# Remote user has hacked into my computer



## twinfin62 (Jun 25, 2014)

A remote user has hacked into my personal computer and is repeatedly attempting to get in to a cloud-based drive owned and operated by a non-profit organization I am affiliated with. Event Viewer shows hundreds of (thankfully unsuccessful) attempts to break in to the drive. I have updated and run Malwarebytes and SuperAntiSpyware Professional, and Microsoft Security Essentials runs regularly (I even updated and ran it an extra time for good measure!). I also reset my wifi password to lock them out, but that didn't even slow them down a little. Please help me - I need to get them out!!

Here are the logs you need:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:49 PM, on 6/24/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Users\Chris's Computer\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.goodsearch.com/?spMailin...1&spJobID=121735211&spReportId=MTIxNjU0NjU1S0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Chris's Computer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" (User '?')
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (User '?')
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (User '?')
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Google+ Auto Backup] "C:\Users\Chris's Computer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart (User '?')
O4 - HKUS\S-1-5-21-847771732-3420646878-1916418076-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User '?')
O4 - Global Startup: Jungle Disk Workgroup.lnk = C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm
O9 - Extra 'Tools' menuitem: &Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm
O9 - Extra button: (no name) - {B84F0310-C81D-4b9b-BA5A-8CF9EA8E489C} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://247pearsoned.custhelp.com
O15 - Trusted Zone: http://www.ebay.com
O15 - Trusted Zone: *.ecollege.com
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.myitlab.com
O15 - Trusted Zone: *.pearsoncmg.com
O15 - Trusted Zone: *.pearsoned.com
O15 - Trusted Zone: *.platinumpay.net
O15 - Trusted Zone: http://www.redplum.com
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} (Auctiva Image Uploader Control) - http://www.auctiva.com/Aurigma/ImageUploader57.cab
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\optimi~1\optpro~1.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: VPDAgent (Agent) - Two Pilots - C:\Windows\VPDAgent_x64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JungleDiskWorkgroupService - Jungle Disk, Inc. - C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Movielink Core Service - Blockbuster - C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Neat Startup Service - The Neat Company - C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18899 bytes

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
Run by Chris's Computer at 23:21:20 on 2014-06-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.1804 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\VPDAgent_x64.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.goodsearch.com/?spMailingID=6750068&spUserID=OTE2MDUxMDYwODQS1&spJobID=121735211&spReportId=MTIxNjU0NjU1S0
mStart Page = hxxp://www.google.com
uURLSearchHooks: {00000000-6E41-4FD3-8538-502F5495E5FC} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [Google+ Auto Backup] "C:\Users\Chris's Computer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\JUNGLE~1.LNK - C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm
Trusted Zone: ecollege.com
Trusted Zone: flixattic.com
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: mcafee.com
Trusted Zone: myitlab.com
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: platinumpay.net
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\2656C6B696E6E2662643 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\346464 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\544696D61687 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\65562796A7F6E6D2D496649653531303C4D214131303 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\C4F6675694E434 : DHCPNameServer = 192.168.83.1
TCP: Interfaces\{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}\F43686F61613 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: TiCoTTaCoupoon: {92D95D17-B987-EC0D-504E-05B39CD71326} - 
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: PriceDownloaader: {EF556BF2-9C5E-2B6C-6FD7-F771E9409A94} - 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f
x64-mASetup: Send To Neat - reg copy "HKLM\Software\The Neat Company\Send To Neat" "HKCU\Software\The Neat Company\Send To Neat" /s /f
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\
FF - prefs.js: browser.search.selectedEngine - GoodSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.goodsearch.com/|http://www.easternflorida.edu/
FF - prefs.js: keyword.URL - 
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Picasa2\npPicasa3.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\CHRIS'~1\AppData\Roaming\CATALI~2\npBcsKtTcHW.dll
FF - plugin: C:\Users\Chris's Computer\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll
FF - plugin: C:\Users\Chris's Computer\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npPrintUtil.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-6-28 55280]
R1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2013-11-1 321424]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-13 89600]
R2 Agent;VPDAgent;C:\Windows\VPDAgent_x64.exe [2013-12-1 148480]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-13 13336]
R2 JungleDiskWorkgroupService;JungleDiskWorkgroupService;C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe [2011-5-17 9769800]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-18 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-18 860472]
R2 Neat Startup Service;Neat Startup Service;C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [2014-1-3 5632]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 133928]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2011-8-2 145256]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-3-15 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-4-3 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-3-20 23552]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-5-13 1692480]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-6-24 5037888]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-13 2320920]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-3-25 282112]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-5-13 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-5-13 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-5-13 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-13 289280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-18 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-18 63704]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-17 7680512]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2010-11-16 141192]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2009-7-13 281088]
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSIb.sys [2009-7-13 15360]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-5-13 53800]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-13 35104]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-13 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-17 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-13 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-13 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-17 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-25 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-06-25 00:45:37 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DC017E87-1088-4C1E-BD03-885FB7AE1EAA}\offreg.dll
2014-06-24 17:33:31 -------- d-----w- C:\Users\Chris's Computer\AppData\Roaming\TeamViewer
2014-06-24 17:33:08 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-06-24 02:28:04 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2284841-C339-402D-84A1-B0DD2CDE81A4}\gapaengine.dll
2014-06-24 02:27:13 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DC017E87-1088-4C1E-BD03-885FB7AE1EAA}\mpengine.dll
2014-06-22 19:47:32 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-18 18:12:37 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-18 18:11:34 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-18 18:11:34 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-18 18:11:34 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-18 18:11:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-16 18:00:09 -------- d-----w- C:\Users\Chris's Computer\AppData\Local\{312AD767-9FA8-440D-B97E-EF5FC12F4339}
2014-06-16 17:33:37 -------- d-----w- C:\Users\Chris's Computer\AppData\Local\{5DA9E45C-A903-4BFD-AFB2-04953E5FF16E}
2014-06-16 17:21:48 -------- d-----w- C:\Users\Chris's Computer\AppData\Local\{1D4AC711-5D10-4084-85AD-1CF80B1FE538}
2014-06-14 00:01:16 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-14 00:01:15 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-06-13 23:59:22 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-13 23:59:20 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-30 18:44:14 -------- d-----w- C:\Program Files (x86)\Pinterest
.
==================== Find3M ====================
.
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-29 09:53:10 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-29 09:53:03 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-15 06:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-15 00:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-04 03:17:33 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-04-04 03:17:33 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-12 13:17:50 21865936 ----a-w- C:\Program Files\Java 7 U4.exe
.
============= FINISH: 23:28:49.60 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 6/22/2011 5:38:13 PM
System Uptime: 6/24/2014 8:33:36 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0WXY9J
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz | CPU 1 | 909/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 441 GiB total, 321.835 GiB free.
D: is CDROM ()
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP458: 5/14/2014 7:54:06 PM - Windows Update
RP459: 5/15/2014 3:01:18 AM - Windows Update
RP460: 5/19/2014 11:01:23 AM - Windows Update
RP461: 5/23/2014 2:33:04 AM - Windows Update
RP462: 5/26/2014 2:36:34 AM - Windows Update
RP463: 5/29/2014 11:20:34 AM - Windows Update
RP464: 6/1/2014 6:04:26 PM - Windows Update
RP465: 6/5/2014 2:41:24 AM - Windows Update
RP466: 6/8/2014 3:20:19 AM - Windows Update
RP467: 6/9/2014 12:38:14 PM - Windows Backup
RP468: 6/13/2014 8:01:16 PM - Windows Update
RP469: 6/14/2014 3:00:34 AM - Windows Update
RP470: 6/19/2014 2:53:53 AM - Windows Update
RP471: 6/22/2014 3:45:27 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10)
Advanced Audio FX Engine
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BlackBerry Desktop Software 7.0
BLOCKBUSTER Movielink
Blockbuster On Demand
Bonjour
Bonzuna
Brother MFL-Pro Suite MFC-495CW
Brother MFL-Pro Suite MFC-J450DW
Canon RAW Codec
Catalina Savings Printer
Coupon Printer for Windows
CouponPrinterPlugin
Cozi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Digital Delivery
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell Perks Webslice IE8
Dell PhotoStage
Dell Stage
Dell Support Center
Dell VideoStage
Dell Webcam Central
e-Sword
Entity Framework Designer for Visual Studio 2012 - enu
Extended Update
FindRight
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HTML-Kit 292
iCloud
IDT Audio
IKEA Home Planner Kitchen
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Internet Explorer
IrfanView (remove only)
iTunes
Java 7 Update 55
Java Auto Updater
Jungle Disk Workgroup
Junk Mail filter update
KONICA MINOLTA C364Series(PS_PCL_FAX)
LG USB Modem driver
LG Verizon United Driver
Malwarebytes Anti-Malware version 2.0.2.1012
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Help Viewer 2.0
Microsoft Mouse and Keyboard Center
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2012 Data-Tier App Framework 
Microsoft SQL Server 2012 Management Objects 
Microsoft SQL Server 2012 Management Objects (x64)
Microsoft SQL Server 2012 T-SQL Language Service 
Microsoft SQL Server 2012 Transact-SQL Compiler Service 
Microsoft SQL Server 2012 Transact-SQL ScriptDom 
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Compact 4.0 SP1 x64 ENU
Microsoft SQL Server Data Tools - enu (11.1.20828.01)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
Microsoft System CLR Types for SQL Server 2012
Microsoft System CLR Types for SQL Server 2012 (x64)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
Microsoft Visual C++ 2012 Core Libraries
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86-x64 Compilers
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2012 Preparation
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Shell (Minimum) Resources
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
Microsoft Visual Studio Express 2012 for Windows Desktop
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
Microsoft Visual Studio Team Foundation Server 2012 Object Model
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MyITLab
MyITLab ActiveX Installer 2, 9, 8, 65535
Neat
Neat ADF Scanner 2008 Driver
Neat ADF Scanner Driver
Neat Core Files
Neat Mobile Scanner (Silver) Driver
Neat Mobile Scanner 2008 Driver
Neat Mobile Scanner Driver
NeatConnect Scanner Driver
Nuance PaperPort 12
Optimizer Pro v3.2
Paint.NET v3.5.10
PaperPort Image Printer 64-bit
Picasa 3
Pin It
Prerequisites for SSDT 
PrInceCOUpon
Quickset64
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Roxio Burn
Safari
SanDiskSecureAccess_Manager.exe
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2767915) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Send To Neat
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
ShopAtHome.com Helper
Skype Click to Call
Skype? 6.11
SUPERAntiSpyware
Synaptics Pointing Device Driver
TeamViewer 9
TouchCopy 11
TrustedID
Update for (KB2504637)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition
UpdateService
VC80CRTRedist - 8.0.50727.6195
Visual Studio 2008 x64 Redistributables
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
.
==== Event Viewer Messages From Past Week ========
.
6/24/2014 8:37:59 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
6/24/2014 2:22:12 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
6/24/2014 2:12:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
6/24/2014 2:12:03 PM, Error: Service Control Manager [7000] - The Dell Digital Delivery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/24/2014 2:11:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
6/24/2014 11:15:43 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
6/24/2014 10:35:00 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
6/24/2014 10:33:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer9 service.
6/23/2014 8:36:11 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
6/23/2014 1:34:28 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer TWINFIN62 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}. The master browser is stopping or an election is being forced.
6/21/2014 8:57:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.177.132.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10701.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
6/21/2014 8:47:27 PM, Error: Service Control Manager [7022] - The Plug and Play service hung on starting.
6/18/2014 10:58:54 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer TARDIS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{90FC4FCC-283B-4B1A-BF5A-ECD763D20B9D}. The master browser is stopping or an election is being forced.
6/18/2014 1:56:55 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.175.2401.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10600.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
6/18/2014 1:22:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.175.2401.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10600.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
.
==== End Of File ===========================

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-06-25 10:44:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.D005 465.76GB
Running: wcdic4c9.exe; Driver: C:\Users\CHRIS'~1\AppData\Local\Temp\pftcqpoc.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800035b0000 45 bytes [00, 00, 3A, 02, 4D, 6D, 43, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800035b002f 16 bytes [00, 02, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[3084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe[5476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe[5476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Browny02\BrYNSvc.exe[5924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075be1465 2 bytes [BE, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075be14bb 2 bytes [BE, 75]
.text ... * 2

---- Threads - GMER 2.1 ----

Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2508:2704] 000007fef73c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2508:2784] 000007fef73c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2508:2792] 000007fef61dbc60
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2568:4320] 000007fef73c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2568:4728] 000007fef655f5f8
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2568:1308] 000007fef73c3e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2568:4296] 000007fef61dbc60
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2568:4280] 000007fef73c3e0c
Thread C:\Windows\system32\svchost.exe [3148:3256] 000007fef8563438
Thread C:\Windows\system32\svchost.exe [3148:3344] 00000000003bb128
Thread C:\Windows\system32\svchost.exe [3148:3364]  00000000003bb128
Thread C:\Windows\system32\svchost.exe [3148:3808] 000007fefab3a850
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1576:5980] 000007fefb822bf8
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1576:4144] 000007feeb454830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1576:5748] 000007feeb454830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1576:4504] 000007feeb454830

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8dafeec12 
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x01 0xBA 0x07 0x2C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8dafeec12 (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x01 0xBA 0x07 0x2C ...

---- EOF - GMER 2.1 ----


----------



## Mark1956 (May 7, 2011)

Hi, there is some indication that something nasty is in your system, do you recognize the computer names TARDIS or TWINFIN62 ?

Please run this scan and post the logs produced. NOTE: This will not make any changes to your system, but should show us if there are any serious infections present which we can then deal with.

Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

*Note:* If you get a warning that the download could harm your system, please ignore it and allow the download to go ahead. FRST is perfectly safe and we would never ask you to download anything that isn't.

*Note*: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click on FRST to run it. When the tool opens click *Yes* to the disclaimer.
Press the* Scan* button. *DO NOT* check any of the Optional Scan options unless requested.
It will make a log (*FRST.txt*) in the same directory the tool is run from. Please copy and paste it into your next reply.
The first time the tool is run, it makes another log (*Addition.txt*). Please also copy and paste that into your reply.


----------



## twinfin62 (Jun 25, 2014)

Hi, Thank you SOOOOO much for your quick response!

I think TARDIS is the bad guy!! Twinfin62 is my husband's computer, which I now think has also been compromised.

