Organize button in any folder, and then select Folder and Search Options from the menu.
  • Click the View tab, and then locate Show hidden files and folders in the list.

    folderoptions_zps9e7f127d.gif
  • Place a check mark in the box next to "Hide protected operating system files"
  • Click Apply, then OK.
=========================

Post back with the results, then we will continue.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#21 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 16 November 2014 - 07:31 AM

Good morning OCD,  I tried both fixes and neither worked.  I did some more research and the desktop.ini message only happens on my login (it doesn't occur when I log off my account and log on to my wife's.  It does reoccur when I Iog back on to mine. 

 

The MHotKey: "Multimedia Keyboard Driverlhs stopped working" message occurs during each login for both users...and oddly you get the message twice.

 

FYI, the keyboard seems to be working fine.



#22 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 16 November 2014 - 09:20 AM

Hi cstruck,

Hmm...well I'm not exactly sure why these two issues are occuring, but since they don't seem to be having a negative impact on the computer at the moment let's continue with the malware removal process and see if they resolve themselves. If not, we'll have another look and see what we can do later.

bullseye_zpse9eaf36e.gif Re-run Farbar Recovery Scan Tool it should be on your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the tool opens click Yes to disclaimer.
  • Be sure to select the Addition box.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

  • new FRST.txt
  • new Addition.txt
  • How is the computer running at the moment?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#23 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 16 November 2014 - 02:26 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Carl (administrator) on CARL-PC on 16-11-2014 14:22:53
Running from C:\Users\Carl\Desktop
Loaded Profile: Carl (Available profiles: Carl & mlstruck & Julie & David & Katie)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Agere Systems) C:\Windows\System32\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Creative) C:\Windows\CNYHKey.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Chicony) C:\Windows\ModLEDKey.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6495264 2008-09-18] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-09-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1625192 2014-11-02] (Bitdefender)
HKLM-x32\...\Run: [LchDrvKey] => C:\Windows\LchDrvKey.exe [36864 2007-03-28] ()
HKLM-x32\...\Run: [P2Go_Menu] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe [240992 2009-12-08] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [LedKey] => C:\Windows\CNYHKey.exe [339968 2008-04-23] (Creative)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-05-31] (Google Inc.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-02] (Bitdefender)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\MountPoints2: {92e36653-a89d-11df-b363-00226863662d} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
BHO-x32: FastestIE -> {54404F81-99CC-4FD3-9D29-92689B86C2CC} -> C:\Program Files (x86)\FastestIE\FastestIE.dll (fastestie.com)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
DPF: HKLM-x32 {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
DPF: HKLM-x32 {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs...ameLauncher.CAB
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 216.177.160.61 216.177.160.60