Here is the first log...I will send the 2nd in a separate reply, as the two together are apparently too long.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Chris's Computer (administrator) on INSPIRON1 on 25-06-2014 13:29:09
Running from C:\Users\Chris's Computer\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Jungle Disk, Inc.) C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Blockbuster) C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Jungle Disk, Inc.) C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Farbar) C:\Users\Chris's Computer\Desktop\Farbar Recovery Scan Tool.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1167360 2009-08-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-04-03] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-10] (Dell)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [DW7] => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [Google+ Auto Backup] => "C:\Users\Chris's Computer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-02-13] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jungle Disk Workgroup.lnk
ShortcutTarget: Jungle Disk Workgroup.lnk -> C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe (Jungle Disk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: JungleDiskWorkgroup1_Complete -> {78061A12-1E91-4446-8B65-8ED2FF328D4A} => C:\Program Files\Jungle Disk Workgroup\monitor_shellext.dll (.)
ShellIconOverlayIdentifiers: JungleDiskWorkgroup2_InProgress -> {700AD13D-E86F-41C9-9A8F-39B4C438806F} => C:\Program Files\Jungle Disk Workgroup\monitor_shellext.dll (.)
ShellIconOverlayIdentifiers: JungleDiskWorkgroup3_Conflicted -> {48C7A606-0F84-4DC8-8AFD-A157BDF18A08} => C:\Program Files\Jungle Disk Workgroup\monitor_shellext.dll (.)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.goodsearch.com/?spMailin...1&spJobID=121735211&spReportId=MTIxNjU0NjU1S0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x791762CE745DCD01
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/resul...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/resul...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/resul...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=
SearchScopes: HKCU - {7A351E8E-4E83-45DF-BF1C-4C5756E99AD1} URL = http://websearch.ask.com/redirect?c...pn_sauid=34B50A70-81B6-4824-B418-34A610B81592
SearchScopes: HKCU - {7ABE112C-04D8-4B13-B444-158A2277274D} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...bf8577ee800&lang=en&ds=AVG&pr=pr&d=2012-06-08 16:24:10&v=11.1.0.7&sap=dsp&q={searchTerms}
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TiCoTTaCoupoon - {92D95D17-B987-EC0D-504E-05B39CD71326} - C:\ProgramData\TiCoTTaCoupoon\OvX6C9O.x64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: PriceDownloaader - {EF556BF2-9C5E-2B6C-6FD7-F771E9409A94} - C:\ProgramData\PriceDownloaader\L.x64.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {E8558D71-5E4E-4217-B608-D2F5D3623AE3} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.com/Aurigma/ImageUploader57.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default
FF DefaultSearchEngine: GoodSearch
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: GoodSearch
FF Homepage: hxxp://www.goodsearch.com/|hxxp://www.easternflorida.edu/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll (Amazon.com, Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\CHRIS'~1\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: hopster.com/CouponPrinterPlugin - C:\Users\Chris's Computer\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll (Hopster)
FF user.js: detected! => C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\searchplugins\goodsearch.xml
FF Extension: PriceDownloaader - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\[email protected] [2014-03-10]
FF Extension: LuCkyCoupon - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\[email protected] [2014-03-28]
FF Extension: No Name - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\staged [2014-05-20]
FF Extension: Ghostery - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\[email protected] [2013-08-19]
FF Extension: Print/Print Preview - C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi [2012-12-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-03]
Chrome: 
=======
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=",
"hxxp://www.google.com"
CHR DefaultSearchProvider: "name": "Mysearchdial"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (inSite(sm) from American Express(R)) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdalklcikcagbhnhoedgmccojikcdkn\1.1.0.15_0\plugin/inSitePlugin.dll No File
CHR Plugin: (Microsoft\xC2\xAE Windows Media Player Firefox Plugin) - C:\PFiles\Plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Live\xC2\x99 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (LuCkyCoupon) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlloelohcpljpnagjfmaoneppeiffbk [2014-03-18]
CHR Extension: (PriceDownloaader) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhjgbeeehlmllkmgkjbmiigennononm [2014-03-04]
CHR Extension: (YouTube) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-21]
CHR Extension: (Google Search) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-21]
CHR Extension: (RealDownloader) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-01-05]
CHR Extension: (Skype Click to Call) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-05-12]
CHR Extension: (SalesChEckeR) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanblnimokboaeocjllbedldpdcfmaj [2014-05-20]
CHR Extension: (Google Wallet) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Gmail) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]
CHR Extension: (Domain Availability Checker and Whois Lookup) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokekecininnhejfkgcbnekjddnepope [2014-06-09]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-09-10] (SUPERAntiSpyware.com) [File not signed]
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-02-04] (Two Pilots) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Movielink Core Service; C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe [1867464 2010-01-28] (Blockbuster)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2014-01-03] (The Neat Company) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-03] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [321424 2010-11-30] (EldoS Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2014-06-25 13:29 - 2014-06-25 13:30 - 00040084 _____ () C:\Users\Chris's Computer\Desktop\FRST.txt
2014-06-25 13:28 - 2014-06-25 13:29 - 00000000 ____D () C:\FRST
2014-06-25 13:27 - 2014-06-25 13:27 - 02082816 _____ (Farbar) C:\Users\Chris's Computer\Desktop\Farbar Recovery Scan Tool.exe
2014-06-25 13:14 - 2014-06-25 13:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-25 13:13 - 2014-06-25 13:13 - 00001393 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-25 13:13 - 2014-06-25 13:13 - 00001381 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-25 13:13 - 2014-06-25 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-25 13:12 - 2014-06-25 13:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-25 13:12 - 2014-06-25 13:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-25 13:12 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-25 13:05 - 2014-06-25 13:08 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-25 13:05 - 2014-06-25 13:05 - 00001081 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-06-25 13:05 - 2014-06-25 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-06-25 13:05 - 2014-06-25 13:05 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 13:05 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-06-25 10:44 - 2014-06-25 10:44 - 00008981 _____ () C:\Users\Chris's Computer\Desktop\ark.txt
2014-06-24 23:32 - 2014-06-24 23:32 - 00018901 _____ () C:\Users\Chris's Computer\Desktop\hijackthis.log
2014-06-24 23:29 - 2014-06-24 23:29 - 00016621 _____ () C:\Users\Chris's Computer\Desktop\attach.txt
2014-06-24 23:29 - 2014-06-24 23:28 - 00031008 _____ () C:\Users\Chris's Computer\Desktop\dds.txt
2014-06-24 13:33 - 2014-06-25 10:45 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\TeamViewer
2014-06-24 13:33 - 2014-06-24 13:33 - 00001176 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-24 13:33 - 2014-06-24 13:33 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-24 13:33 - 2014-06-24 13:33 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-24 11:13 - 2014-06-25 12:53 - 00000420 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer.job
2014-06-24 11:13 - 2014-06-24 14:08 - 00000414 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Chris's Computer.job
2014-06-24 11:13 - 2014-06-24 14:08 - 00000410 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Chris's Computer.job
2014-06-24 11:13 - 2014-06-24 11:14 - 00003028 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00003658 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00003024 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00002732 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer
2014-06-23 15:11 - 2014-06-23 15:11 - 00137178 _____ () C:\Users\Chris's Computer\Desktop\OTL.Txt
2014-06-18 14:12 - 2014-06-25 13:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 14:12 - 2014-06-18 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 14:11 - 2014-06-18 14:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 14:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-18 14:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-18 14:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-16 14:00 - 2014-06-16 14:00 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{312AD767-9FA8-440D-B97E-EF5FC12F4339}
2014-06-16 13:33 - 2014-06-16 13:33 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{5DA9E45C-A903-4BFD-AFB2-04953E5FF16E}
2014-06-16 13:21 - 2014-06-16 13:21 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{1D4AC711-5D10-4084-85AD-1CF80B1FE538}
2014-06-13 20:01 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 20:01 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 20:00 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 20:00 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 20:00 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 20:00 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 20:00 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 20:00 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 20:00 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 20:00 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 20:00 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 20:00 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 20:00 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 20:00 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 20:00 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 20:00 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 20:00 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 20:00 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 20:00 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 20:00 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 20:00 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 20:00 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 20:00 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 20:00 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 20:00 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 20:00 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 20:00 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 20:00 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 20:00 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 20:00 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 20:00 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 20:00 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 20:00 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 20:00 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 20:00 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 20:00 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 20:00 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 20:00 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 20:00 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 20:00 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 20:00 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 20:00 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 20:00 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 20:00 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 20:00 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 20:00 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 20:00 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 20:00 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 20:00 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 20:00 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 20:00 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 20:00 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 20:00 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 20:00 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 20:00 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 20:00 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-13 20:00 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 20:00 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 20:00 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 20:00 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 20:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 20:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 20:00 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 20:00 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 20:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 20:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 19:59 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 19:59 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 06:21 - 2014-06-11 06:21 - 00014155 _____ () C:\Users\Chris's Computer\Desktop\ark1.txt
2014-06-11 05:47 - 2014-06-11 05:47 - 00380416 _____ () C:\Users\Chris's Computer\Desktop\wcdic4c9.exe
2014-06-11 05:33 - 2014-06-11 05:33 - 00032457 _____ () C:\Users\Chris's Computer\Desktop\dds1.txt
2014-06-11 05:33 - 2014-06-11 05:33 - 00014076 _____ () C:\Users\Chris's Computer\Desktop\attach1.txt
2014-06-11 05:30 - 2014-06-11 05:30 - 00688992 ____R (Swearware) C:\Users\Chris's Computer\Desktop\dds.scr
2014-06-11 05:27 - 2014-06-11 05:28 - 00019033 _____ () C:\Users\Chris's Computer\Desktop\hijackthis1.log
2014-05-30 14:44 - 2014-05-30 14:45 - 00003342 _____ () C:\Windows\System32\Tasks\PinItAutoUpdate
2014-05-30 14:44 - 2014-05-30 14:44 - 00000000 ____D () C:\Program Files (x86)\Pinterest
==================== One Month Modified Files and Folders =======
2014-06-25 13:30 - 2014-06-25 13:29 - 00040084 _____ () C:\Users\Chris's Computer\Desktop\FRST.txt
2014-06-25 13:30 - 2011-05-13 16:49 - 01655813 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 13:29 - 2014-06-25 13:28 - 00000000 ____D () C:\FRST
2014-06-25 13:27 - 2014-06-25 13:27 - 02082816 _____ (Farbar) C:\Users\Chris's Computer\Desktop\Farbar Recovery Scan Tool.exe
2014-06-25 13:23 - 2014-06-18 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 13:19 - 2014-06-25 13:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-25 13:16 - 2014-06-25 13:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-25 13:14 - 2014-06-25 13:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-25 13:13 - 2014-06-25 13:13 - 00001393 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-25 13:13 - 2014-06-25 13:13 - 00001381 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-25 13:13 - 2014-06-25 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-25 13:09 - 2011-05-13 17:17 - 00000000 ____D () C:\ProgramData\Temp
2014-06-25 13:08 - 2014-06-25 13:05 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-25 13:05 - 2014-06-25 13:05 - 00001081 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-06-25 13:05 - 2014-06-25 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-06-25 13:05 - 2014-06-25 13:05 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 12:53 - 2014-06-24 11:13 - 00000420 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer.job
2014-06-25 12:52 - 2011-06-22 17:40 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-06-25 12:52 - 2011-06-22 17:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-06-25 12:52 - 2011-05-13 17:36 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-06-25 12:43 - 2009-07-14 00:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 12:43 - 2009-07-14 00:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 12:37 - 2011-06-22 17:32 - 00309540 _____ () C:\stp.log
2014-06-25 12:34 - 2012-06-09 15:38 - 00048636 _____ () C:\Windows\setupact.log
2014-06-25 12:34 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 10:49 - 2012-01-09 03:34 - 00000000 ____D () C:\Users\Chris's Computer\Documents\Outlook Files
2014-06-25 10:46 - 2012-03-15 01:13 - 01421312 ___SH () C:\Users\Chris's Computer\Desktop\Thumbs.db
2014-06-25 10:45 - 2014-06-24 13:33 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\TeamViewer
2014-06-25 10:44 - 2014-06-25 10:44 - 00008981 _____ () C:\Users\Chris's Computer\Desktop\ark.txt
2014-06-24 23:32 - 2014-06-24 23:32 - 00018901 _____ () C:\Users\Chris's Computer\Desktop\hijackthis.log
2014-06-24 23:29 - 2014-06-24 23:29 - 00016621 _____ () C:\Users\Chris's Computer\Desktop\attach.txt
2014-06-24 23:28 - 2014-06-24 23:29 - 00031008 _____ () C:\Users\Chris's Computer\Desktop\dds.txt
2014-06-24 14:11 - 2011-06-22 17:37 - 00110560 _____ () C:\Users\Chris's Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-24 14:08 - 2014-06-24 11:13 - 00000414 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Chris's Computer.job
2014-06-24 14:08 - 2014-06-24 11:13 - 00000410 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Chris's Computer.job
2014-06-24 14:08 - 2009-07-14 00:45 - 00420840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-24 13:33 - 2014-06-24 13:33 - 00001176 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-24 13:33 - 2014-06-24 13:33 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-24 13:33 - 2014-06-24 13:33 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-24 11:18 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 11:14 - 2014-06-24 11:13 - 00003028 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00003658 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00003024 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Chris's Computer
2014-06-24 11:13 - 2014-06-24 11:13 - 00002732 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer
2014-06-24 00:16 - 2014-02-13 18:43 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-06-23 23:40 - 2013-12-01 20:48 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-23 15:11 - 2014-06-23 15:11 - 00137178 _____ () C:\Users\Chris's Computer\Desktop\OTL.Txt
2014-06-23 14:38 - 2011-06-25 18:31 - 00000000 ____D () C:\Users\Chris's Computer\Documents\Family Stuff
2014-06-23 14:30 - 2014-02-13 18:41 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-23 14:29 - 2012-06-09 15:38 - 00262734 _____ () C:\Windows\PFRO.log
2014-06-23 14:28 - 2014-05-20 16:32 - 00000000 ____D () C:\ProgramData\PrInceCOUpon
2014-06-23 11:51 - 2012-06-18 13:19 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-23 08:39 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-06-21 20:50 - 2011-06-25 18:22 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\Apple Computer
2014-06-18 14:12 - 2014-06-18 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 14:11 - 2014-06-18 14:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 14:11 - 2012-06-10 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-18 14:08 - 2011-07-05 11:17 - 00000000 ____D () C:\PFiles
2014-06-16 14:00 - 2014-06-16 14:00 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{312AD767-9FA8-440D-B97E-EF5FC12F4339}
2014-06-16 13:33 - 2014-06-16 13:33 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{5DA9E45C-A903-4BFD-AFB2-04953E5FF16E}
2014-06-16 13:21 - 2014-06-16 13:21 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\{1D4AC711-5D10-4084-85AD-1CF80B1FE538}
2014-06-14 03:22 - 2013-07-14 21:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 03:12 - 2011-06-25 16:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 03:09 - 2011-06-22 20:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-14 03:03 - 2014-05-06 14:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 19:37 - 2011-06-25 18:06 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Local\Apple
2014-06-11 06:46 - 2014-03-25 23:17 - 00007891 _____ () C:\Windows\BRRBCOM.INI
2014-06-11 06:21 - 2014-06-11 06:21 - 00014155 _____ () C:\Users\Chris's Computer\Desktop\ark1.txt
2014-06-11 05:47 - 2014-06-11 05:47 - 00380416 _____ () C:\Users\Chris's Computer\Desktop\wcdic4c9.exe
2014-06-11 05:33 - 2014-06-11 05:33 - 00032457 _____ () C:\Users\Chris's Computer\Desktop\dds1.txt
2014-06-11 05:33 - 2014-06-11 05:33 - 00014076 _____ () C:\Users\Chris's Computer\Desktop\attach1.txt
2014-06-11 05:30 - 2014-06-11 05:30 - 00688992 ____R (Swearware) C:\Users\Chris's Computer\Desktop\dds.scr
2014-06-11 05:28 - 2014-06-11 05:27 - 00019033 _____ () C:\Users\Chris's Computer\Desktop\hijackthis1.log
2014-06-09 19:26 - 2013-10-10 12:37 - 00000000 ____D () C:\Users\Chris's Computer\Documents\Love Inc
2014-06-09 12:00 - 2014-03-04 20:23 - 00000000 ____D () C:\ProgramData\4d09ce8d5400296d
2014-06-08 12:12 - 2012-06-11 09:37 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\Skype
2014-06-08 05:13 - 2014-06-13 19:59 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-13 19:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 16:48 - 2014-03-26 13:46 - 00000000 ____D () C:\Users\Chris's Computer\Desktop\SCANS
2014-06-05 15:30 - 2014-01-15 13:09 - 00087215 _____ () C:\Windows\system32\sdtn
2014-06-04 11:04 - 2011-06-25 18:31 - 00000000 ____D () C:\Users\Chris's Computer\Documents\Food
2014-05-31 02:59 - 2011-06-25 18:43 - 00000000 ____D () C:\Users\Chris's Computer\Documents\Couponing
2014-05-31 02:31 - 2011-10-20 22:15 - 00000000 ____D () C:\Users\Chris's Computer\Documents\HEALTH
2014-05-30 14:45 - 2014-05-30 14:44 - 00003342 _____ () C:\Windows\System32\Tasks\PinItAutoUpdate
2014-05-30 14:44 - 2014-05-30 14:44 - 00000000 ____D () C:\Program Files (x86)\Pinterest
2014-05-30 06:21 - 2014-06-13 20:00 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-13 20:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-13 20:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-13 20:00 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-13 20:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-13 20:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-13 20:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-13 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-13 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-13 20:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-13 20:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-13 20:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-13 20:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-13 20:00 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-13 20:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-13 20:00 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-13 20:00 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-13 20:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-13 20:00 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-13 20:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-13 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-13 20:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-13 20:00 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-13 20:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-13 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-13 20:00 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-13 20:00 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-13 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-13 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-13 20:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-13 20:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-13 20:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-13 20:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-13 20:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-13 20:00 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-13 20:00 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-13 20:00 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-13 20:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-13 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-13 20:00 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-13 20:00 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-13 20:00 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-13 20:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-13 20:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-13 20:00 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-13 20:00 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-13 20:00 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-13 20:00 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-13 20:00 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-13 20:00 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-13 20:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-13 20:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-27 11:04 - 2014-03-25 23:22 - 00000000 ____D () C:\Users\Chris's Computer\AppData\Roaming\ControlCenter4
2014-05-26 19:18 - 2014-03-25 23:16 - 00000000 ____D () C:\ProgramData\ControlCenter4
2014-05-26 19:18 - 2014-03-25 23:16 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
Some content of TEMP:
====================
C:\Users\Chris's Computer\AppData\Local\Temp\_is1FC4.exe
C:\Users\Chris's Computer\AppData\Local\Temp\_isB579.exe
C:\Users\Chris's Computer\AppData\Local\Temp\_isBF01.exe
C:\Users\Chris's Computer\AppData\Local\Temp\_isF194.exe