FireFox:
========
FF ProfilePath: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default
FF NewTab: yafd:tabs
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @gamersfirst.com/LiveLauncher -> C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @Sibelius.com/Scorch Plugin -> C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll (IBM Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com [2010-01-19]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-27]
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2010-11-27]
FF Extension: Search Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-05-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-12-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-08-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-25]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-11-02]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-09-04]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010-01-19]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.aol.com/"
CHR Profile: C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Bitdefender Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2014-11-15]
CHR Extension: (Poppit!) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-23]
CHR Extension: (Visual Bookmarks) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkcpopggjcjkiicpenikeogioednjeac [2012-04-10]
CHR Extension: (Google Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-11-02] (Bitdefender)
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2008-08-19] () [File not signed]
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [596776 2014-09-30] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-02] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-02] (Bitdefender)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-11-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [120704 2012-02-07] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-02] (BitDefender S.R.L.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 14:22 - 2014-11-16 14:22 - 00000000 ____D () C:\Users\Carl\Desktop\FRST-OlderVersion
2014-11-16 07:24 - 2014-11-16 07:24 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{3450F82D-FFC9-4EC7-BE7D-C35463756961}
2014-11-15 20:46 - 2014-11-15 20:46 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-11-15 20:46 - 2014-11-15 20:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 20:46 - 2014-11-15 20:46 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 20:46 - 2014-11-15 20:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-15 20:46 - 2014-11-15 20:46 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-15 20:46 - 2014-11-15 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-11-15 20:45 - 2014-11-15 20:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 20:45 - 2014-11-15 20:45 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 20:45 - 2014-11-15 20:45 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-15 20:45 - 2014-11-15 20:45 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-15 20:45 - 2014-11-15 20:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-15 19:05 - 2014-11-15 19:05 - 00000000 ____D () C:\Windows\CheckSur
2014-11-15 19:05 - 2014-11-15 19:05 - 00000000 ____D () C:\fcf2ae6dd531589a7f47cc9b50
2014-11-15 18:03 - 2014-11-15 18:03 - 00514864 _____ (Microsoft Corporation) C:\Users\Carl\Downloads\IE9-WindowsVista-x64-enu (2).exe
2014-11-14 21:23 - 2014-11-14 21:23 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Carl\Desktop\tdsskiller.exe
2014-11-14 21:11 - 2014-11-14 21:11 - 00000000 _____ () C:\Users\Carl\Desktop\1xpvgyo3nge3m.qmqa2i9.partial
2014-11-14 12:10 - 2014-11-14 12:11 - 00041590 _____ () C:\Users\Carl\Desktop\Addition.txt
2014-11-14 12:09 - 2014-11-16 14:23 - 00027117 _____ () C:\Users\Carl\Desktop\FRST.txt
2014-11-14 11:52 - 2014-11-14 11:52 - 00003178 _____ () C:\Users\Carl\Desktop\JRT.txt
2014-11-14 11:47 - 2014-11-14 11:47 - 00000000 ____D () C:\Windows\ERUNT
2014-11-14 11:31 - 2014-11-14 11:35 - 00000000 ____D () C:\AdwCleaner
2014-11-14 11:30 - 2014-11-14 11:30 - 02140160 _____ () C:\Users\Carl\Desktop\AdwCleaner.exe
2014-11-14 11:28 - 2014-11-14 11:28 - 00001397 _____ () C:\Users\Carl\Desktop\checkup.txt
2014-11-14 11:21 - 2014-11-14 11:21 - 00001397 _____ () C:\Users\Carl\Documents\checkup.txt
2014-11-14 11:08 - 2014-11-16 14:22 - 02117120 _____ (Farbar) C:\Users\Carl\Desktop\FRST64.exe
2014-11-14 11:08 - 2014-11-14 11:08 - 05198336 _____ (AVAST Software) C:\Users\Carl\Desktop\aswMBR.exe
2014-11-14 11:00 - 2014-11-14 11:00 - 00854448 _____ () C:\Users\Carl\Desktop\SecurityCheck.exe
2014-11-14 10:59 - 2014-11-14 10:59 - 01706808 _____ (Thisisu) C:\Users\Carl\Desktop\JRT.exe
2014-11-13 09:04 - 2014-11-02 15:01 - 00000000 ____D () C:\Users\Carl\AppData\Local\Deployment
2014-11-13 09:04 - 2014-11-02 15:01 - 00000000 ____D () C:\Users\Carl\AppData\Local\Apps\2.0
2014-11-12 18:41 - 2014-11-12 18:43 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F7B7211F-7DF3-4F52-AC66-4A184FED7C9A}
2014-11-12 18:35 - 2014-11-12 18:35 - 00000000 ____D () C:\Users\Katie\AppData\Local\Macromedia
2014-11-12 18:32 - 2014-11-12 18:32 - 00000000 ____D () C:\Users\Katie\AppData\Local\{DF1FB192-739E-41FA-8D7B-5F2E19DE2424}
2014-11-12 12:29 - 2014-11-12 12:29 - 00000000 ____D () C:\ProgramData\Dumps
2014-11-12 12:15 - 2014-11-12 12:15 - 00000000 ____D () C:\Users\Carl\{ca193454-bc05-40e6-8e1e-febbedb96b6c}
2014-11-12 11:55 - 2014-09-26 18:42 - 00883624 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2014-11-12 11:55 - 2014-09-26 18:42 - 00806824 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-11-12 11:54 - 2014-11-12 11:54 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Oracle
2014-11-12 11:50 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-12 11:50 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-12 11:50 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-12 11:50 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-12 11:49 - 2014-11-12 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-12 10:54 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 10:53 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:53 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 10:48 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 10:48 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 10:46 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 10:46 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:46 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:46 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 10:46 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-12 10:45 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:45 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 10:45 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:45 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 10:45 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 10:29 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 10:29 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:29 - 2014-09-04 15:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-11-12 10:29 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 10:27 - 2014-09-08 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-11-12 10:27 - 2014-09-08 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-11-11 15:18 - 2014-11-11 15:18 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{28088A49-EE22-4F40-BA56-0A17D0DD823C}
2014-11-11 13:46 - 2014-11-16 14:22 - 00000000 ____D () C:\FRST
2014-11-10 05:56 - 2014-11-10 05:56 - 00000000 ____D () C:\Users\Katie\Documents\My Scans
2014-11-09 14:26 - 2014-11-09 14:27 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{CDF00B65-7969-41F4-BC77-7F8EB4E65D3C}
2014-11-09 14:13 - 2014-11-09 14:13 - 00000000 ____D () C:\Users\Katie\Documents\Recipes
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AB61E324-AB16-40EE-89A7-115B7A8F0FA3}
2014-11-09 08:00 - 2014-11-12 11:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-09 07:47 - 2014-11-12 11:50 - 00006782 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-06 13:07 - 2014-11-07 01:09 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{B49A7250-9AC9-4646-BD66-C0D0002860CE}
2014-11-04 18:06 - 2014-11-04 18:06 - 00227194 _____ () C:\Users\Katie\Documents\Jetblue Reservation scan code Apr 2015.pptx
2014-11-02 17:44 - 2014-11-15 18:46 - 00000134 _____ () C:\Users\Carl\Desktop\Internet Explorer Troubleshooting.url
2014-11-02 16:39 - 2014-11-02 16:39 - 00537698 _____ () C:\ProgramData\1414974723.bdinstall.bin
2014-11-02 16:37 - 2014-11-02 16:37 - 00000684 ____H () C:\bdr-cf01
2014-11-02 16:36 - 2014-11-02 16:36 - 00001959 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-11-02 16:36 - 2014-11-02 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-11-02 16:36 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-11-02 16:36 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-11-02 16:36 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-11-02 16:35 - 2014-11-02 17:56 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-02 16:35 - 2014-11-02 16:42 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Bitdefender
2014-11-02 16:35 - 2014-11-02 16:37 - 00253404 ____H () C:\bdr-ld01
2014-11-02 16:35 - 2014-11-02 16:37 - 00009216 ____H () C:\bdr-ld01.mbr
2014-11-02 16:35 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-11-02 16:35 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-02 16:35 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-11-02 16:32 - 2014-11-02 17:55 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-02 16:32 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-02 16:31 - 2014-11-02 16:31 - 06770080 _____ () C:\Users\Carl\Downloads\bitdefender_tsecurity (1).exe
2014-11-02 16:24 - 2014-11-02 16:24 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-02 16:24 - 2014-11-02 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-01 16:32 - 2014-11-01 16:32 - 00000385 _____ () C:\Users\Katie\AppData\Roaminguser_gensett.xml
2014-11-01 15:59 - 2014-11-01 15:59 - 00000000 ____D () C:\Users\Katie\AppData\Local\{D2701221-158F-4D2B-BAE6-84AEE50A127C}
2014-10-30 20:54 - 2014-10-31 20:56 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{F2F8F1C4-1E88-4056-83CF-C6855D7E6644}
2014-10-30 20:00 - 2014-10-30 20:00 - 00000000 _____ () C:\Users\David\Desktop\David Stem Cells
2014-10-30 17:50 - 2014-10-30 17:50 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-10-30 16:15 - 2014-10-30 16:15 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AF51DC85-D4B3-46F1-AB2B-200D7ECAEC70}
2014-10-28 06:38 - 2014-10-30 06:43 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{92C16527-ED54-4A21-97EB-47E6AA9CAA6B}
2014-10-27 17:36 - 2014-10-27 17:36 - 00000000 ____D () C:\Users\Katie\AppData\Local\{174BD46C-ED3E-49ED-A115-DE683A6FE8A8}
2014-10-27 06:34 - 2014-10-27 18:37 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{66B3A009-F282-425C-8E94-13919D8882C9}
2014-10-26 10:51 - 2014-10-26 11:43 - 00000000 ____D () C:\Users\Katie\Downloads\Geography
2014-10-24 16:16 - 2014-11-13 19:58 - 00000000 ____D () C:\Users\Katie\Documents\French
2014-10-24 16:13 - 2014-10-24 16:13 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F1F966AE-1A89-4933-9FF4-EDA420A20D8C}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 14:21 - 2014-07-20 14:20 - 00000000 ___RD () C:\Users\Carl\Dropbox
2014-11-16 14:20 - 2014-07-18 12:03 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Dropbox
2014-11-16 14:20 - 2014-03-30 10:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30.job
2014-11-16 14:20 - 2011-12-23 19:14 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Skype
2014-11-16 14:20 - 2009-11-06 18:30 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 13:40 - 2012-04-27 11:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-16 13:32 - 2009-11-06 18:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 13:24 - 2014-03-30 10:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830.job
2014-11-16 13:14 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 13:14 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 07:24 - 2011-04-17 19:50 - 00000000 ____D () C:\Users\mlstruck\AppData\Roaming\BitDefender
2014-11-16 07:24 - 2010-11-29 16:30 - 00000000 ____D () C:\Users\mlstruck\Tracing
2014-11-16 07:24 - 2009-04-08 12:54 - 01914050 _____ () C:\Windows\WindowsUpdate.log
2014-11-16 07:20 - 2006-11-02 04:46 - 00006656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 07:14 - 2012-03-31 02:20 - 00021544 _____ () C:\Windows\system32\spsys.log
2014-11-16 07:14 - 2010-10-31 04:24 - 00000000 ____D () C:\Windows\SysWOW64\logishrd
2014-11-16 07:14 - 2010-10-31 04:24 - 00000000 ____D () C:\Windows\system32\logishrd
2014-11-16 07:14 - 2009-04-08 13:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-11-16 07:14 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 07:13 - 2006-11-02 07:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-15 21:21 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-15 21:05 - 2011-10-07 09:18 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-15 20:47 - 2006-11-02 05:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-11-15 20:47 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-15 20:46 - 2011-04-10 08:52 - 00025646 _____ () C:\Windows\IE9_main.log
2014-11-15 20:46 - 2006-11-02 04:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-11-15 20:46 - 2006-11-02 04:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-11-15 20:46 - 2006-11-01 22:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-11-15 20:46 - 2006-11-01 22:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-11-15 18:23 - 2008-01-20 19:26 - 06113642 _____ () C:\Windows\PFRO.log
2014-11-14 21:19 - 2014-03-30 10:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830
2014-11-14 21:19 - 2014-03-30 10:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30
2014-11-14 21:07 - 2012-04-10 16:07 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Yandex
2014-11-14 11:05 - 2009-06-08 20:27 - 00000000 ____D () C:\Users\mlstruck
2014-11-14 10:54 - 2014-07-20 14:20 - 00000918 _____ () C:\Users\Carl\Desktop\Dropbox.lnk
2014-11-14 10:54 - 2014-07-18 12:49 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 20:29 - 2006-11-02 05:33 - 00000000 __RSD () C:\Windows\Media
2014-11-13 19:27 - 2006-11-02 04:33 - 01310720 _____ () C:\Windows\system32\config\default_previous
2014-11-13 19:26 - 2010-08-18 13:30 - 00000000 ____D () C:\Users\Katie\Tracing
2014-11-12 18:43 - 2006-11-02 04:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-12 11:55 - 2008-11-03 13:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-12 11:40 - 2012-04-27 11:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 11:40 - 2012-04-27 11:19 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 11:40 - 2011-05-14 05:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:10 - 2006-11-02 07:21 - 00352808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:51 - 2008-11-03 13:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 10:44 - 2013-08-14 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 15:21 - 2010-01-04 21:52 - 00000000 ____D () C:\Users\mlstruck\Documents\Christmas
2014-11-09 15:14 - 2010-07-20 05:37 - 00000000 ____D () C:\Users\mlstruck\Documents\My Scans
2014-11-09 12:23 - 2013-04-22 15:22 - 00000000 ____D () C:\Users\Katie\Documents\English
2014-11-09 12:14 - 2010-01-04 19:48 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Apple Computer
2014-11-02 17:56 - 2014-03-26 12:42 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-11-02 17:55 - 2014-03-26 13:19 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-02 16:38 - 2014-03-26 12:42 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-11-02 16:37 - 2009-05-31 18:43 - 00000000 ____D () C:\Users\Carl
2014-11-02 16:36 - 2013-06-30 20:11 - 00011416 _____ () C:\Windows\setupact.log
2014-11-02 16:35 - 2012-03-29 15:40 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-02 16:32 - 2011-04-10 14:01 - 00000000 ____D () C:\Program Files\Common Files\BitDefender
2014-11-02 16:24 - 2009-05-31 18:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-01 10:21 - 2011-12-23 19:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-11-01 10:05 - 2014-03-10 14:49 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-10-31 23:26 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-26 15:06 - 2011-04-17 12:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\BitDefender
2014-10-23 19:43 - 2014-03-25 21:23 - 00000000 ____D () C:\Users\Carl\Documents\Liza
2014-10-23 05:11 - 2011-12-23 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-10-22 23:26 - 2012-04-10 16:06 - 00001134 _____ () C:\Users\Carl\AppData\Local\UserProducts.xml
2014-10-22 20:26 - 2009-09-04 19:08 - 00000000 ____D () C:\Users\Carl\Documents\My Scans

Some content of TEMP:
====================
C:\Users\Carl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kxo1x.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-16 07:21

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2014 03
Ran by Carl at 2014-11-16 14:23:59
Running from C:\Users\Carl\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 008.000.0003 - Vantage Linguistics)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.17.0.1227 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPD_HPSU (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.10.1217.0 - Logitech) Hidden
Combat Arms (HKLM-x32\...\Combat Arms) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.3111 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2019 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (x32 Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 11.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Elf_1 Toolbar (HKLM-x32\...\Elf_1 Toolbar) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
ExamView Assessment Suite (HKLM-x32\...\ExamView Pro) (Version:  - )
EZ Fonts (HKLM-x32\...\{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}) (Version: 1.0.0 - EZ Fonts)
FastestIE (HKLM-x32\...\FastestIE) (Version:  - )
Fax (x32 Version: 100.0.187.000 - Hewlett-Packard) Hidden
FLV Direct Player (HKLM-x32\...\FLV Direct Player) (Version:  - )
GamersFirst LIVE! (HKLM-x32\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Garmin City Navigator North America NT 2015.10 (HKLM-x32\...\{FCDB42FC-A70B-4041-877F-D73E16DE4345}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (x32 Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
IBM Lotus Forms Viewer 3.5.1 (HKLM-x32\...\{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}) (Version: 7.6.1.333 - IBM)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB0817 Keyboard Driver (HKLM-x32\...\{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}) (Version: 1.30.0000 - Gateway)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.00.1774.0 - Logitech) Hidden
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 10.63.5.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Money Essentials (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 4.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 en-US)) (Version: 4.0 - Mozilla)
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0390.0 - Microsoft Corporation)
MSN Toolbar Platform (x32 Version: 4.0.0379.0 - Microsoft Corporation) Hidden
MSVCSetup (x32 Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicnotes Software Suite 1.7.2 (HKLM-x32\...\Musicnotes Combined Installer_is1) (Version: 1.7.2 - Musicnotes Inc.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Oregon Trail® 5 (HKLM-x32\...\Oregon Trail® 5) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSSWCORE (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Sansa Updater (HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Sansa Updater) (Version:  - )
Scan (x32 Version: 10.1.0.0 - Hewlett-Packard) Hidden
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Shop To Win (HKLM-x32\...\{2EDEF827-E14D-400B-BB7C-C0B17DC15C6B}_is1) (Version: 1.0.25 - Shop To Win, LLC)
ShopAtHome SelectRebates (HKLM-x32\...\SelectRebatesUninstall) (Version:  - ) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Copy 3.1.1.1 (HKLM-x32\...\Smart Copy) (Version: 3.1.1.1 - I/O Interconnect)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Status (x32 Version: 100.0.175.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
TurboTax 2008 (HKLM-x32\...\TurboTax 2008) (Version:  - )
TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version:  - Intuit, Inc)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.1f5_24931 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VideoToolkit01 (x32 Version: 100.0.128.000 - Hewlett-Packard) Hidden
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Toolbar) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