==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-04-20 13:27
==================== End Of Log ============================

Thanks, Again!!


----------



## twinfin62 (Jun 25, 2014)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Chris's Computer at 2014-06-25 13:31:58
Running from C:\Users\Chris's Computer\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BlackBerry Desktop Software 7.0 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.0.0.59 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.0 (x32 Version: 7.0.0.59 - Research In Motion Ltd.) Hidden
BLOCKBUSTER Movielink (HKLM-x32\...\Movielink Manager) (Version: - Blockbuster)
Blockbuster On Demand (HKLM-x32\...\{B1DEE15C-7C4C-40C0-9CE8-156B2FCC7DE7}) (Version: 2.4.139 - Echostar)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonzuna (HKLM-x32\...\{E7871729-C76F-49FE-9D37-EB4B7BF87206}) (Version: 1.0.0 - Search Core Systems)
Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J450DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.9.0.73 - Canon Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated)
CouponPrinterPlugin (HKLM-x32\...\{8AC6566B-131F-4987-82DF-932CED9FCA23}) (Version: 2.0.2.0 - Hopster) <==== ATTENTION
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Digital Delivery (HKLM-x32\...\{1C115E6B-88E0-4A31-BCA0-F89FDEA1F5FE}) (Version: 1.0.4295.850 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{89263C19-557E-4D23-AAD7-113F6175DFC1}) (Version: 1.5.402.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.30 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.1.1408 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.1.1408 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
e-Sword (HKLM-x32\...\{118071AB-6572-4FAD-A1FD-67264C994350}) (Version: 10.01.0000 - Rick Meyers)
Extended Update (HKCU\...\UpdaterEX) (Version: - Extended Update) <==== ATTENTION
FindRight (HKLM\...\FindRight) (Version: 2014.02.13.012613 - FindRight) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HTML-Kit 292 (HKLM-x32\...\HTMLKit_is1) (Version: 1.0 - HTMLKit.com)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
IKEA Home Planner Kitchen (HKLM-x32\...\IKEA Home Planner Kitchen) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jungle Disk Workgroup (HKLM\...\{4837C529-BBBC-47E3-95FC-70C69C003160}) (Version: 3.16 - Jungle Disk)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KONICA MINOLTA C364Series(PS_PCL_FAX) (HKLM\...\KONICA MINOLTA C364Series Installer(PS_PCL_FAX)) (Version: - KONICA MINOLTA)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.5.2 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyITLab (HKLM-x32\...\{58AFFDB8-CA72-45B3-869E-A5F10BC032AC}) (Version: 1.50.1 - Pearson Education)
MyITLab ActiveX Installer 2, 9, 8, 65535 (HKLM-x32\...\MyITLab ActiveX Installer_is1) (Version: - Pearson Education)
Neat (HKLM-x32\...\Neat) (Version: 5.4.1.273 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.5 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.4.1.273 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.5 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.4 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
NeatConnect Scanner Driver (HKLM\...\{6895EF47-6BD8-468E-BA09-B33636C65B7C}) (Version: 2.0.2.26 - The Neat Company)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.3 - Pinterest)
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PrInceCOUpon (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version: - PRinceCOupon) <==== ATTENTION
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.8 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.8 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SanDiskSecureAccess_Manager.exe (HKCU\...\@@[email protected]@SanDiskSecureAccess_Manager.exe) (Version: 1.0.0 - DMAILER)
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
ShopAtHome.com Helper (HKLM-x32\...\ShopAtHome.com Helper) (Version: 7.0.2.0 - ShopAtHome.com)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1150 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
TouchCopy 11 (HKLM-x32\...\{ECAD0979-DCA9-47D6-B375-8670EE200A95}) (Version: 11.25 - Wide Angle Software)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
==================== Restore Points =========================
14-05-2014 23:54:06 Windows Update
15-05-2014 07:01:18 Windows Update
19-05-2014 15:01:23 Windows Update
23-05-2014 06:33:04 Windows Update
26-05-2014 06:36:34 Windows Update
29-05-2014 15:20:34 Windows Update
01-06-2014 22:04:26 Windows Update
05-06-2014 06:41:24 Windows Update
08-06-2014 07:20:19 Windows Update
09-06-2014 16:38:14 Windows Backup
14-06-2014 00:01:16 Windows Update
14-06-2014 07:00:34 Windows Update
19-06-2014 06:53:53 Windows Update
22-06-2014 19:45:27 Windows Update
==================== Hosts content: ==========================
2009-07-13 22:34 - 2012-06-22 23:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2B43630D-3E0F-4DFB-8421-1E1B63A06032} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4E16AB3D-839A-4CA7-ABBC-F5F250CF4B8E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {5C647FDF-5A4D-4B83-8860-6C58A657AD7B} - System32\Tasks\ReclaimerUpdateFiles_Chris's Computer => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-23] (RealNetworks, Inc.)
Task: {62E200D0-E18F-4BA5-8EAA-44F340D8382C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {71096965-059B-40A4-887A-5A2B0743E3C2} - System32\Tasks\RNUpgradeHelperResumePrompt_Chris's Computer => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-23] (RealNetworks, Inc.)
Task: {74F15332-D398-4144-B6BE-12A1DF4FB6DD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-847771732-3420646878-1916418076-1000
Task: {78B20042-4C57-4C04-9D7B-EBCA789810DA} - System32\Tasks\ReclaimerUpdateXML_Chris's Computer => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-23] (RealNetworks, Inc.)
Task: {7A0DDF1B-B175-4430-B255-894B4F967F4D} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {891A7537-915B-4FC7-B91F-83A25DA2E9D8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {8D6BAC12-59A3-4C24-B2B0-765751BC75F6} - System32\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-23] (RealNetworks, Inc.)
Task: {BD16FF35-79BC-4F6F-A937-D3922B21266E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C0D29B26-804F-4043-B566-B29C74CA9797} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DB30E00E-8FFD-4671-9805-473E3E8178BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {ED897132-B5B3-4E07-A597-9DFD6D09FAE7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FF8B9E68-FE35-42A5-AC02-A2FEF1E5E7A6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Chris's Computer.job => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Chris's Computer.job => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Chris's Computer.job => C:\Users\Chris's Computer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1341d6e4-9c3e-4cfd-b463-9d0332034aae.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f2734ab9-7948-4efd-bc13-bd1fe5dcd963.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\CHRIS'~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-03-05 10:21 - 2010-03-05 10:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2009-12-25 21:52 - 2009-12-25 21:52 - 00015360 _____ () C:\Windows\System32\KOAYQS_L.DLL
2009-12-25 21:52 - 2009-12-25 21:52 - 00015360 _____ () C:\Windows\System32\KOAYQJ_L.DLL
2009-12-25 21:52 - 2009-12-25 21:52 - 00015360 _____ () C:\Windows\System32\KOAYQA_L.DLL
2013-12-01 20:18 - 2013-02-04 13:00 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2011-05-17 16:10 - 2011-05-17 16:10 - 00260096 _____ () C:\Program Files\Jungle Disk Workgroup\monitor_images.dll
2014-03-15 03:18 - 2014-03-15 03:18 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-03-20 21:13 - 2014-03-20 21:13 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-05 10:21 - 2010-03-05 10:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-05-13 17:37 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-27 20:14 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2014-02-13 18:41 - 2014-02-13 18:41 - 02681648 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-03 23:17 - 2014-04-03 23:17 - 00869976 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-14 04:36 - 2014-02-14 04:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2b6cfcda2d134768a7313df94cfcc1ee\IsdiInterop.ni.dll
2011-05-13 16:58 - 2010-06-08 11:44 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-06-27 20:14 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-25 13:12 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-25 13:12 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-25 13:12 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-25 13:12 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-25 13:12 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chris's Computer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: 9826DD4BAA709C90F6E93D4DF61653ADC9045E4D._service_run => "C:\Users\Chris's Computer\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LoadMSvcmm => "C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: pronto => "C:\Program Files (x86)\MyitlabBlackboard\Blackboard IM\blackboardim.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SanDiskSecureAccess_Manager.exe => C:\Users\Chris's Computer\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================
Application errors:
==================
Error: (06/25/2014 08:54:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/25/2014 08:54:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/23/2014 00:05:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10c4
Start Time: 01cf8eef5ce5c130
Termination Time: 109
Application Path: C:\Windows\Explorer.EXE
Report Id: 256111eb-faf0-11e3-911c-b65dc6858ca7
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15210
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15210
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/22/2014 07:00:06 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15679
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15679
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (06/25/2014 01:13:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
Error: (06/25/2014 01:13:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (06/25/2014 00:52:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (06/25/2014 00:37:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/25/2014 00:34:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:59:15 AM on ‎6/‎25/‎2014 was unexpected.
Error: (06/25/2014 08:46:08 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.177.628.0
Update Source: %NT AUTHORITY59
Update Stage: 4.5.0216.00
Source Path: 4.5.0216.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/25/2014 08:39:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/25/2014 08:35:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:14:16 AM on ‎6/‎25/‎2014 was unexpected.
Error: (06/24/2014 10:35:00 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
Error: (06/24/2014 10:33:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer9 service.

Microsoft Office Sessions:
=========================
Error: (06/25/2014 08:54:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
Error: (06/25/2014 08:54:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
Error: (06/23/2014 00:05:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756710c401cf8eef5ce5c130109C:\Windows\Explorer.EXE256111eb-faf0-11e3-911c-b65dc6858ca7
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15210
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15210
Error: (06/22/2014 10:03:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/22/2014 07:00:06 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15679
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15679
Error: (06/21/2014 09:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

CodeIntegrity Errors:
===================================
Date: 2012-06-22 23:37:24.306
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-06-22 23:37:24.243
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 
Percentage of memory in use: 58%
Total physical RAM: 3894.68 MB
Available physical RAM: 1628.83 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 5074.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:441.01 GB) (Free:322.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive j: (restricted) (Removable) (Total:500 GB) (Free:500 GB) FAT32
Drive k: (common) (Removable) (Total:500 GB) (Free:500 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ED92A924)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
==================== End Of Log ============================


----------



## twinfin62 (Jun 25, 2014)

I saw on another thread that Spybot Search and Destroy is recommended. I just downloaded it, but then I thought I should ask you before I run it...what do you think?


----------



## Mark1956 (May 7, 2011)

You already have SpywareBlaster and SuperAntiSpyware, both of these are recommended programs, Spybot is ok, but it does not have a great reputation and having too many Anti Spyware programs running on a system can cause performance issues. Spybot can also block some actions that we may need to perform with our Malware tools so I would recommend you uninstall it completely.

While we are working on your system please do not install, uninstall or run any programs that I have not requested as this can cause confusion in the log results.

The FRST logs do not show any serious infections, but we will run some more scans to make sure, from what I am seeing so far it seems that whoever is hacking into your system is doing it through a local computer which is close enough to log in to your private home network. For a hacker to do it from far away there would have to be a backdoor opened by a Rootkit infection which would normally have been detected by the FRST scan.

Something that does appear in the logs is several items of Adware which need to be dealt with, we can then move on to further scans for infections.

I can see you have had Combofix on your system, did you use it under the guidance of a Malware Expert, if you removed it how was it uninstalled?

Please uninstall all of these:
Catalina Savings Printer
CouponPrinterPlugin
Extended Update
FindRight
PrInceCOUpon

I would also recommend you uninstall Optimizer Pro v3, this kind of program is not recommended as it can cause more problems than it will fix. Optimizer programs are a waste of time and cleaning the registry is not required to keep your system running well.

When you have done all of that please run these two scans below and post the logs, the first one will detect and remove any Adware, the second will do another check for serious infections.

*SCAN 1*
Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

*NOTE:* If using Internet Explorer and you get an alert that stops the program downloading click on *Tools > Smartscreen Filter > Turn off Smartscreen Filter* then click on *OK* in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop: 

You will then see the screen below, click on the *Scan* button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the *Clean* button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

*NOTE:* If for any reason the report does not appear, open Windows Explorer and click on the C: drive in the left pane, in the right pane you should find a new folder called *Adwcleaner*, double click on it and you will see the saved logs. Find the log that has a number in brackets starting with an *S* NOT *R*, similar to this: *Adwcleaner[S1]*, double click on the one with the highest number and the log will open, Copy & Paste it into your reply.



=====================================

*SCAN 2*
Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option *DO NOT select delete* as you may remove files needed for the system to operate.

Please download Kaspersky's *TDSSKiller* and *save it to your Desktop. <-Important!*
You need to click on the green EXE button in line with TDSSKiller at the top of the list.
_-- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again._

_Be sure to print out and follow all of these instructions unless you can view them on another PC while running the program. _.


Double-click on *TDSSKiller.exe* to run the tool.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
If an update is available, TDSSKiller will prompt you to update and download the most current version. Click *Load Update*. Close TDSSKiller and start again.


When the program opens, click the *Change parameters.*


Under "Additional options", check the boxes next to *Verify file digital signatures* and *Detect TDLFS file system*, then click *OK*.


Click the *Start Scan* button.
Do not use the computer during the scan
If the scan completes with nothing found, click *Close* to exit.
If '*Suspicious objects*' are detected, the default action will be *Skip*. Leave the default set to Skip and click on *Continue*.
If *Malicious objects* are detected, they will show in the Scan results - *Select action for found objects:* and offer three options.
Ensure *Cure* is selected...then click *Continue* -> *Reboot computer* *for cure completion.*
*Important! ->* If *Cure* *is not available*, please choose *Skip* instead. *Do not choose Delete unless instructed.* If you choose *Delete* you may *remove critical system files* and make your PC *unstable* or possibly *unbootable*.
A log named *TDSSKiller_version_date_time_log.txt* will be created and saved to the root directory (usually Local Disk C: ).
Copy and paste the contents of that file in to your next reply.

_-- If TDSSKiller does not run, try renaming it. To do this, right-click on *TDSSKiller.exe*, select *Rename* and give it a random name with the *.com* file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else *before* beginning the download and saving to the computer or to perform the scan in "safe mode"._


----------



## Mark1956 (May 7, 2011)

I had to post the above instructions in a rush as we are experiencing bad internet reception and random power cuts.

Please continue after you have completed everything above with these instructions.

NOTE: This will empty your recycle bin, if you have anything you need in there please save it before you run this scan.
Download Temporary file cleaner and save it to the desktop. Make sure you do not use the Download button in the advert at the top of the page, use the button right next to the name *TFC - Temp File Cleaner by Old Timer*.
Double click on the icon to run it (it appears as a dark grey dustbin). For Windows 7 and Vista right click the icon and select *Run as Administrator*.
When the window opens click on* Start*. It will close all running programs and clear the desktop icons.
When complete you may be asked to reboot, if so accept the request and your PC will reboot automatically.

NOTE: There is no need to post the log, just confirm in your next post that it ran without a problem. At times it may appear to freeze, which is perfectly normal, it may take a while to complete the clean up depending on the amount of temporary files there are on the system.

==================================

We are now going to run FRST in a different way.


*IMPORTANT---> *First download the attachment at the bottom of this post by clicking on it and save it in the same location as FRST.
Launch *FRST* by double clicking on it. *DO NOT* click on the *Scan* button or check any of the boxes.
You may see a message that an update is installing, if so the program will close when the update completes, you will then need to double click on *FRST* to open it again.
When the *FRST* window opens click on the *Fix* button *just once* and wait.
You will see a message confirming the fix has been run and the log saved, click on *OK* and the Fixlog will open. *Copy & Paste* the full log it into your next reply.

*NOTE:* This fix has been written specifically for the PC being dealt with in this thread, if you run it on another system it may have undesirable consequences. If you have a similar problem, ask for help by opening a new thread in the appropriate forum.


----------



## twinfin62 (Jun 25, 2014)

ok. Spybot has been uninstalled - sry about that!


I figured out that TARDIS is my son's computer, so that is a non-issue. My biggest concern is that the Event Viewer shows hundreds of failed attempts to login to JungleDisk, which is the cloud based drive I told you about in my original explanation. I can attach a screenshot of the error message if that will help.


Not sure about Combofix - I don't remember anything about that one. I have received help through this forum in the past (quite a long time ago), so anything is possible...


I was able to uninstall the first three adware programs, but PrinceCoupon and FindRight gave me the message that "An error occurred while trying to uninstall. The program may have already been uninstalled. Would you like to remove the program from the programs and features list?" to which I answered 'no'.


Optimizer Pro is also gone.


I'm off to run the scans and will post them asap...


----------



## twinfin62 (Jun 25, 2014)

# AdwCleaner v3.213 - Report created 25/06/2014 at 23:25:44
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Chris's Computer - INSPIRON1
# Running from : C:\Users\Chris's Computer\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\4d09ce8d5400296d
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\PriceDownloaader
Folder Deleted : C:\ProgramData\PrInceCOUpon
Folder Deleted : C:\ProgramData\TiCoTTaCoupoon
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Users\Admin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Chris's Computer\AppData\Local\apn
Folder Deleted : C:\Users\Chris's Computer\AppData\Local\PackageAware
Folder Deleted : C:\Users\Chris's Computer\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Chris's Computer\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Chris's Computer\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Chris's Computer\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\Extensions\staged\[email protected]
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\Extensions\staged\[email protected]
Folder Deleted : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\[email protected]
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\Extensions\staged\[email protected]
Folder Deleted : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\Extensions\[email protected]
Folder Deleted : C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlloelohcpljpnagjfmaoneppeiffbk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlloelohcpljpnagjfmaoneppeiffbk
Folder Deleted : C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhjgbeeehlmllkmgkjbmiigennononm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhjgbeeehlmllkmgkjbmiigennononm
Folder Deleted : C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanblnimokboaeocjllbedldpdcfmaj
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanblnimokboaeocjllbedldpdcfmaj
File Deleted : C:\Windows\System32\drivers\wStLib64.sys
File Deleted : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\user.js
File Deleted : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\user.js
File Deleted : C:\Windows\Tasks\UpdaterEX.job
File Deleted : C:\Windows\System32\Tasks\UpdaterEX
***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FindRight
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v28.0 (en-US)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\prefs.js ]
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
[ File : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\prefs.js ]
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.7");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://isearch.avg.com/search?cid=%7B5c647c48-3071-413a-bfa0-95b267fc8346%7D&mid=070c7d44e7ba47d0bf6f11b19c1a05e1-5bc77d9eb225f72ac6ffbf17b6e63bf[...]
Line Deleted : user_pref("extensions.enabledAddons", "%7B19EB90DC-A456-458b-8AAC-616D91AAFCE1%7D:0.9,ffxtlbr%40mysearchdial.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");
Line Deleted : user_pref("extensions.irmysearch.aflt", "dnldstr0103");
Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
Line Deleted : user_pref("extensions.irmysearch.cr", "2133385130");
Line Deleted : user_pref("extensions.irmysearch.instlRef", "");
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={49594D98-040C-4C00-985C-DF22D17AEAD1}&mid=070c7d44e7ba47d0bf6f11b19c1a05e1-5bc77d9eb225f72ac6ffbf17b6e63bf8577ee800&lang=en&ds=AVG&pr=pr&d=2012-06-08 16:24:10&v=11.1.0.7&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=67A7C44E-4E5E-45DA-AD15-E8C5BFB2B44C&apn_ptnrs=TV&apn_sauid=34B50A70-81B6-4824-B418-34A610B81592&apn_dtid=OSJ000YYUS&q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130&ir=
*************************
AdwCleaner[R0].txt - [16599 octets] - [25/06/2014 23:12:37]
AdwCleaner[R1].txt - [16660 octets] - [25/06/2014 23:19:44]
AdwCleaner[S0].txt - [16354 octets] - [25/06/2014 23:25:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16415 octets] ##########