16-11-2014 02:55:17 Windows Update
16-11-2014 03:04:53 Windows Update
16-11-2014 04:40:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 04:34 - 2006-09-18 13:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16401C9B-705D-4F18-AE8C-61E922B592A2} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {1FBD23B3-C6A4-4E3F-A6B4-579B682F97A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {27F35796-52FD-4041-A722-0F45210DE47F} - System32\Tasks\MHotkey => C:\Windows\MHotKey.exe [2008-05-30] ()
Task: {2D7DD812-6EA3-427A-98FE-3DC266D1FB4A} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Carl => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {2FE41E8E-F272-4302-B623-81B5FDAC1C42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {B4064DBF-457F-46EF-8884-ACAA4AF07010} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D8D335E4-0197-4ADE-BD19-8DB1BD93EBD2} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {DE7CB60C-8F79-4D3D-A460-B685A59D77D1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {E0465D82-723A-475D-B999-C4E25ACA34FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-02 16:35 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-11-02 16:35 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-11-02 16:36 - 2014-10-02 15:19 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-11-02 16:36 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-11-02 16:35 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2014-11-02 16:35 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2014-11-02 16:35 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2014-11-02 16:35 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2009-04-08 13:04 - 2008-06-11 10:18 - 00024576 ____N () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
2009-04-08 13:05 - 2009-04-08 13:05 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
2008-11-03 13:43 - 2008-08-19 18:53 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2008-08-30 01:59 - 2008-08-30 01:59 - 00117248 _____ () C:\Windows\system32\atitmm64.dll
2011-09-03 13:52 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-05-07 15:34 - 2010-05-07 15:34 - 00168792 ____N () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2010-05-07 15:43 - 2010-05-07 15:43 - 00651096 ____N () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-31 20:39 - 2009-08-31 20:39 - 00755712 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
2009-08-31 20:54 - 2009-08-31 20:54 - 00471040 ____N () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2010-04-11 11:04 - 2010-04-11 11:04 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-04-11 11:04 - 2010-04-11 11:04 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2011-02-22 06:55 - 2011-02-22 06:55 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2014-11-16 14:20 - 2014-11-16 14:20 - 00043008 _____ () c:\users\carl\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kxo1x.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\libcef.dll
2010-05-07 15:35 - 2010-05-07 15:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 15:35 - 2010-05-07 15:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 15:36 - 2010-05-07 15:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 15:36 - 2010-05-07 15:36 - 00921944 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
2010-05-07 15:37 - 2010-05-07 15:37 - 00027480 ____N () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 15:37 - 2010-05-07 15:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2010-11-12 06:23 - 2010-11-12 06:23 - 00330584 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Carl\Downloads\IE9-WindowsVista-x64-enu (2).exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupreg: Praetorian =>
MSCONFIG\startupreg: SelectRebates => "C:\Program Files (x86)\SelectRebates\SelectRebates.exe"
MSCONFIG\startupreg: Smart Copy => "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A

========================= Accounts: ==========================

Administrator (S-1-5-21-2265821247-3271303352-2493671787-500 - Administrator - Disabled)
Carl (S-1-5-21-2265821247-3271303352-2493671787-1000 - Administrator - Enabled) => C:\Users\Carl
David (S-1-5-21-2265821247-3271303352-2493671787-1003 - Limited - Enabled) => C:\Users\David
Guest (S-1-5-21-2265821247-3271303352-2493671787-501 - Limited - Disabled)
Julie (S-1-5-21-2265821247-3271303352-2493671787-1002 - Limited - Enabled) => C:\Users\Julie
Katie (S-1-5-21-2265821247-3271303352-2493671787-1004 - Limited - Enabled) => C:\Users\Katie
mlstruck (S-1-5-21-2265821247-3271303352-2493671787-1001 - Administrator - Enabled) => C:\Users\mlstruck

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2014 02:20:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application MHotkey.exe, version 3.0.0.15, time stamp 0x00000000, faulting module MHotkey.exe, version 3.0.0.15, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0000c1a5,
process id 0x19c0, application start time 0xMHotkey.exe0.

Error: (11/16/2014 02:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/16/2014 02:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/16/2014 02:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/16/2014 02:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/16/2014 02:20:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application MHotKey.exe, version 3.0.0.15, time stamp 0x00000000, faulting module MHotKey.exe, version 3.0.0.15, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0000c1a5,
process id 0x12bc, application start time 0xMHotKey.exe0.

Error: (11/16/2014 07:44:28 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (11/16/2014 07:25:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application MHotkey.exe, version 3.0.0.15, time stamp 0x00000000, faulting module MHotkey.exe, version 3.0.0.15, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0000c1a5,
process id 0x1294, application start time 0xMHotkey.exe0.

Error: (11/16/2014 07:25:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/16/2014 07:25:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (11/16/2014 07:16:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (11/16/2014 07:15:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: int15%%31

Error: (11/16/2014 07:15:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (11/16/2014 07:14:36 AM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "CARL-PC        :20" could not be registered on the interface with IP address 192.168.0.18.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (11/16/2014 07:14:36 AM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "CARL-PC        :0" could not be registered on the interface with IP address 192.168.0.18.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (11/16/2014 07:14:36 AM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "CARL-PC        :0" could not be registered on the interface with IP address 192.168.0.18.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (11/16/2014 07:14:36 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{6249F7B0-5D66-4930-9A04-3257C9BCA852} because another computer on the network has the same name.  The server could not start.