----------



## twinfin62 (Jun 25, 2014)

23:41:03.0757 0x13d8 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
23:41:07.0782 0x13d8 ============================================================
23:41:07.0782 0x13d8 Current date / time: 2014/06/25 23:41:07.0782
23:41:07.0782 0x13d8 SystemInfo:
23:41:07.0782 0x13d8 
23:41:07.0782 0x13d8 OS Version: 6.1.7601 ServicePack: 1.0
23:41:07.0782 0x13d8 Product type: Workstation
23:41:07.0782 0x13d8 ComputerName: INSPIRON1
23:41:07.0797 0x13d8 UserName: Chris's Computer
23:41:07.0797 0x13d8 Windows directory: C:\Windows
23:41:07.0797 0x13d8 System windows directory: C:\Windows
23:41:07.0797 0x13d8 Running under WOW64
23:41:07.0797 0x13d8 Processor architecture: Intel x64
23:41:07.0797 0x13d8 Number of processors: 4
23:41:07.0797 0x13d8 Page size: 0x1000
23:41:07.0797 0x13d8 Boot type: Normal boot
23:41:07.0797 0x13d8 ============================================================
23:41:10.0324 0x13d8 KLMD registered as C:\Windows\system32\drivers\14098992.sys
23:41:11.0432 0x13d8 System UUID: {1DDBA5BF-3BB7-A72E-16F6-FACEA960473E}
23:41:14.0380 0x13d8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:41:14.0396 0x13d8 ============================================================
23:41:14.0396 0x13d8 \Device\Harddisk0\DR0:
23:41:14.0396 0x13d8 MBR partitions:
23:41:14.0396 0x13d8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
23:41:14.0396 0x13d8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x37207030
23:41:14.0396 0x13d8 ============================================================
23:41:14.0474 0x13d8 C: <-> \Device\Harddisk0\DR0\Partition2
23:41:14.0474 0x13d8 ============================================================
23:41:14.0474 0x13d8 Initialize success
23:41:14.0474 0x13d8 ============================================================
23:41:48.0981 0x09d4 ============================================================
23:41:48.0981 0x09d4 Scan started
23:41:48.0981 0x09d4 Mode: Manual; SigCheck; TDLFS; 
23:41:48.0981 0x09d4 ============================================================
23:41:48.0981 0x09d4 KSN ping started
23:41:52.0039 0x09d4 KSN ping finished: true
23:41:53.0115 0x09d4 ================ Scan system memory ========================
23:41:53.0115 0x09d4 System memory - ok
23:41:53.0115 0x09d4 ================ Scan services =============================
23:41:53.0271 0x09d4 [ 581D88B25C4D4121824FED2CA38E562F, 838FFC4270ED32858A4AC14B389DEA1ECCCAAFC94BEAF683F8976B5F5A91DD15 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:41:53.0536 0x09d4 !SASCORE - detected UnsignedFile.Multi.Generic ( 1 )
23:41:56.0656 0x09d4 Detect skipped due to KSN trusted
23:41:56.0656 0x09d4 !SASCORE - ok
23:41:56.0953 0x09d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:41:57.0124 0x09d4 1394ohci - ok
23:41:57.0265 0x09d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:41:57.0343 0x09d4 ACPI - ok
23:41:57.0374 0x09d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:41:57.0514 0x09d4 AcpiPmi - ok
23:41:57.0655 0x09d4 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:41:57.0702 0x09d4 AdobeARMservice - ok
23:41:57.0858 0x09d4 [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:41:57.0920 0x09d4 AdobeFlashPlayerUpdateSvc - ok
23:41:58.0014 0x09d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:41:58.0107 0x09d4 adp94xx - ok
23:41:58.0185 0x09d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:41:58.0263 0x09d4 adpahci - ok
23:41:58.0294 0x09d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:41:58.0357 0x09d4 adpu320 - ok
23:41:58.0404 0x09d4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:41:58.0684 0x09d4 AeLookupSvc - ok
23:41:58.0762 0x09d4 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
23:41:58.0887 0x09d4 AESTFilters - ok
23:41:59.0012 0x09d4 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
23:41:59.0168 0x09d4 AFD - ok
23:41:59.0293 0x09d4 [ 8492D198CA7B91202816A23F7230D11B, 439CB84B41A4087FD52BD206051412485F590684C71CA3A373FFEB2616060FAE ] Agent C:\Windows\VPDAgent_x64.exe
23:41:59.0324 0x09d4 Agent - detected UnsignedFile.Multi.Generic ( 1 )
23:42:02.0428 0x09d4 Detect skipped due to KSN trusted
23:42:02.0428 0x09d4 Agent - ok
23:42:02.0491 0x09d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:42:02.0538 0x09d4 agp440 - ok
23:42:02.0569 0x09d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:42:02.0694 0x09d4 ALG - ok
23:42:02.0740 0x09d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:42:02.0787 0x09d4 aliide - ok
23:42:02.0818 0x09d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:42:02.0850 0x09d4 amdide - ok
23:42:02.0896 0x09d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:42:03.0006 0x09d4 AmdK8 - ok
23:42:03.0021 0x09d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:42:03.0115 0x09d4 AmdPPM - ok
23:42:03.0193 0x09d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:42:03.0240 0x09d4 amdsata - ok
23:42:03.0302 0x09d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:42:03.0364 0x09d4 amdsbs - ok
23:42:03.0380 0x09d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:42:03.0427 0x09d4 amdxata - ok
23:42:03.0505 0x09d4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:42:03.0786 0x09d4 AppID - ok
23:42:03.0817 0x09d4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:42:04.0004 0x09d4 AppIDSvc - ok
23:42:04.0082 0x09d4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
23:42:04.0176 0x09d4 Appinfo - ok
23:42:04.0300 0x09d4 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:42:04.0332 0x09d4 Apple Mobile Device - ok
23:42:04.0394 0x09d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:42:04.0441 0x09d4 arc - ok
23:42:04.0472 0x09d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:42:04.0534 0x09d4 arcsas - ok
23:42:04.0675 0x09d4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:42:04.0737 0x09d4 aspnet_state - ok
23:42:04.0768 0x09d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:42:04.0971 0x09d4 AsyncMac - ok
23:42:05.0049 0x09d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:42:05.0096 0x09d4 atapi - ok
23:42:05.0221 0x09d4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:42:05.0486 0x09d4 AudioEndpointBuilder - ok
23:42:05.0595 0x09d4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:42:05.0814 0x09d4 AudioSrv - ok
23:42:05.0876 0x09d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:42:06.0048 0x09d4 AxInstSV - ok
23:42:06.0126 0x09d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:42:06.0282 0x09d4 b06bdrv - ok
23:42:06.0344 0x09d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:42:06.0469 0x09d4 b57nd60a - ok
23:42:06.0547 0x09d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:42:06.0640 0x09d4 BDESVC - ok
23:42:06.0656 0x09d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:42:06.0843 0x09d4 Beep - ok
23:42:06.0968 0x09d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:42:07.0155 0x09d4 BFE - ok
23:42:07.0249 0x09d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
23:42:07.0514 0x09d4 BITS - ok
23:42:07.0576 0x09d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:42:07.0654 0x09d4 blbdrive - ok
23:42:07.0842 0x09d4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:42:07.0920 0x09d4 Bonjour Service - ok
23:42:07.0966 0x09d4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:42:08.0060 0x09d4 bowser - ok
23:42:08.0091 0x09d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:42:08.0216 0x09d4 BrFiltLo - ok
23:42:08.0232 0x09d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:42:08.0310 0x09d4 BrFiltUp - ok
23:42:08.0356 0x09d4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:42:08.0544 0x09d4 BridgeMP - ok
23:42:08.0606 0x09d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:42:08.0746 0x09d4 Browser - ok
23:42:08.0824 0x09d4 [ E5E9B1625A767CEB6F319C12D33EAB78, F49FF610C0712FAE4B69BD300C78D7DEA7C72DFC076323295779272D1E23D7CE ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
23:42:08.0949 0x09d4 BrSerIb - ok
23:42:09.0012 0x09d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:42:09.0136 0x09d4 Brserid - ok
23:42:09.0183 0x09d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:42:09.0261 0x09d4 BrSerWdm - ok
23:42:09.0308 0x09d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:42:09.0386 0x09d4 BrUsbMdm - ok
23:42:09.0417 0x09d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:42:09.0511 0x09d4 BrUsbSer - ok
23:42:09.0542 0x09d4 [ D9F6B30AD93CBD165EC71FADF51DF25E, 9E38846451650F4F320CB1DEA9C010653A54D7419591719936BF53BEE269F1A8 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
23:42:09.0589 0x09d4 BrUsbSIb - ok
23:42:09.0698 0x09d4 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
23:42:09.0776 0x09d4 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:42:12.0880 0x09d4 Detect skipped due to KSN trusted
23:42:12.0880 0x09d4 BrYNSvc - ok
23:42:12.0958 0x09d4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:42:13.0099 0x09d4 BthEnum - ok
23:42:13.0130 0x09d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:42:13.0208 0x09d4 BTHMODEM - ok
23:42:13.0286 0x09d4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:42:13.0395 0x09d4 BthPan - ok
23:42:13.0520 0x09d4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:42:13.0660 0x09d4 BTHPORT - ok
23:42:13.0723 0x09d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:42:13.0910 0x09d4 bthserv - ok
23:42:13.0972 0x09d4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:42:14.0050 0x09d4 BTHUSB - ok
23:42:14.0097 0x09d4 [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
23:42:14.0206 0x09d4 btusbflt - ok
23:42:14.0253 0x09d4 [ AF838D8029AE7C27470862D63FA54D24, 96247094D2446CEE594AD765B98DE8583762A96FE83223CB18B4CDB3A4958376 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:42:14.0300 0x09d4 btwaudio - ok
23:42:14.0347 0x09d4 [ 5C849BD7C78791C5CEE9F4651D7FE38D, BC93A1B911FB4A44EC4DB64AF9AFC6F2013CD76BFB6FA9E4834CFDAAAF4BCD9F ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:42:14.0394 0x09d4 btwavdt - ok
23:42:14.0534 0x09d4 [ 10FFB5FA51D5713D872B41A59DFC2213, E0C0EA99C862E3FCE4D121BB34DEC00E74A371DF4093A44055E70E9F4CFA3DC6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:42:14.0659 0x09d4 btwdins - ok
23:42:14.0706 0x09d4 [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:42:14.0737 0x09d4 btwl2cap - ok
23:42:14.0752 0x09d4 [ 3E1991AFA851A36DC978B0A1B0535C8B, F55F7FDDD2A71532F163E4F14B26A09DCDB7C970E806D803418D4CE0DFF09FB6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:42:14.0784 0x09d4 btwrchid - ok
23:42:15.0002 0x09d4 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
23:42:15.0189 0x09d4 c2cautoupdatesvc - ok
23:42:15.0408 0x09d4 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
23:42:15.0626 0x09d4 c2cpnrsvc - ok
23:42:15.0751 0x09d4 [ B9F9B339E3996A28A37B55B1C74E1D66, 58DFB2B550E235F749D1CA33AF2A6EAB7DD9CAD41EAA8C8B5BCB83F46DC9579B ] cbfs3 C:\Windows\system32\drivers\cbfs3.sys
23:42:15.0829 0x09d4 cbfs3 - ok
23:42:15.0891 0x09d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:42:16.0063 0x09d4 cdfs - ok
23:42:16.0141 0x09d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:42:16.0234 0x09d4 cdrom - ok
23:42:16.0312 0x09d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:42:16.0484 0x09d4 CertPropSvc - ok
23:42:16.0531 0x09d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:42:16.0624 0x09d4 circlass - ok
23:42:16.0702 0x09d4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:42:16.0780 0x09d4 CLFS - ok
23:42:16.0874 0x09d4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:42:16.0905 0x09d4 clr_optimization_v2.0.50727_32 - ok
23:42:16.0983 0x09d4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:42:17.0030 0x09d4 clr_optimization_v2.0.50727_64 - ok
23:42:17.0155 0x09d4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:42:17.0217 0x09d4 clr_optimization_v4.0.30319_32 - ok
23:42:17.0248 0x09d4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:42:17.0311 0x09d4 clr_optimization_v4.0.30319_64 - ok
23:42:17.0342 0x09d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:42:17.0420 0x09d4 CmBatt - ok
23:42:17.0467 0x09d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:42:17.0514 0x09d4 cmdide - ok
23:42:17.0592 0x09d4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
23:42:17.0716 0x09d4 CNG - ok
23:42:17.0763 0x09d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:42:17.0794 0x09d4 Compbatt - ok
23:42:18.0309 0x09d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:42:18.0403 0x09d4 CompositeBus - ok
23:42:18.0434 0x09d4 COMSysApp - ok
23:42:18.0496 0x09d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:42:18.0543 0x09d4 crcdisk - ok
23:42:18.0606 0x09d4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:42:18.0730 0x09d4 CryptSvc - ok
23:42:18.0793 0x09d4 [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:42:18.0871 0x09d4 CtClsFlt - ok
23:42:18.0996 0x09d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:42:19.0276 0x09d4 DcomLaunch - ok
23:42:19.0354 0x09d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:42:19.0604 0x09d4 defragsvc - ok
23:42:19.0682 0x09d4 [ D0B49F6615960BEB1B6FBE20604194E4, FA5C4BD46AEA5021DF8E6F8CCF13B5130D91C18A92CB15C4C735A8869671AFC3 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
23:42:19.0729 0x09d4 DellDigitalDelivery - ok
23:42:19.0791 0x09d4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:42:20.0025 0x09d4 DfsC - ok
23:42:20.0119 0x09d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:42:20.0259 0x09d4 Dhcp - ok
23:42:20.0290 0x09d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:42:20.0493 0x09d4 discache - ok
23:42:20.0540 0x09d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:42:20.0587 0x09d4 Disk - ok
23:42:20.0665 0x09d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:42:20.0805 0x09d4 Dnscache - ok
23:42:20.0868 0x09d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:42:21.0102 0x09d4 dot3svc - ok
23:42:21.0148 0x09d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:42:21.0336 0x09d4 DPS - ok
23:42:21.0382 0x09d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:42:21.0460 0x09d4 drmkaud - ok
23:42:21.0616 0x09d4 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:42:21.0757 0x09d4 DXGKrnl - ok
23:42:21.0804 0x09d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:42:21.0991 0x09d4 EapHost - ok
23:42:22.0350 0x09d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:42:22.0802 0x09d4 ebdrv - ok
23:42:22.0880 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
23:42:22.0974 0x09d4 EFS - ok
23:42:23.0114 0x09d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:42:23.0301 0x09d4 ehRecvr - ok
23:42:23.0348 0x09d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:42:23.0457 0x09d4 ehSched - ok
23:42:23.0535 0x09d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:42:23.0629 0x09d4 elxstor - ok
23:42:23.0676 0x09d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:42:23.0785 0x09d4 ErrDev - ok
23:42:23.0878 0x09d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:42:24.0097 0x09d4 EventSystem - ok
23:42:24.0331 0x09d4 [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:42:24.0502 0x09d4 EvtEng - ok
23:42:24.0549 0x09d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:42:24.0752 0x09d4 exfat - ok
23:42:24.0814 0x09d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:42:25.0017 0x09d4 fastfat - ok
23:42:25.0142 0x09d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:42:25.0329 0x09d4 Fax - ok
23:42:25.0376 0x09d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:42:25.0438 0x09d4 fdc - ok
23:42:25.0485 0x09d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:42:25.0657 0x09d4 fdPHost - ok
23:42:25.0688 0x09d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:42:25.0875 0x09d4 FDResPub - ok
23:42:25.0922 0x09d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:42:25.0969 0x09d4 FileInfo - ok
23:42:26.0000 0x09d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:42:26.0172 0x09d4 Filetrace - ok
23:42:26.0203 0x09d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:42:26.0281 0x09d4 flpydisk - ok
23:42:26.0359 0x09d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:42:26.0421 0x09d4 FltMgr - ok
23:42:26.0577 0x09d4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
23:42:26.0811 0x09d4 FontCache - ok
23:42:26.0905 0x09d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:42:26.0952 0x09d4 FontCache3.0.0.0 - ok
23:42:26.0983 0x09d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:42:27.0030 0x09d4 FsDepends - ok
23:42:27.0076 0x09d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:42:27.0123 0x09d4 Fs_Rec - ok
23:42:27.0201 0x09d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:42:27.0264 0x09d4 fvevol - ok
23:42:27.0310 0x09d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:42:27.0357 0x09d4 gagp30kx - ok
23:42:27.0404 0x09d4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:42:27.0435 0x09d4 GEARAspiWDM - ok
23:42:27.0560 0x09d4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:42:27.0825 0x09d4 gpsvc - ok
23:42:27.0966 0x09d4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:28.0012 0x09d4 gupdate - ok
23:42:28.0153 0x09d4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:28.0200 0x09d4 gupdatem - ok
23:42:28.0293 0x09d4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:42:28.0340 0x09d4 gusvc - ok