Error: (11/16/2014 07:14:33 AM) (Source: netbt) (EventID: 4321) (User: )
Description: The name "CARL-PC        :20" could not be registered on the interface with IP address 192.168.0.18.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (11/16/2014 07:14:33 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{6249F7B0-5D66-4930-9A04-3257C9BCA852} because another computer on the network has the same name.  The server could not start.

Error: (11/16/2014 07:07:16 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Microsoft Office Sessions:
=========================
Error: (04/01/2012 00:57:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 129 seconds with 120 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2014-11-07 14:08:27.504
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 14:08:26.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 14:08:26.377
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 14:08:25.831
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 10:53:49.286
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 10:53:48.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 10:53:48.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 10:53:47.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-11-07 10:43:53.165
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-26 13:37:21.585
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\bdsandbox.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Phenom™ 9150e Quad-Core Processor
Percentage of memory in use: 60%
Total physical RAM: 3838.27 MB
Available physical RAM: 1499.64 MB
Total Pagefile: 7890.96 MB
Available Pagefile: 5181.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:586.4 GB) (Free:462.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 83E6D949)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=586.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Computer seems to be running well with the exeption of the previously mentioned log on items, MHotKey and Desktop.ini



#24 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 16 November 2014 - 09:33 PM

Hi cstruck,

bullseye_zpse9eaf36e.gif FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
 
Start
CloseProcesses:
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
MSCONFIG\startupreg: SelectRebates => "C:\Program Files (x86)\SelectRebates\SelectRebates.exe"
EmptyTemp:
End
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

bullseye_zpse9eaf36e.gif Re- run AdwCleaner

It should be on your desktop
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a log file report (AdwCleaner[S1].txt) will open automatically.
  • Copy and paste the contents of that log file in your next reply.
  • A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================

bullseye_zpse9eaf36e.gif Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (save it to your desktop).
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Select Scan tab.
    MBAMDashboard_zpsddef9b5f.gif
  • Select type of scan to perform:
    MBAMScanTab_zps2c5e74bd.gif
    • Threat Scan < --- Select this type of scan
    • Custom Scan
    • Hyper Scan
  • Next click the Scan button.
  • When the scan is complete, if no malicious items are found you can close the program.
  • If malicious items are found be sure that everything is checked, and click Quarantine .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================

bullseye_zpse9eaf36e.gif ESET Online Scanner

*Note:
  • It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
  • Please don't go surfing while your resident protection is disabled!
  • Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
  • Click Start
  • Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
  • Click Scan.
  • Wait for the scan to finish.
  • When the scan completes, click List of found threats
  • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
  • Include the contents of this report in your next reply

    Note - when ESET doesn't find any threats, no report will be created.
  • Push the back button.
  • Push Finish
  • Re-enable your Antivirus software.
=========================

In your next post please provide the following:
  • Fixlog.txt
  • AdwCleaner[S1].txt
  • MBAM log
  • ESET's log.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#25 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 17 November 2014 - 01:03 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03
Ran by Carl at 2014-11-16 21:43:31 Run:2
Running from C:\Users\Carl\Desktop
Loaded Profile: Carl (Available profiles: Carl & mlstruck & Julie & David & Katie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
MSCONFIG\startupreg: SelectRebates => "C:\Program Files (x86)\SelectRebates\SelectRebates.exe"
EmptyTemp:
End
*****************

Processes closed successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => Key deleted successfully.
"HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File => Error: No automatic fix found for this entry.
MSCONFIG\startupreg: SelectRebates => "C:\Program Files (x86)\SelectRebates\SelectRebates.exe" => Error: No automatic fix found for this entry.
EmptyTemp: => Removed 321.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

# AdwCleaner v4.101 - Report created 16/11/2014 at 21:53:03
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Carl - CARL-PC
# Running from : C:\Users\Carl\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Users\Carl\AppData\LocalLow\HPAppData
[!] Folder Deleted : C:\Users\Katie\AppData\LocalLow\HPAppData
[!] Folder Deleted : C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkcpopggjcjkiicpenikeogioednjeac
[!] Folder Deleted : C:\Users\Carl\AppData\Local\Chromium\User Data\Default\Extensions\nkcpopggjcjkiicpenikeogioednjeac
File Deleted : C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\invalidprefs.js
File Deleted : C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592

-\\ Mozilla Firefox v12.0 (en-US)

-\\ Google Chrome v38.0.2125.122

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [40169 octets] - [14/11/2014 11:31:49]
AdwCleaner[R1].txt - [2001 octets] - [16/11/2014 21:49:52]
AdwCleaner[S0].txt - [43135 octets] - [14/11/2014 11:34:34]
AdwCleaner[S1].txt - [1958 octets] - [16/11/2014 21:53:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2018 octets] ##########

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/16/2014
Scan Time: 10:04:44 PM
Logfile: mbamlog.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.17.01
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Carl

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 533682
Time Elapsed: 22 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll.vir a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll.vir Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll.vir Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll.vir a variant of Win64/Toolbar.SearchSuite.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Carl\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Katie\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\mlstruck\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Elf_1\tbElf_.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Program Files (x86)\InstallConverter bundle uninstaller\uninstaller.exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Users\Carl\Downloads\AnySendSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantined
 

 

That took a while.  One issue:  the note that I needed to restart following MBAM came up after I had already started ESET.  Hopefully everything still worked. 

 

I was able to keep Desktop.ini file from popping up by checking read-only and hidden in properties. 

 

Let me know what I need to do next.


    Advertisements

Register to Remove


#26 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 17 November 2014 - 01:22 AM

Hi cstruck,

Logs are looking good.

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • Java 7 Update 71
  • Adobe Reader 8
  • Adobe Reader 10.1.10
=========================

bullseye_zpse9eaf36e.gif Update Java
  • Get the current version of Java (Version 8 Update 25) by going to http://java.com/en/d...windows_xpi.jsp
  • Select the Verify Java Version button and follow the onscreen instructions to update if necessary.
=========================

bullseye_zpse9eaf36e.gif Adobe Reader:

Go to http://get.adobe.com.../otherversions/
  • Use the drop down menu's to select your operating system
  • Select your language > Select The current version of Adobe Reader for your language
  • Remove the check mark from the box "Free! McAfee Security Scan Plus"
  • Click the Download button, and follow the onscreen directions to complete the installation.
Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

bullseye_zpse9eaf36e.gif Update Firefox
  • In the upper left corner of your monitor screen you will see an orange Firefox button Firefox-2_zpsa7259ec1.png
  • Click the dropdown menu, slide your mouse cursor over to the Help sub menu.
  • Wait for the Help menu to expand, then click on About Firefox
  • A small window will open similar to the one below.
Firefox-3_zpsc32408ba.png
  • Click on the Update button as shown in the image above.
  • Allow Mozilla Firefox to update, reboot if instructed to do so.
=========================

bullseye_zpse9eaf36e.gif Disk Defragmenter for Vista
  • Open Disk Defragmenter by clicking the Start button, > All Programs, > Accessories, > System Tools and then clicking Disk Defragmenter..
  • If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Click Defragment Now.
Disk Defragmenter might take from several minutes to a few hours to finish, depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.