23:42:28.0371 0x09d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:42:28.0496 0x09d4 hcw85cir - ok
23:42:28.0574 0x09d4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:42:28.0699 0x09d4 HdAudAddService - ok
23:42:28.0746 0x09d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:42:28.0855 0x09d4 HDAudBus - ok
23:42:28.0917 0x09d4 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:42:28.0948 0x09d4 HECIx64 - ok
23:42:28.0980 0x09d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:42:29.0058 0x09d4 HidBatt - ok
23:42:29.0104 0x09d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:42:29.0167 0x09d4 HidBth - ok
23:42:29.0214 0x09d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:42:29.0307 0x09d4 HidIr - ok
23:42:29.0354 0x09d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
23:42:29.0526 0x09d4 hidserv - ok
23:42:29.0604 0x09d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:42:29.0697 0x09d4 HidUsb - ok
23:42:29.0744 0x09d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:42:29.0916 0x09d4 hkmsvc - ok
23:42:29.0994 0x09d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:42:30.0134 0x09d4 HomeGroupListener - ok
23:42:30.0196 0x09d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:42:30.0306 0x09d4 HomeGroupProvider - ok
23:42:30.0384 0x09d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:42:30.0430 0x09d4 HpSAMD - ok
23:42:30.0571 0x09d4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:42:30.0820 0x09d4 HTTP - ok
23:42:30.0867 0x09d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:42:30.0914 0x09d4 hwpolicy - ok
23:42:30.0976 0x09d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:42:31.0039 0x09d4 i8042prt - ok
23:42:31.0117 0x09d4 [ 2064090C9FAAD92C090D77E50E735B2E, 802BF10AF2F4B5DC93926C34DB2782DA6FD7243766D583E85603879483A592D2 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:42:31.0226 0x09d4 iaStor - ok
23:42:31.0304 0x09d4 [ A9BE186ABF28B3D3D698CB855EDF457E, 03E1851132E1C8669CF9B3CEB1C9E6AE45BBAC2632FEEDD311F3B3FAA9B623DD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:42:31.0335 0x09d4 IAStorDataMgrSvc - ok
23:42:31.0413 0x09d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:42:31.0491 0x09d4 iaStorV - ok
23:42:31.0663 0x09d4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:42:31.0788 0x09d4 idsvc - ok
23:42:31.0834 0x09d4 IEEtwCollectorService - ok
23:42:33.0036 0x09d4 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:42:34.0830 0x09d4 igfx - ok
23:42:34.0939 0x09d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:42:34.0986 0x09d4 iirsp - ok
23:42:35.0126 0x09d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:42:35.0313 0x09d4 IKEEXT - ok
23:42:35.0391 0x09d4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
23:42:35.0485 0x09d4 Impcd - ok
23:42:35.0563 0x09d4 [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:42:35.0672 0x09d4 IntcDAud - ok
23:42:35.0703 0x09d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:42:35.0750 0x09d4 intelide - ok
23:42:35.0781 0x09d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:42:35.0859 0x09d4 intelppm - ok
23:42:35.0906 0x09d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:42:36.0093 0x09d4 IPBusEnum - ok
23:42:36.0156 0x09d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:42:36.0343 0x09d4 IpFilterDriver - ok
23:42:36.0436 0x09d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:42:36.0608 0x09d4 iphlpsvc - ok
23:42:36.0655 0x09d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:42:36.0748 0x09d4 IPMIDRV - ok
23:42:36.0795 0x09d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:42:36.0998 0x09d4 IPNAT - ok
23:42:37.0170 0x09d4 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:42:37.0263 0x09d4 iPod Service - ok
23:42:37.0294 0x09d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:42:37.0435 0x09d4 IRENUM - ok
23:42:37.0482 0x09d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:42:37.0528 0x09d4 isapnp - ok
23:42:37.0606 0x09d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:42:37.0669 0x09d4 iScsiPrt - ok
23:42:38.0683 0x09d4 [ 1CCA5A101FE508E75DCB48A15A3AE70E, D21214A8ADF3504EDC53534FB3E6CDF7EB3A6C314FE265DD6F0C078B0F4A951D ] JungleDiskWorkgroupService C:\Program Files\Jungle Disk Workgroup\JungleDiskWorkgroup.exe
23:42:39.0697 0x09d4 JungleDiskWorkgroupService - ok
23:42:39.0806 0x09d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:42:39.0853 0x09d4 kbdclass - ok
23:42:39.0962 0x09d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:42:40.0040 0x09d4 kbdhid - ok
23:42:40.0056 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
23:42:40.0102 0x09d4 KeyIso - ok
23:42:40.0165 0x09d4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:42:40.0212 0x09d4 KSecDD - ok
23:42:40.0243 0x09d4 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:42:40.0305 0x09d4 KSecPkg - ok
23:42:40.0336 0x09d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:42:40.0492 0x09d4 ksthunk - ok
23:42:40.0555 0x09d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:42:40.0758 0x09d4 KtmRm - ok
23:42:40.0820 0x09d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:42:41.0038 0x09d4 LanmanServer - ok
23:42:41.0101 0x09d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:42:41.0288 0x09d4 LanmanWorkstation - ok
23:42:41.0350 0x09d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:42:41.0538 0x09d4 lltdio - ok
23:42:41.0616 0x09d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:42:41.0834 0x09d4 lltdsvc - ok
23:42:41.0881 0x09d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:42:42.0052 0x09d4 lmhosts - ok
23:42:42.0146 0x09d4 [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:42:42.0208 0x09d4 LMS - ok
23:42:42.0255 0x09d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:42:42.0318 0x09d4 LSI_FC - ok
23:42:42.0349 0x09d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:42:42.0396 0x09d4 LSI_SAS - ok
23:42:42.0427 0x09d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:42:42.0474 0x09d4 LSI_SAS2 - ok
23:42:42.0505 0x09d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:42:42.0552 0x09d4 LSI_SCSI - ok
23:42:42.0583 0x09d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:42:42.0770 0x09d4 luafv - ok
23:42:42.0879 0x09d4 [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:42:42.0926 0x09d4 MBAMProtector - ok
23:42:43.0160 0x09d4 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
23:42:43.0378 0x09d4 MBAMScheduler - ok
23:42:43.0519 0x09d4 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
23:42:43.0644 0x09d4 MBAMService - ok
23:42:43.0753 0x09d4 [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:42:43.0800 0x09d4 MBAMSwissArmy - ok
23:42:43.0862 0x09d4 [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:42:43.0893 0x09d4 MBAMWebAccessControl - ok
23:42:43.0971 0x09d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:42:44.0034 0x09d4 Mcx2Svc - ok
23:42:44.0065 0x09d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:42:44.0096 0x09d4 megasas - ok
23:42:44.0158 0x09d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:42:44.0236 0x09d4 MegaSR - ok
23:42:44.0314 0x09d4 Microsoft SharePoint Workspace Audit Service - ok
23:42:44.0392 0x09d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:42:44.0580 0x09d4 MMCSS - ok
23:42:44.0626 0x09d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:42:44.0798 0x09d4 Modem - ok
23:42:44.0829 0x09d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:42:44.0923 0x09d4 monitor - ok
23:42:44.0970 0x09d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:42:45.0016 0x09d4 mouclass - ok
23:42:45.0063 0x09d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:42:45.0141 0x09d4 mouhid - ok
23:42:45.0204 0x09d4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:42:45.0250 0x09d4 mountmgr - ok
23:42:45.0344 0x09d4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:42:45.0391 0x09d4 MozillaMaintenance - ok
23:42:45.0516 0x09d4 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:42:45.0594 0x09d4 MpFilter - ok
23:42:45.0656 0x09d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:42:45.0703 0x09d4 mpio - ok
23:42:45.0750 0x09d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:42:45.0906 0x09d4 mpsdrv - ok
23:42:46.0030 0x09d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:42:46.0296 0x09d4 MpsSvc - ok
23:42:46.0358 0x09d4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:42:46.0467 0x09d4 MRxDAV - ok
23:42:46.0530 0x09d4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:42:46.0639 0x09d4 mrxsmb - ok
23:42:46.0701 0x09d4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:42:46.0810 0x09d4 mrxsmb10 - ok
23:42:46.0857 0x09d4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:42:46.0951 0x09d4 mrxsmb20 - ok
23:42:46.0998 0x09d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:42:47.0044 0x09d4 msahci - ok
23:42:47.0076 0x09d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:42:47.0138 0x09d4 msdsm - ok
23:42:47.0185 0x09d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:42:47.0278 0x09d4 MSDTC - ok
23:42:47.0341 0x09d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:42:47.0528 0x09d4 Msfs - ok
23:42:47.0575 0x09d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:42:47.0746 0x09d4 mshidkmdf - ok
23:42:47.0793 0x09d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:42:47.0840 0x09d4 msisadrv - ok
23:42:47.0887 0x09d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:42:48.0074 0x09d4 MSiSCSI - ok
23:42:48.0090 0x09d4 msiserver - ok
23:42:48.0136 0x09d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:42:48.0324 0x09d4 MSKSSRV - ok
23:42:48.0433 0x09d4 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:42:48.0495 0x09d4 MsMpSvc - ok
23:42:48.0526 0x09d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:42:48.0682 0x09d4 MSPCLOCK - ok
23:42:48.0698 0x09d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:42:48.0870 0x09d4 MSPQM - ok
23:42:48.0963 0x09d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:42:49.0041 0x09d4 MsRPC - ok
23:42:49.0135 0x09d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:42:49.0166 0x09d4 mssmbios - ok
23:42:49.0228 0x09d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:42:49.0416 0x09d4 MSTEE - ok
23:42:49.0431 0x09d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:42:49.0478 0x09d4 MTConfig - ok
23:42:49.0525 0x09d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:42:49.0572 0x09d4 Mup - ok
23:42:49.0665 0x09d4 [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:42:49.0728 0x09d4 MyWiFiDHCPDNS - ok
23:42:49.0806 0x09d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:42:50.0055 0x09d4 napagent - ok
23:42:50.0133 0x09d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:42:50.0227 0x09d4 NativeWifiP - ok
23:42:50.0383 0x09d4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:42:50.0523 0x09d4 NDIS - ok
23:42:50.0539 0x09d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:42:50.0695 0x09d4 NdisCap - ok
23:42:50.0742 0x09d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:42:50.0929 0x09d4 NdisTapi - ok
23:42:51.0007 0x09d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:42:51.0178 0x09d4 Ndisuio - ok
23:42:51.0225 0x09d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:42:51.0428 0x09d4 NdisWan - ok
23:42:51.0475 0x09d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:42:51.0631 0x09d4 NDProxy - ok
23:42:51.0771 0x09d4 [ 96B7E07030A61614054A76AD1EBAFF08, 78D8238ECC1955DCA3DDF8752934AB72367EEBC8939E05E8982152FD44D83A82 ] Neat Startup Service C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
23:42:51.0787 0x09d4 Neat Startup Service - detected UnsignedFile.Multi.Generic ( 1 )
23:42:55.0047 0x09d4 Detect skipped due to KSN trusted
23:42:55.0047 0x09d4 Neat Startup Service - ok
23:42:55.0141 0x09d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:42:55.0313 0x09d4 NetBIOS - ok
23:42:55.0391 0x09d4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:42:55.0578 0x09d4 NetBT - ok
23:42:55.0609 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
23:42:55.0656 0x09d4 Netlogon - ok
23:42:55.0718 0x09d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:42:55.0968 0x09d4 Netman - ok
23:42:56.0046 0x09d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:56.0108 0x09d4 NetMsmqActivator - ok
23:42:56.0155 0x09d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:56.0217 0x09d4 NetPipeActivator - ok
23:42:56.0295 0x09d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:42:56.0529 0x09d4 netprofm - ok
23:42:56.0592 0x09d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:56.0654 0x09d4 NetTcpActivator - ok
23:42:56.0701 0x09d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:56.0779 0x09d4 NetTcpPortSharing - ok
23:42:57.0621 0x09d4 [ 24F64343F14A119308456E1CA7507B26, E9219B173426E872977C3D615552B066C697A31D003AE3F0012BF1C6FFCEFF51 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
23:42:58.0682 0x09d4 NETw5s64 - ok
23:42:58.0776 0x09d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:42:58.0823 0x09d4 nfrd960 - ok
23:42:58.0916 0x09d4 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:42:58.0979 0x09d4 NisDrv - ok
23:42:59.0041 0x09d4 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:42:59.0135 0x09d4 NisSrv - ok
23:42:59.0181 0x09d4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:42:59.0306 0x09d4 NlaSvc - ok
23:42:59.0353 0x09d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:42:59.0525 0x09d4 Npfs - ok
23:42:59.0571 0x09d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:42:59.0759 0x09d4 nsi - ok
23:42:59.0790 0x09d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:42:59.0961 0x09d4 nsiproxy - ok
23:43:00.0180 0x09d4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:43:00.0383 0x09d4 Ntfs - ok
23:43:00.0429 0x09d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:43:00.0601 0x09d4 Null - ok
23:43:00.0632 0x09d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:43:00.0695 0x09d4 nvraid - ok
23:43:00.0757 0x09d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:43:00.0819 0x09d4 nvstor - ok
23:43:00.0882 0x09d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:43:00.0929 0x09d4 nv_agp - ok
23:43:00.0991 0x09d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:43:01.0085 0x09d4 ohci1394 - ok
23:43:01.0163 0x09d4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:43:01.0209 0x09d4 ose - ok
23:43:01.0724 0x09d4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:43:02.0286 0x09d4 osppsvc - ok
23:43:02.0395 0x09d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:43:02.0535 0x09d4 p2pimsvc - ok
23:43:02.0613 0x09d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:43:02.0738 0x09d4 p2psvc - ok
23:43:02.0785 0x09d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:43:02.0847 0x09d4 Parport - ok
23:43:02.0910 0x09d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:43:02.0957 0x09d4 partmgr - ok
23:43:02.0988 0x09d4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
23:43:03.0113 0x09d4 PcaSvc - ok
23:43:03.0175 0x09d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:43:03.0222 0x09d4 pci - ok
23:43:03.0284 0x09d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:43:03.0331 0x09d4 pciide - ok
23:43:03.0378 0x09d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:43:03.0440 0x09d4 pcmcia - ok
23:43:03.0471 0x09d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:43:03.0518 0x09d4 pcw - ok
23:43:03.0674 0x09d4 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
23:43:03.0721 0x09d4 PDFProFiltSrvPP - ok
23:43:03.0815 0x09d4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:43:04.0049 0x09d4 PEAUTH - ok
23:43:04.0127 0x09d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:43:04.0205 0x09d4 PerfHost - ok
23:43:04.0423 0x09d4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:43:04.0766 0x09d4 pla - ok
23:43:04.0875 0x09d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:43:04.0985 0x09d4 PlugPlay - ok
23:43:05.0016 0x09d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:43:05.0094 0x09d4 PNRPAutoReg - ok
23:43:05.0156 0x09d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:43:05.0234 0x09d4 PNRPsvc - ok
23:43:05.0281 0x09d4 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
23:43:05.0328 0x09d4 Point64 - ok
23:43:05.0421 0x09d4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:43:05.0640 0x09d4 PolicyAgent - ok
23:43:05.0718 0x09d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:43:05.0905 0x09d4 Power - ok
23:43:05.0983 0x09d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:43:06.0170 0x09d4 PptpMiniport - ok
23:43:06.0233 0x09d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:43:06.0295 0x09d4 Processor - ok
23:43:06.0389 0x09d4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
23:43:06.0513 0x09d4 ProfSvc - ok
23:43:06.0560 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:43:06.0607 0x09d4 ProtectedStorage - ok
23:43:06.0701 0x09d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:43:06.0888 0x09d4 Psched - ok
23:43:06.0919 0x09d4 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:43:06.0966 0x09d4 PxHlpa64 - ok
23:43:07.0122 0x09d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:43:07.0325 0x09d4 ql2300 - ok
23:43:07.0371 0x09d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:43:07.0418 0x09d4 ql40xx - ok
23:43:07.0481 0x09d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:43:07.0574 0x09d4 QWAVE - ok
23:43:07.0605 0x09d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:43:07.0683 0x09d4 QWAVEdrv - ok
23:43:07.0730 0x09d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:43:07.0902 0x09d4 RasAcd - ok
23:43:07.0964 0x09d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:43:08.0136 0x09d4 RasAgileVpn - ok
23:43:08.0198 0x09d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:43:08.0385 0x09d4 RasAuto - ok
23:43:08.0463 0x09d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:43:08.0666 0x09d4 Rasl2tp - ok
23:43:08.0760 0x09d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:43:08.0963 0x09d4 RasMan - ok
23:43:09.0025 0x09d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:43:09.0197 0x09d4 RasPppoe - ok
23:43:09.0228 0x09d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:43:09.0384 0x09d4 RasSstp - ok
23:43:09.0462 0x09d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:43:09.0665 0x09d4 rdbss - ok
23:43:09.0696 0x09d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:43:09.0774 0x09d4 rdpbus - ok
23:43:09.0836 0x09d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:43:10.0008 0x09d4 RDPCDD - ok
23:43:10.0055 0x09d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:43:10.0226 0x09d4 RDPENCDD - ok
23:43:10.0257 0x09d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:43:10.0413 0x09d4 RDPREFMP - ok
23:43:10.0491 0x09d4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:43:10.0601 0x09d4 RdpVideoMiniport - ok
23:43:10.0663 0x09d4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:43:10.0757 0x09d4 RDPWD - ok
23:43:10.0835 0x09d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:43:10.0913 0x09d4 rdyboost - ok
23:43:11.0037 0x09d4 [ 26BA6AB9DC5B0AAFFAACD8677A1DC95D, 4E49FC8783DFC768CDE3971CBA8EB26463A99DF20E94496FD502263E2452A7D1 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
23:43:11.0069 0x09d4 RealNetworks Downloader Resolver Service - ok
23:43:11.0349 0x09d4 [ 2CDB350B30063D18F4B5F7FBE8622107, 64D6E073925D6A09084A69D97EA72614924291076C718CB1C3851CC01AB07CE0 ] RealPlayer Cloud Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
23:43:11.0521 0x09d4 RealPlayer Cloud Service - ok
23:43:11.0615 0x09d4 [ 60A867EE8C756FB631872084F9C29937, DB4E3CEF816C4085F8AF8C204398EEB548987C6F1DD99A30492185FE9EDA21BF ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
23:43:11.0895 0x09d4 RealPlayerUpdateSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:43:15.0421 0x09d4 RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
23:43:18.0619 0x09d4 [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:43:18.0744 0x09d4 RegSrvc - ok
23:43:18.0775 0x09d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess  C:\Windows\System32\mprdim.dll
23:43:19.0040 0x09d4 RemoteAccess - ok
23:43:19.0087 0x09d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:43:19.0305 0x09d4 RemoteRegistry - ok
23:43:19.0368 0x09d4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:43:19.0477 0x09d4 RFCOMM - ok
23:43:19.0539 0x09d4 [ AD42432D22940B4215177BE113E4919C, BF04E1F942846B928E523727EB03BBFA83FCE535CF7C0A4E787A5CBA46D5BF8D ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:43:19.0602 0x09d4 RimUsb - ok
23:43:19.0680 0x09d4 [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:43:19.0758 0x09d4 RimVSerPort - ok
23:43:19.0789 0x09d4 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
23:43:19.0961 0x09d4 ROOTMODEM - ok
23:43:20.0023 0x09d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:43:20.0210 0x09d4 RpcEptMapper - ok
23:43:20.0257 0x09d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:43:20.0319 0x09d4 RpcLocator - ok
23:43:20.0413 0x09d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
23:43:20.0631 0x09d4 RpcSs - ok
23:43:20.0678 0x09d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:43:20.0850 0x09d4 rspndr - ok
23:43:20.0912 0x09d4 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:43:20.0990 0x09d4 RSUSBSTOR - ok
23:43:21.0037 0x09d4 [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:43:21.0131 0x09d4 RTL8167 - ok
23:43:21.0162 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
23:43:21.0209 0x09d4 SamSs - ok
23:43:21.0287 0x09d4 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:43:21.0333 0x09d4 SASDIFSV - ok
23:43:21.0365 0x09d4 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:43:21.0411 0x09d4 SASKUTIL - ok
23:43:21.0458 0x09d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:43:21.0505 0x09d4 sbp2port - ok
23:43:21.0552 0x09d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:43:21.0770 0x09d4 SCardSvr - ok
23:43:21.0817 0x09d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:43:22.0004 0x09d4 scfilter - ok
23:43:22.0145 0x09d4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
23:43:22.0457 0x09d4 Schedule - ok
23:43:22.0503 0x09d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:43:22.0659 0x09d4 SCPolicySvc - ok
23:43:22.0706 0x09d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:43:22.0831 0x09d4 SDRSVC - ok
23:43:22.0878 0x09d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:43:23.0065 0x09d4 secdrv - ok
23:43:23.0112 0x09d4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:43:23.0299 0x09d4 seclogon - ok
23:43:23.0330 0x09d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
23:43:23.0517 0x09d4 SENS - ok
23:43:23.0564 0x09d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:43:23.0658 0x09d4 SensrSvc - ok
23:43:23.0705 0x09d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:43:23.0767 0x09d4 Serenum - ok
23:43:23.0829 0x09d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:43:23.0923 0x09d4 Serial - ok
23:43:23.0970 0x09d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:43:24.0032 0x09d4 sermouse - ok
23:43:24.0126 0x09d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:43:24.0313 0x09d4 SessionEnv - ok
23:43:24.0344 0x09d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:43:24.0407 0x09d4 sffdisk - ok
23:43:24.0422 0x09d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:43:24.0500 0x09d4 sffp_mmc - ok
23:43:24.0531 0x09d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:43:24.0625 0x09d4 sffp_sd - ok
23:43:24.0672 0x09d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:43:24.0719 0x09d4 sfloppy - ok
23:43:24.0937 0x09d4 [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
23:43:25.0171 0x09d4 SftService - ok
23:43:25.0249 0x09d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:43:25.0483 0x09d4 SharedAccess - ok
23:43:25.0577 0x09d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:43:25.0811 0x09d4 ShellHWDetection - ok
23:43:25.0857 0x09d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:43:25.0904 0x09d4 SiSRaid2 - ok
23:43:25.0935 0x09d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:43:25.0982 0x09d4 SiSRaid4 - ok
23:43:26.0123 0x09d4 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:43:26.0185 0x09d4 SkypeUpdate - ok
23:43:26.0232 0x09d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:43:26.0435 0x09d4 Smb - ok
23:43:26.0497 0x09d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:43:26.0591 0x09d4 SNMPTRAP - ok
23:43:26.0622 0x09d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:43:26.0669 0x09d4 spldr - ok
23:43:26.0778 0x09d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:43:26.0965 0x09d4 Spooler - ok
23:43:27.0339 0x09d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:43:27.0948 0x09d4 sppsvc - ok
23:43:27.0995 0x09d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:43:28.0182 0x09d4 sppuinotify - ok
23:43:28.0260 0x09d4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:43:28.0416 0x09d4 srv - ok
23:43:28.0478 0x09d4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:43:28.0572 0x09d4 srv2 - ok
23:43:28.0619 0x09d4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:43:28.0697 0x09d4 srvnet - ok
23:43:28.0759 0x09d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:43:28.0962 0x09d4 SSDPSRV - ok
23:43:29.0009 0x09d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:43:29.0196 0x09d4 SstpSvc - ok
23:43:29.0258 0x09d4 [ 463E33B1EA7AF1E6EB87B66B831DB41A, E76654F8E301829C0F27775A5673A3BA929FE4FA6C1C214A98C2915C5EC189A4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:43:29.0352 0x09d4 STacSV - ok
23:43:29.0399 0x09d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:43:29.0445 0x09d4 stexstor - ok
23:43:29.0539 0x09d4 [ 4304B75094E106FB5423A290C95841E5, 55670F1DBC9B25A5E31FBEB3CB3C97E2B11CCD6359DA89FF1310C1BBCEC66A80 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:43:29.0679 0x09d4 STHDA - ok
23:43:29.0742 0x09d4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:43:29.0804 0x09d4 StillCam - ok
23:43:29.0913 0x09d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:43:30.0101 0x09d4 stisvc - ok
23:43:30.0147 0x09d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
23:43:30.0194 0x09d4 swenum - ok
23:43:30.0288 0x09d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:43:30.0553 0x09d4 swprv - ok
23:43:30.0647 0x09d4 [ 8A3FBCB3D6D4710730D27DA4392A4863, 392CCBB54FF2017EDA147283F479E8DED525F41A316EAE114596BBA02D04AF82 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:43:30.0725 0x09d4 SynTP - ok
23:43:30.0959 0x09d4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:43:31.0302 0x09d4 SysMain - ok
23:43:31.0364 0x09d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:43:31.0473 0x09d4 TabletInputService - ok
23:43:31.0567 0x09d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:43:31.0801 0x09d4 TapiSrv - ok
23:43:31.0848 0x09d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:43:32.0035 0x09d4 TBS - ok
23:43:32.0253 0x09d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:43:32.0519 0x09d4 Tcpip - ok
23:43:32.0768 0x09d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:43:33.0002 0x09d4 TCPIP6 - ok
23:43:33.0065 0x09d4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:43:33.0143 0x09d4 tcpipreg - ok
23:43:33.0189 0x09d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:43:33.0283 0x09d4 TDPIPE - ok
23:43:33.0345 0x09d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:43:33.0392 0x09d4 TDTCP - ok
23:43:33.0455 0x09d4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:43:33.0642 0x09d4 tdx - ok
23:43:34.0406 0x09d4 [ 9A019ABD9CEAA6EA528E5438402907F7, E1B58B376D142B4472C64D020800AE0AC868C8F4EC18EA45D236E0EB8C3CB6F4 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
23:43:35.0077 0x09d4 TeamViewer9 - ok
23:43:35.0171 0x09d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
23:43:35.0217 0x09d4 TermDD - ok
23:43:35.0342 0x09d4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
23:43:35.0623 0x09d4 TermService - ok
23:43:35.0670 0x09d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:43:35.0748 0x09d4 Themes - ok
23:43:35.0810 0x09d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:43:35.0966 0x09d4 THREADORDER - ok
23:43:36.0013 0x09d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:43:36.0185 0x09d4 TrkWks - ok
23:43:36.0278 0x09d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:43:36.0450 0x09d4 TrustedInstaller - ok
23:43:36.0497 0x09d4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:43:36.0559 0x09d4 tssecsrv - ok
23:43:36.0606 0x09d4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:43:36.0699 0x09d4 TsUsbFlt - ok
23:43:36.0762 0x09d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:43:36.0949 0x09d4 tunnel - ok
23:43:37.0011 0x09d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:43:37.0058 0x09d4 uagp35 - ok
23:43:37.0121 0x09d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:43:37.0339 0x09d4 udfs - ok
23:43:37.0386 0x09d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:43:37.0464 0x09d4 UI0Detect - ok
23:43:37.0511 0x09d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:43:37.0557 0x09d4 uliagpkx - ok
23:43:37.0620 0x09d4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
23:43:37.0682 0x09d4 umbus - ok
23:43:37.0713 0x09d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:43:37.0776 0x09d4 UmPass - ok
23:43:38.0088 0x09d4 [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:43:38.0353 0x09d4 UNS - ok
23:43:38.0431 0x09d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:43:38.0649 0x09d4 upnphost - ok
23:43:38.0727 0x09d4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:43:38.0821 0x09d4 USBAAPL64 - ok
23:43:38.0852 0x09d4 usbbus - ok
23:43:38.0899 0x09d4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:43:39.0008 0x09d4 usbccgp - ok
23:43:39.0071 0x09d4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:43:39.0180 0x09d4 usbcir - ok
23:43:39.0195 0x09d4 UsbDiag - ok
23:43:39.0258 0x09d4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:43:39.0320 0x09d4 usbehci - ok
23:43:39.0398 0x09d4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:43:39.0523 0x09d4 usbhub - ok
23:43:39.0554 0x09d4 USBModem - ok
23:43:39.0601 0x09d4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:43:39.0663 0x09d4 usbohci - ok
23:43:39.0726 0x09d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:43:39.0804 0x09d4 usbprint - ok
23:43:39.0882 0x09d4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:43:39.0960 0x09d4 usbscan - ok
23:43:40.0022 0x09d4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:43:40.0116 0x09d4 USBSTOR - ok
23:43:40.0163 0x09d4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:43:40.0241 0x09d4 usbuhci - ok
23:43:40.0334 0x09d4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:43:40.0475 0x09d4 usbvideo - ok
23:43:40.0537 0x09d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:43:40.0709 0x09d4 UxSms - ok
23:43:40.0755 0x09d4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
23:43:40.0802 0x09d4 VaultSvc - ok
23:43:40.0865 0x09d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:43:40.0911 0x09d4 vdrvroot - ok
23:43:41.0021 0x09d4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:43:41.0286 0x09d4 vds - ok
23:43:41.0348 0x09d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:43:41.0426 0x09d4 vga - ok
23:43:41.0457 0x09d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:43:41.0613 0x09d4 VgaSave - ok
23:43:41.0676 0x09d4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:43:41.0754 0x09d4 vhdmp - ok
23:43:41.0816 0x09d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:43:41.0863 0x09d4 viaide - ok
23:43:41.0910 0x09d4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:43:41.0957 0x09d4 volmgr - ok
23:43:42.0050 0x09d4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:43:42.0144 0x09d4 volmgrx - ok
23:43:42.0191 0x09d4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:43:42.0269 0x09d4 volsnap - ok
23:43:42.0315 0x09d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:43:42.0378 0x09d4 vsmraid - ok
23:43:42.0565 0x09d4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:43:42.0971 0x09d4 VSS - ok
23:43:43.0002 0x09d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:43:43.0080 0x09d4 vwifibus - ok
23:43:43.0158 0x09d4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:43:43.0251 0x09d4 vwififlt - ok
23:43:43.0283 0x09d4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:43:43.0345 0x09d4 vwifimp - ok
23:43:43.0407 0x09d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:43:43.0626 0x09d4 W32Time - ok
23:43:43.0673 0x09d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:43:43.0751 0x09d4 WacomPen - ok
23:43:43.0844 0x09d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:43:44.0000 0x09d4 WANARP - ok
23:43:44.0031 0x09d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:43:44.0187 0x09d4 Wanarpv6 - ok
23:43:44.0375 0x09d4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:43:44.0562 0x09d4 WatAdminSvc - ok
23:43:44.0749 0x09d4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:43:45.0077 0x09d4 wbengine - ok
23:43:45.0123 0x09d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:43:45.0248 0x09d4 WbioSrvc - ok
23:43:45.0326 0x09d4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:43:45.0467 0x09d4 wcncsvc - ok
23:43:45.0513 0x09d4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:43:45.0623 0x09d4 WcsPlugInService - ok
23:43:45.0654 0x09d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:43:45.0701 0x09d4 Wd - ok
23:43:45.0747 0x09d4 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
23:43:45.0825 0x09d4 WDC_SAM - ok
23:43:45.0935 0x09d4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:43:46.0091 0x09d4 Wdf01000 - ok
23:43:46.0137 0x09d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:43:46.0325 0x09d4 WdiServiceHost - ok
23:43:46.0356 0x09d4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:43:46.0434 0x09d4 WdiSystemHost - ok
23:43:46.0512 0x09d4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
23:43:46.0621 0x09d4 WebClient - ok
23:43:46.0683 0x09d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:43:46.0886 0x09d4 Wecsvc - ok
23:43:46.0917 0x09d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:43:47.0105 0x09d4 wercplsupport - ok
23:43:47.0151 0x09d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:43:47.0339 0x09d4 WerSvc - ok
23:43:47.0401 0x09d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:43:47.0541 0x09d4 WfpLwf - ok
23:43:47.0588 0x09d4 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:43:47.0651 0x09d4 WimFltr - ok
23:43:47.0682 0x09d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC,