Tutorial: http://windows.micro...-your-hard-disk

=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif Re-run Farbar Recovery Scan Tool it should be on your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================

In your next post please provide the following:
  • new FRST.txt
  • Any remaining issues?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#27 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 18 November 2014 - 07:39 AM

Good Morning OCD, the computer has been defragmenting for 24 hours.  I will keep you posted. 



#28 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 18 November 2014 - 09:12 AM

:thumbup:


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#29 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 18 November 2014 - 11:59 AM

Good afternoon OCD,

Finally finished the Defragmentation.  I had to do some electrical work on the house today and after shutting down the computer tripped the main breaker to the house.  Bottomline:  i think you might be right about the CMOS battery.  When I restarted the computer I had the CMOS settings and date/time message.  How hard is it to replace the battery.  It is a Gateway DX4200-09.

 

Here is the FRST Scan.  I'm still getting 2 MHotKey failure messages at startup.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Carl (administrator) on CARL-PC on 18-11-2014 11:51:24
Running from C:\Users\Carl\Desktop
Loaded Profile: Carl (Available profiles: Carl & mlstruck & Julie & David & Katie)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Users\Carl\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Users\Carl\Desktop\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Users\Carl\Desktop\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Creative) C:\Windows\CNYHKey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Chicony) C:\Windows\ModLEDKey.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6495264 2008-09-18] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-09-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1625192 2014-11-02] (Bitdefender)
HKLM-x32\...\Run: [LchDrvKey] => C:\Windows\LchDrvKey.exe [36864 2007-03-28] ()
HKLM-x32\...\Run: [P2Go_Menu] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe [240992 2009-12-08] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [LedKey] => C:\Windows\CNYHKey.exe [339968 2008-04-23] (Creative)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [260608 2009-04-10] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-05-31] (Google Inc.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-02] (Bitdefender)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\MountPoints2: {92e36653-a89d-11df-b363-00226863662d} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~2\WI9130~1\Datamngr\x64\datamngr.dll => C:\PROGRA~2\WI9130~1\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\wi9130~1\datamngr\datamngr.dll => "c:\progra~2\wi9130~1\datamngr\datamngr.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: FastestIE -> {54404F81-99CC-4FD3-9D29-92689B86C2CC} -> C:\Program Files (x86)\FastestIE\FastestIE.dll (fastestie.com)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
DPF: HKLM-x32 {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs...ameLauncher.CAB
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.251

FireFox:
========
FF ProfilePath: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default
FF NewTab: yafd:tabs
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @gamersfirst.com/LiveLauncher -> C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @Sibelius.com/Scorch Plugin -> C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll (IBM Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-27]
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2010-11-27]
FF Extension: Search Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-05-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-12-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-25]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-11-02]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-09-04]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010-01-19]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.aol.com/"
CHR Profile: C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Bitdefender Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2014-11-15]
CHR Extension: (Poppit!) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-23]
CHR Extension: (Google Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-11-02] (Bitdefender)
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Users\Carl\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\Carl\Desktop\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2008-08-19] () [File not signed]
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [596776 2014-09-30] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-02] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-02] (Bitdefender)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-11-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [120704 2012-02-07] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2008-08-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-02] (BitDefender S.R.L.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 18:31 - 2008-03-31 20:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9H.DLL
2014-11-17 07:45 - 2014-11-17 07:45 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-11-17 07:45 - 2014-11-17 07:45 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-17 07:30 - 2014-11-17 07:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-17 07:29 - 2014-11-17 07:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-17 00:48 - 2014-11-17 00:48 - 00002305 _____ () C:\Users\Carl\Desktop\ESETScan.txt
2014-11-16 22:36 - 2014-11-16 22:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-16 22:04 - 2014-11-16 22:04 - 00000687 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-16 22:04 - 2014-11-16 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-16 22:04 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-16 22:04 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-16 22:04 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-16 22:04 - 2008-08-06 01:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-16 22:01 - 2014-11-16 22:04 - 00000000 ____D () C:\Users\Carl\Desktop\Malwarebytes Anti-Malware
2014-11-16 21:59 - 2014-11-16 21:59 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Carl\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-16 21:56 - 2014-11-16 21:56 - 00002098 _____ () C:\Users\Carl\Desktop\AdwCleaner[S1].txt
2014-11-16 20:05 - 2014-11-17 07:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 20:05 - 2014-11-16 20:05 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-16 17:52 - 2014-11-16 17:52 - 00000000 ____D () C:\Users\Katie\AppData\Local\{603C6012-E4FB-4D8E-9650-CD9488BFCA15}
2014-11-16 14:22 - 2014-11-16 14:22 - 00000000 ____D () C:\Users\Carl\Desktop\FRST-OlderVersion
2014-11-16 07:24 - 2014-11-16 07:24 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{3450F82D-FFC9-4EC7-BE7D-C35463756961}
2014-11-15 20:46 - 2014-11-15 20:46 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-11-15 20:46 - 2014-11-15 20:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 20:46 - 2014-11-15 20:46 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 20:46 - 2014-11-15 20:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-15 20:46 - 2014-11-15 20:46 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-11-15 20:46 - 2014-11-15 20:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-15 20:46 - 2014-11-15 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 20:46 - 2014-11-15 20:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-11-15 20:45 - 2014-11-15 20:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 20:45 - 2014-11-15 20:45 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 20:45 - 2014-11-15 20:45 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-15 20:45 - 2014-11-15 20:45 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-15 20:45 - 2014-11-15 20:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-15 20:45 - 2014-11-15 20:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-15 20:45 - 2014-11-15 20:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-15 19:05 - 2014-11-15 19:05 - 00000000 ____D () C:\Windows\CheckSur
2014-11-15 19:05 - 2014-11-15 19:05 - 00000000 ____D () C:\fcf2ae6dd531589a7f47cc9b50
2014-11-15 18:03 - 2014-11-15 18:03 - 00514864 _____ (Microsoft Corporation) C:\Users\Carl\Downloads\IE9-WindowsVista-x64-enu (2).exe
2014-11-14 21:23 - 2014-11-14 21:23 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Carl\Desktop\tdsskiller.exe
2014-11-14 21:11 - 2014-11-14 21:11 - 00000000 _____ () C:\Users\Carl\Desktop\1xpvgyo3nge3m.qmqa2i9.partial
2014-11-14 12:10 - 2014-11-16 14:24 - 00041520 _____ () C:\Users\Carl\Desktop\Addition.txt
2014-11-14 12:09 - 2014-11-18 11:51 - 00028042 _____ () C:\Users\Carl\Desktop\FRST.txt
2014-11-14 11:52 - 2014-11-14 11:52 - 00003178 _____ () C:\Users\Carl\Desktop\JRT.txt
2014-11-14 11:47 - 2014-11-14 11:47 - 00000000 ____D () C:\Windows\ERUNT
2014-11-14 11:31 - 2014-11-16 21:53 - 00000000 ____D () C:\AdwCleaner
2014-11-14 11:30 - 2014-11-14 11:30 - 02140160 _____ () C:\Users\Carl\Desktop\AdwCleaner.exe
2014-11-14 11:28 - 2014-11-14 11:28 - 00001397 _____ () C:\Users\Carl\Desktop\checkup.txt
2014-11-14 11:21 - 2014-11-14 11:21 - 00001397 _____ () C:\Users\Carl\Documents\checkup.txt
2014-11-14 11:08 - 2014-11-16 14:22 - 02117120 _____ (Farbar) C:\Users\Carl\Desktop\FRST64.exe
2014-11-14 11:08 - 2014-11-14 11:08 - 05198336 _____ (AVAST Software) C:\Users\Carl\Desktop\aswMBR.exe
2014-11-14 11:00 - 2014-11-14 11:00 - 00854448 _____ () C:\Users\Carl\Desktop\SecurityCheck.exe
2014-11-14 10:59 - 2014-11-14 10:59 - 01706808 _____ (Thisisu) C:\Users\Carl\Desktop\JRT.exe
2014-11-13 09:04 - 2014-11-02 15:01 - 00000000 ____D () C:\Users\Carl\AppData\Local\Deployment
2014-11-13 09:04 - 2014-11-02 15:01 - 00000000 ____D () C:\Users\Carl\AppData\Local\Apps\2.0
2014-11-12 18:41 - 2014-11-12 18:43 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F7B7211F-7DF3-4F52-AC66-4A184FED7C9A}
2014-11-12 18:35 - 2014-11-12 18:35 - 00000000 ____D () C:\Users\Katie\AppData\Local\Macromedia
2014-11-12 18:32 - 2014-11-12 18:32 - 00000000 ____D () C:\Users\Katie\AppData\Local\{DF1FB192-739E-41FA-8D7B-5F2E19DE2424}
2014-11-12 12:29 - 2014-11-12 12:29 - 00000000 ____D () C:\ProgramData\Dumps
2014-11-12 12:15 - 2014-11-12 12:15 - 00000000 ____D () C:\Users\Carl\{ca193454-bc05-40e6-8e1e-febbedb96b6c}
2014-11-12 11:54 - 2014-11-12 11:54 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Oracle
2014-11-12 10:54 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 10:53 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:53 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 10:48 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 10:48 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 10:46 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 10:46 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:46 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:46 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 10:46 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-12 10:45 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:45 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 10:45 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:45 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 10:45 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 10:29 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 10:29 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:29 - 2014-09-04 15:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-11-12 10:29 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 10:27 - 2014-09-08 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-11-12 10:27 - 2014-09-08 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-11-11 15:18 - 2014-11-11 15:18 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{28088A49-EE22-4F40-BA56-0A17D0DD823C}
2014-11-11 13:46 - 2014-11-18 11:51 - 00000000 ____D () C:\FRST
2014-11-10 05:56 - 2014-11-10 05:56 - 00000000 ____D () C:\Users\Katie\Documents\My Scans
2014-11-09 14:26 - 2014-11-09 14:27 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{CDF00B65-7969-41F4-BC77-7F8EB4E65D3C}
2014-11-09 14:13 - 2014-11-09 14:13 - 00000000 ____D () C:\Users\Katie\Documents\Recipes
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AB61E324-AB16-40EE-89A7-115B7A8F0FA3}
2014-11-09 08:00 - 2014-11-17 07:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-09 07:47 - 2014-11-12 11:50 - 00006782 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-06 13:07 - 2014-11-07 01:09 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{B49A7250-9AC9-4646-BD66-C0D0002860CE}
2014-11-04 18:06 - 2014-11-04 18:06 - 00227194 _____ () C:\Users\Katie\Documents\Jetblue Reservation scan code Apr 2015.pptx
2014-11-02 17:44 - 2014-11-15 18:46 - 00000134 _____ () C:\Users\Carl\Desktop\Internet Explorer Troubleshooting.url
2014-11-02 16:39 - 2014-11-02 16:39 - 00537698 _____ () C:\ProgramData\1414974723.bdinstall.bin
2014-11-02 16:37 - 2014-11-02 16:37 - 00000684 ____H () C:\bdr-cf01
2014-11-02 16:36 - 2014-11-02 16:36 - 00001959 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-11-02 16:36 - 2014-11-02 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-11-02 16:36 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-11-02 16:36 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-11-02 16:36 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-11-02 16:35 - 2014-11-02 17:56 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-02 16:35 - 2014-11-02 16:42 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Bitdefender
2014-11-02 16:35 - 2014-11-02 16:37 - 00253404 ____H () C:\bdr-ld01
2014-11-02 16:35 - 2014-11-02 16:37 - 00009216 ____H () C:\bdr-ld01.mbr
2014-11-02 16:35 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-11-02 16:35 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-02 16:35 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-11-02 16:32 - 2014-11-02 17:55 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-02 16:32 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-02 16:31 - 2014-11-02 16:31 - 06770080 _____ () C:\Users\Carl\Downloads\bitdefender_tsecurity (1).exe
2014-11-02 16:24 - 2014-11-02 16:24 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-02 16:24 - 2014-11-02 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-01 16:32 - 2014-11-01 16:32 - 00000385 _____ () C:\Users\Katie\AppData\Roaminguser_gensett.xml
2014-11-01 15:59 - 2014-11-01 15:59 - 00000000 ____D () C:\Users\Katie\AppData\Local\{D2701221-158F-4D2B-BAE6-84AEE50A127C}
2014-10-30 20:54 - 2014-10-31 20:56 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{F2F8F1C4-1E88-4056-83CF-C6855D7E6644}
2014-10-30 20:00 - 2014-10-30 20:00 - 00000000 _____ () C:\Users\David\Desktop\David Stem Cells
2014-10-30 17:50 - 2014-10-30 17:50 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-10-30 16:15 - 2014-10-30 16:15 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AF51DC85-D4B3-46F1-AB2B-200D7ECAEC70}
2014-10-28 06:38 - 2014-10-30 06:43 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{92C16527-ED54-4A21-97EB-47E6AA9CAA6B}
2014-10-27 17:36 - 2014-10-27 17:36 - 00000000 ____D () C:\Users\Katie\AppData\Local\{174BD46C-ED3E-49ED-A115-DE683A6FE8A8}
2014-10-27 06:34 - 2014-10-27 18:37 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{66B3A009-F282-425C-8E94-13919D8882C9}
2014-10-26 10:51 - 2014-10-26 11:43 - 00000000 ____D () C:\Users\Katie\Downloads\Geography
2014-10-24 16:16 - 2014-11-13 19:58 - 00000000 ____D () C:\Users\Katie\Documents\French
2014-10-24 16:13 - 2014-10-24 16:13 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F1F966AE-1A89-4933-9FF4-EDA420A20D8C}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 11:47 - 2006-11-02 04:46 - 00006656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 11:45 - 2014-07-20 14:20 - 00000000 ___RD () C:\Users\Carl\Dropbox
2014-11-18 11:45 - 2014-07-18 12:03 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Dropbox
2014-11-18 11:44 - 2011-12-23 19:14 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Skype
2014-11-18 10:59 - 2009-04-08 12:54 - 02026115 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 10:59 - 2006-11-02 07:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-18 10:40 - 2012-04-27 11:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-18 10:32 - 2009-11-06 18:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-18 10:24 - 2014-03-30 10:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830.job
2014-11-17 18:31 - 2009-05-31 18:43 - 00000000 ____D () C:\Users\Carl
2014-11-17 18:28 - 2006-11-02 05:33 - 00000000 __RSD () C:\Windows\Media
2014-11-17 18:07 - 2010-08-18 13:30 - 00000000 ____D () C:\Users\Katie\Tracing
2014-11-17 07:45 - 2009-08-30 22:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-17 07:45 - 2009-06-17 18:48 - 00000000 ____D () C:\Users\Carl\AppData\Local\Adobe
2014-11-17 07:45 - 2008-11-03 13:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-17 07:36 - 2010-01-11 21:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-17 07:29 - 2008-11-03 13:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-17 00:42 - 2011-01-05 16:15 - 00000000 ____D () C:\Program Files (x86)\Elf_1
2014-11-16 22:38 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\Speech
2014-11-16 17:57 - 2011-04-17 16:15 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\BitDefender
2014-11-16 07:24 - 2011-04-17 19:50 - 00000000 ____D () C:\Users\mlstruck\AppData\Roaming\BitDefender
2014-11-16 07:24 - 2010-11-29 16:30 - 00000000 ____D () C:\Users\mlstruck\Tracing
2014-11-15 21:21 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-15 20:47 - 2006-11-02 05:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-11-15 20:47 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-15 20:46 - 2011-04-10 08:52 - 00025646 _____ () C:\Windows\IE9_main.log
2014-11-15 20:46 - 2006-11-02 04:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-11-15 20:46 - 2006-11-02 04:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-11-15 20:46 - 2006-11-01 22:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-11-15 20:46 - 2006-11-01 22:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-11-14 21:19 - 2014-03-30 10:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830
2014-11-14 21:19 - 2014-03-30 10:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30
2014-11-14 21:07 - 2012-04-10 16:07 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Yandex
2014-11-14 11:05 - 2009-06-08 20:27 - 00000000 ____D () C:\Users\mlstruck
2014-11-14 10:54 - 2014-07-20 14:20 - 00000918 _____ () C:\Users\Carl\Desktop\Dropbox.lnk
2014-11-14 10:54 - 2014-07-18 12:49 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 19:27 - 2006-11-02 04:33 - 01310720 _____ () C:\Windows\system32\config\default_previous
2014-11-12 18:43 - 2006-11-02 04:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-12 11:40 - 2012-04-27 11:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 11:40 - 2012-04-27 11:19 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 11:40 - 2011-05-14 05:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:10 - 2006-11-02 07:21 - 00352808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:51 - 2008-11-03 13:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 10:44 - 2013-08-14 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 15:21 - 2010-01-04 21:52 - 00000000 ____D () C:\Users\mlstruck\Documents\Christmas
2014-11-09 15:14 - 2010-07-20 05:37 - 00000000 ____D () C:\Users\mlstruck\Documents\My Scans
2014-11-09 12:23 - 2013-04-22 15:22 - 00000000 ____D () C:\Users\Katie\Documents\English
2014-11-09 12:14 - 2010-01-04 19:48 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Apple Computer
2014-11-02 17:56 - 2014-03-26 12:42 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-11-02 17:55 - 2014-03-26 13:19 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-02 16:38 - 2014-03-26 12:42 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-11-02 16:36 - 2013-06-30 20:11 - 00011416 _____ () C:\Windows\setupact.log
2014-11-02 16:35 - 2012-03-29 15:40 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-02 16:32 - 2011-04-10 14:01 - 00000000 ____D () C:\Program Files\Common Files\BitDefender
2014-11-02 16:24 - 2009-05-31 18:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-01 10:21 - 2011-12-23 19:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-11-01 10:05 - 2014-03-10 14:49 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-10-31 23:26 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-26 15:06 - 2011-04-17 12:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\BitDefender
2014-10-23 19:43 - 2014-03-25 21:23 - 00000000 ____D () C:\Users\Carl\Documents\Liza
2014-10-23 05:11 - 2011-12-23 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-10-22 23:26 - 2012-04-10 16:06 - 00001134 _____ () C:\Users\Carl\AppData\Local\UserProducts.xml
2014-10-22 20:26 - 2009-09-04 19:08 - 00000000 ____D () C:\Users\Carl\Documents\My Scans

Some content of TEMP:
====================
C:\Users\Carl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkmlxwj.dll
C:\Users\Carl\AppData\Local\Temp\Quarantine.exe
C:\Users\Carl\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-18 11:50

==================== End Of Log ============================



#30 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 18 November 2014 - 03:56 PM

Hi cstruck,
 

How hard is it to replace the battery. It is a Gateway DX4200-09.

Well if your doing electrical on your house you shouldn't have much trouble changing the CMOS battery. :popcorn:

These directions might not be specific to your model, but they will give you an idea of the process.
http://www.computerh...es/ch000239.htm

I'm not sure if the CMOS battery issue has anything to do with the MHotkey problem.

Other than the CMOS battery issue and the MHotKey issue how is the computer running?


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users