----------



## twinfin62 (Jun 25, 2014)

9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:43:47.0729 0x09d4 WIMMount - ok
23:43:47.0760 0x09d4 WinDefend - ok
23:43:47.0807 0x09d4 WinHttpAutoProxySvc - ok
23:43:47.0885 0x09d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:43:48.0087 0x09d4 Winmgmt - ok
23:43:48.0321 0x09d4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
23:43:48.0758 0x09d4 WinRM - ok
23:43:48.0867 0x09d4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:43:48.0992 0x09d4 WinUsb - ok
23:43:49.0101 0x09d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:43:49.0304 0x09d4 Wlansvc - ok
23:43:49.0367 0x09d4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:43:49.0413 0x09d4 wlcrasvc - ok
23:43:49.0710 0x09d4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:43:50.0006 0x09d4 wlidsvc - ok
23:43:50.0069 0x09d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:43:50.0147 0x09d4 WmiAcpi - ok
23:43:50.0209 0x09d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:43:50.0303 0x09d4 wmiApSrv - ok
23:43:50.0349 0x09d4 WMPNetworkSvc - ok
23:43:50.0381 0x09d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:43:50.0443 0x09d4 WPCSvc - ok
23:43:50.0490 0x09d4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:43:50.0583 0x09d4 WPDBusEnum - ok
23:43:50.0615 0x09d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:43:50.0802 0x09d4 ws2ifsl - ok
23:43:50.0849 0x09d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
23:43:50.0942 0x09d4 wscsvc - ok
23:43:50.0942 0x09d4 WSearch - ok
23:43:51.0223 0x09d4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
23:43:51.0519 0x09d4 wuauserv - ok
23:43:51.0582 0x09d4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:43:51.0660 0x09d4 WudfPf - ok
23:43:51.0707 0x09d4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:43:51.0816 0x09d4 WUDFRd - ok
23:43:51.0863 0x09d4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:43:51.0956 0x09d4 wudfsvc - ok
23:43:52.0034 0x09d4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:43:52.0159 0x09d4 WwanSvc - ok
23:43:52.0237 0x09d4 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
23:43:52.0346 0x09d4 yukonw7 - ok
23:43:52.0471 0x09d4 ================ Scan global ===============================
23:43:52.0502 0x09d4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:43:52.0565 0x09d4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:43:52.0674 0x09d4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:43:52.0736 0x09d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:43:52.0799 0x09d4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:43:52.0845 0x09d4 [ Global ] - ok
23:43:52.0845 0x09d4 ================ Scan MBR ==================================
23:43:52.0877 0x09d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:43:53.0360 0x09d4 \Device\Harddisk0\DR0 - ok
23:43:53.0360 0x09d4 ================ Scan VBR ==================================
23:43:53.0360 0x09d4 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
23:43:53.0360 0x09d4 \Device\Harddisk0\DR0\Partition1 - ok
23:43:53.0423 0x09d4 [ 9657ECCD3ED5FAA010B6E9536EEF45C2 ] \Device\Harddisk0\DR0\Partition2
23:43:53.0438 0x09d4 \Device\Harddisk0\DR0\Partition2 - ok
23:43:53.0438 0x09d4 ================ Scan generic autorun ======================
23:43:53.0516 0x09d4 [ 82A420C1388C76FD18018B0676933D33, B9A97A07F77B641B9FC3AEC04DD48C52DA850DB794AE757F9863B9FA166607A6 ] C:\Program Files\IDT\WDM\sttray64.exe
23:43:53.0625 0x09d4 SysTrayApp - ok
23:43:53.0625 0x09d4 SynTPEnh - ok
23:43:53.0844 0x09d4 [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
23:43:54.0062 0x09d4 IntelWireless - ok
23:43:54.0249 0x09d4 [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
23:43:54.0437 0x09d4 MSC - ok
23:43:54.0624 0x09d4 [ EC7523C687CF755D17BF1BCC63BBA300, 83D90574A78A0773A2683587F09D5F85F8A7B49106501E058EAE752E2E6F360B ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
23:43:54.0811 0x09d4 BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
23:43:57.0837 0x09d4 Detect skipped due to KSN trusted
23:43:57.0837 0x09d4 BrMfcWnd - ok
23:43:57.0993 0x09d4 [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
23:43:58.0040 0x09d4 ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
23:44:01.0020 0x09d4 Detect skipped due to KSN trusted
23:44:01.0020 0x09d4 ControlCenter3 - ok
23:44:01.0191 0x09d4 [ 53EDBE9C1D6B0CEC11A573852B5B6DAD, E4A6B00AA93F2E8BBA7149601A37D7388E0A5EC48CD95A0BD94939FD96726811 ] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
23:44:01.0332 0x09d4 AccuWeatherWidget - ok
23:44:01.0425 0x09d4 [ CDB517386A26AE420CB24BDB3CD88779, BAF1EEA0B69A969E0641AAF371BAF51A130D2BAB91C6388F7F60C8904C463EE6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
23:44:01.0472 0x09d4 RIMBBLaunchAgent.exe - ok
23:44:01.0550 0x09d4 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:44:01.0581 0x09d4 APSDaemon - ok
23:44:01.0753 0x09d4 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:44:01.0878 0x09d4 Adobe ARM - ok
23:44:01.0925 0x09d4 DivXMediaServer - ok
23:44:02.0003 0x09d4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
23:44:02.0065 0x09d4 BCSSync - ok
23:44:02.0159 0x09d4 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:44:02.0221 0x09d4 SunJavaUpdateSched - ok
23:44:02.0299 0x09d4 [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
23:44:02.0346 0x09d4 iTunesHelper - ok
23:44:02.0455 0x09d4 [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
23:44:02.0549 0x09d4 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
23:44:05.0528 0x09d4 Detect skipped due to KSN trusted
23:44:05.0528 0x09d4 QuickTime Task - ok
23:44:05.0669 0x09d4 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
23:44:05.0700 0x09d4 IndexSearch - ok
23:44:05.0747 0x09d4 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
23:44:05.0778 0x09d4 PaperPort PTD - ok
23:44:05.0903 0x09d4 [ 2D0DCEE9E12C986D1ABDFD4ED456F542, 0F59D776C8D1148A845B56EB8B3C4D40CAB82CF3767F07C9444EAF7044B16A2E ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
23:44:05.0949 0x09d4 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
23:44:08.0929 0x09d4 Detect skipped due to KSN trusted
23:44:08.0929 0x09d4 ControlCenter4 - ok
23:44:09.0428 0x09d4 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
23:44:10.0037 0x09d4 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
23:44:13.0016 0x09d4 Detect skipped due to KSN trusted
23:44:13.0016 0x09d4 BrStsMon00 - ok
23:44:13.0281 0x09d4 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
23:44:13.0547 0x09d4 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
23:44:16.0526 0x09d4 Detect skipped due to KSN trusted
23:44:16.0526 0x09d4 BrHelp - ok
23:44:16.0651 0x09d4 [ EB7B5FB8338C7F16F93E673FDAF5B11C, 9555DE7C4A76484517B64CA107BFACE82A61B728DEC95E173F01663DDD955892 ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
23:44:16.0713 0x09d4 TkBellExe - ok
23:44:16.0854 0x09d4 [ EABCB3EBAB22B981A09DBC1E65D05E96, 9980D2ADF2CB726DC6832A7D8697605608C3C8121DC631134735386A402896A8 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
23:44:18.0523 0x09d4 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" - detected UnsignedFile.Multi.Generic ( 1 )
23:44:21.0487 0x09d4 Detect skipped due to KSN trusted
23:44:21.0487 0x09d4 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" - ok
23:44:21.0737 0x09d4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
23:44:22.0017 0x09d4 Sidebar - ok
23:44:22.0017 0x09d4 DW7 - ok
23:44:22.0127 0x09d4 [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
23:44:22.0158 0x09d4 ApplePhotoStreams - ok
23:44:22.0220 0x09d4 Google+ Auto Backup - ok
23:44:22.0361 0x09d4 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
23:44:22.0407 0x09d4 ISUSPM - ok
23:44:22.0485 0x09d4 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
23:44:22.0517 0x09d4 swg - ok
23:44:22.0532 0x09d4 Waiting for KSN requests completion. In queue: 5
23:44:23.0547 0x09d4 Waiting for KSN requests completion. In queue: 4
23:44:24.0562 0x09d4 Waiting for KSN requests completion. In queue: 4
23:44:25.0623 0x09d4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
23:44:25.0654 0x09d4 Win FW state via NFP2: enabled
23:44:28.0681 0x09d4 ============================================================
23:44:28.0681 0x09d4 Scan finished
23:44:28.0681 0x09d4 ============================================================
23:44:28.0696 0x13b8 Detected object count: 1
23:44:28.0696 0x13b8 Actual detected object count: 1
23:45:03.0828 0x13b8 RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:03.0828 0x13b8 RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-06-2014
Ran by Chris's Computer at 2014-06-26 00:12:24 Run:1
Running from C:\Users\Chris's Computer\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-02-13] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/result...=2133385130&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/result...=2133385130&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/result...=2133385130&ir=
SearchScopes: HKCU - {7A351E8E-4E83-45DF-BF1C-4C5756E99AD1} URL = http://websearch.ask.com/redirect?cl...8-34A610B81592
SearchScopes: HKCU - {7ABE112C-04D8-4B13-B444-158A2277274D} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4...r&d=2012-06-08 16:24:10&v=11.1.0.7&sap=dsp&q={searchTerms}
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: TiCoTTaCoupoon - {92D95D17-B987-EC0D-504E-05B39CD71326} - C:\ProgramData\TiCoTTaCoupoon\OvX6C9O.x64.dll No File
BHO: PriceDownloaader - {EF556BF2-9C5E-2B6C-6FD7-F771E9409A94} - C:\ProgramData\PriceDownloaader\L.x64.dll No File
BHO-x32: No Name - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - No File
Toolbar: HKCU - No Name - {E8558D71-5E4E-4217-B608-D2F5D3623AE3} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
FF SearchEngineOrder.1: Mysearchdial
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\CHRIS'~1\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: hopster.com/CouponPrinterPlugin - C:\Users\Chris's Computer\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinte rPlugin.dll (Hopster)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0 Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130 &ir=",
"hxxp://www.google.com"
CHR DefaultSearchProvider: "name": "Mysearchdial"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChP lg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (inSite(sm) from American Express(R)) - C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdalklcikcagbhnhoedgmccojikcdkn\1.1.0.15_0\plugin/inSitePlugin.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
Task: {891A7537-915B-4FC7-B91F-83A25DA2E9D8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {BD16FF35-79BC-4F6F-A937-D3922B21266E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {DB30E00E-8FFD-4671-9805-473E3E8178BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\CHRIS'~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
*****************
HKU\S-1-5-21-847771732-3420646878-1916418076-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => Value not found.
"C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL" => Value Data not found.
"c:\progra~2\optimi~1\optpro~1.dll" => Value Data not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7A351E8E-4E83-45DF-BF1C-4C5756E99AD1}' => Key deleted successfully.
'HKCR\CLSID\{7A351E8E-4E83-45DF-BF1C-4C5756E99AD1}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7ABE112C-04D8-4B13-B444-158A2277274D}' => Key deleted successfully.
'HKCR\CLSID\{7ABE112C-04D8-4B13-B444-158A2277274D}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
'HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}' => Key deleted successfully.
'HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92D95D17-B987-EC0D-504E-05B39CD71326}' => Key deleted successfully.
'HKCR\CLSID\{92D95D17-B987-EC0D-504E-05B39CD71326}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF556BF2-9C5E-2B6C-6FD7-F771E9409A94}' => Key deleted successfully.
'HKCR\CLSID\{EF556BF2-9C5E-2B6C-6FD7-F771E9409A94}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E8558D71-5E4E-4217-B608-D2F5D3623AE3} => value deleted successfully.
'HKCR\CLSID\{E8558D71-5E4E-4217-B608-D2F5D3623AE3}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found.
'HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.
'HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}'=> Key not found.
'HKCR\PROTOCOLS\Handler\cozi' => Key deleted successfully.
'HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F}'=> Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
'HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator'=> Key not found.
C:\Users\CHRIS'~1\AppData\Roaming\CATALI~2\NPBCSK~1.DLL not found.
'HKCU\Software\MozillaPlugins\hopster.com/CouponPrinterPlugin'=> Key not found.
C:\Users\Chris's Computer\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinte rPlugin.dll not found.
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=dnldstr0103&cd=2XzuyEtN2Y1L1Qzu0CtD0Fzz0D0A0F0E0E0CtCtBzzyC0DyEtN0D0 Tzu0CyByByDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2133385130 &ir=", ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: "name": "Mysearchdial" ==> The Chrome "Settings" can be used to fix the entry.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\gcswf32.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll not found.
C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChP lg.dll not found.
C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll not found.
C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdalklcikcagbhnhoedgmccojikcdkn\1.1.0.15_0\plugin/inSitePlugin.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll not found.
c:\progra~2\mcafee\msc\npmcsn~1.dll not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
SDScannerService => Service not found.
SDUpdateService => Service not found.
SDWSCService => Service not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{891A7537-915B-4FC7-B91F-83A25DA2E9D8}'=> Key not found.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD16FF35-79BC-4F6F-A937-D3922B21266E}'=> Key not found.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB30E00E-8FFD-4671-9805-473E3E8178BA}'=> Key not found.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization'=> Key not found.
C:\Windows\Tasks\UpdaterEX.job not found.
==== End of Fixlog.txt ====

I think that's it...ttfn


----------



## Mark1956 (May 7, 2011)

> I figured out that TARDIS is my son's computer, so that is a non-issue. My biggest concern is that the Event Viewer shows hundreds of failed attempts to login to JungleDisk, which is the cloud based drive I told you about in my original explanation. I can attach a screenshot of the error message if that will help.


That clears up the suspicion of it being the TARDIS computer. Please attach the screenshot of the error message and also post an example of the entries you are seeing in the Event Viewer.

Adwcleaner found a lot of Adware so we need to run it again to make sure it has all gone, we will deal with the two Adware apps that would not uninstall later. TDSSKiller found no problems.

Please run Adwcleaner in exactly the same way as you did before and post the new log produced after the reboot.

Then please run these scans below in the order listed.

*SCAN 1*
Please download RKill 
There are three buttons to choose from with different names on, select the first one and save it to your desktop.


Double-click on the *Rkill* desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and select *Run As Administrator*.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
A log pops up at the end of the run. This log file is located at *C:\rkill.log*. *Please Copy & Paste the entire log in your next reply.*
If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
If the tool does not run from any of the links provided, please let me know.

*SCAN 2*
DO NOT reboot the PC. Download Malwarebytes from here: Malwarebytes if you do not already have it and save the download to your desktop and install it. Once installed, open the program by double clicking on the icon and click on *Update Now* in the line where Database Version: is shown.


Before you run the scan click on *Settings* and then *Detection and Protection* in the left pane. 
At the next window make sure there are check marks next to all three of the items below *Detection Options*.
Also, under *Non-Malware detections:* set it to *Treat detections as Malware*
When done click on the *Scan* button and then make sure *Threat Scan* is selected, then click on the *Scan Now* button.
Shut down all browsers and any running programs and leave the system undisturbed while the scan is running, the time it takes to complete will depend on the amount of data that is on your system, on most systems it will be about 10 to 20 minutes.
When the scan completes it will tell you and show a window with a list of the detected items. They should all show *Quarantine* under the *Action* column, check to make sure. Then click on the *Apply Actions* button, accept any prompts that appear and allow it to reboot if requested.
Then click on the *History* button at the top of the window. (If the system rebooted you will first need to double click on the Malwarebytes icon to re-open it).
Click on *Application Logs* in the left pane. It will show a list of logs, you must find the *Scan log*, not the *Protection Log*, with today's date on it, it should be the one at the top of the list, click on the box at the beginning of the line so a check mark appears then click on *View* just above the list. When the next window opens click on *Copy to Clipboard*. If the *View* button is greyed out click on the word 'Scan Log' so the line gets highlighted, the *View* button should then be available.
Immediately come back here, right click inside the message box and select *Paste*, the log should appear. Add any other information asked for and submit the post.


----------



## twinfin62 (Jun 25, 2014)

Sry this took so long - I had to work today.

I have attached the screenshot showing the warnings from Event Viewer. There were many of these beginning on the 11th of June, which is the day I first suspected I was having a problem. Then I ran Hijack This and saw that Tardis message...

Here's the log for Adwcleaner:
# AdwCleaner v3.213 - Report created 26/06/2014 at 19:56:56
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Chris's Computer - INSPIRON1
# Running from : C:\Users\Chris's Computer\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v28.0 (en-US)
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\avn54pxv.default\prefs.js ]

[ File : C:\Users\Chris's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\pyyzt76e.default\prefs.js ]

-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Chris's Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************
AdwCleaner[R0].txt - [16599 octets] - [25/06/2014 23:12:37]
AdwCleaner[R1].txt - [16660 octets] - [25/06/2014 23:19:44]
AdwCleaner[R2].txt - [1313 octets] - [26/06/2014 19:51:08]
AdwCleaner[S0].txt - [16580 octets] - [25/06/2014 23:25:44]
AdwCleaner[S1].txt - [1234 octets] - [26/06/2014 19:56:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1294 octets] ##########

And the log from Rkill:

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 06/26/2014 09:55:13 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity: 
* No issues found.
Searching for Missing Digital Signatures: 
* No issues found.
Checking HOSTS File: 
* HOSTS file entries found: 
127.0.0.1 localhost
Program finished at: 06/26/2014 09:59:29 PM
Execution time: 0 hours(s), 4 minute(s), and 15 seconds(s)

And Malwarebytes:

Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 6/26/2014
Scan Time: 8:37:13 PM
Logfile: 
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.26.11
Rootkit Database: v2014.06.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chris's Computer
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 413839
Time Elapsed: 59 min, 52 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)

(end)


----------



## Mark1956 (May 7, 2011)

The logs have come up clean.

The event viewer error could just be due to a connectivity problem and I have no reason to suspect that this error is due to a hacker. Is there actually anything on Jungledisk that could be of any use to a hacker? The error simply indicates that a connection could not be made with the JungleDisk Service, it does not suggest the connection was being attempted by an intruder. Try disabling the JungleDiskWorkgroupService and see if the errors still appear, if they don't that will prove it is the software causing the error to appear and I would then suggest you uninstall and re-install the software.

If you have a look at this: http://support.microsoft.com/kb/976072 it ends by saying if the connection can still be made the error can be ignored. I honestly don't think your system has been hacked as there is no indication of anything more than the Adware infections which have now all been removed.


----------



## twinfin62 (Jun 25, 2014)

Yes, there is very sensitive financial information on that JungleDisk drive. 


Between that TARDIS message and the multiple failed login attempts, I was very concerned.


I guess I jumped to conclusions, but I didn't know that TARDIS was my son's computer. The failed login messages seem to have stopped since shortly after you began helping me, so that is good, but if I see them again I will try what you have recommended. 


I do, now, have a blue million of this new message. Do you know if the program that is missing something is malware? or something I need to maybe uninstall/reinstall?


Also, could you please tell me how to get those two malware items that wouldn't uninstall off of my machine?


I very much appreciate all of your help!


----------



## Mark1956 (May 7, 2011)

You're welcome.

The error you are seeing now from Brynsvc is related to a Brother printer, I would suggest reinstalling the software. You appear to have two different versions of Brother software installed, which may be the reason it is causing an issue, uninstall them both then go to the Brother site and get the latest software and drivers package.

Glad to hear that the original problem is understood and that the error messages have stopped, this may have simply been due to a temporary connection problem. From what I have read about the site, all data is encrypted so the chances of anyone gaining access and extracting any useful data without the encryption key is zero.

Now to deal with those two Adware programs.

Please download *SystemLook* from the following link below and save it to your Desktop.


*SystemLook (64-bit)*


Double-click *SystemLook.exe* to run it.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
Copy and paste everything in the codebox below into the main textfield:


```
:filefind
*FindRight*
*PrInceCOUpon*
:folderfind
*FindRight*
*PrInceCOUpon*
:regfind
FindRight
PrInceCOUpon
```

Click the Look button to start the scan.
When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
Please copy and paste the contents of that log in your next reply.


----------



## twinfin62 (Jun 25, 2014)

Ok...uninstalled Brother printer and reinstalled; still getting the Brynsvc messages, but its not the end of the world.

You said, "From what I have read about the site, all data is encrypted so the chances of anyone gaining access and extracting any useful data without the encryption key is zero." That is very comforting!

Here is my SystemLook log:

SystemLook 30.07.11 by jpshortstuff
Log created at 11:52 on 30/06/2014 by Chris's Computer
Administrator - Elevation successful
========== filefind ==========
Searching for "*FindRight*"
No files found.
Searching for "*PrInceCOUpon*"
C:\Users\Chris's Computer\AppData\Local\Packages\windows_ie_ac_001\AC\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat --a---- 122 bytes [20:32 20/05/2014] [20:32 20/05/2014] DEB6D286F8958091758214107CE0868C
C:\Users\Chris's Computer\AppData\LocalLow\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat --a---- 21670 bytes [20:32 20/05/2014] [18:03 18/06/2014] A3D8E841D408FB9A275CB55D12D44359
========== folderfind ==========
Searching for "*FindRight*"
No folders found.
Searching for "*PrInceCOUpon*"
C:\AdwCleaner\Quarantine\C\ProgramData\PrInceCOUpon d------ [03:25 26/06/2014]
========== regfind ==========
Searching for "FindRight"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update FindRight]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Util FindRight]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update FindRight]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Util FindRight]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight]
Searching for "PrInceCOUpon"
[HKEY_LOCAL_MACHINE\SOFTWARE\SUPERAntiSpyware.com\SUPERAntiSpyware\InUseFiles]
"File3"="C:\PROGRAMDATA\PRINCECOUPON\M9KNYAF4.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"ProductName"="PrInceCOUpon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"Publisher"="PRinceCOupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"InfoURL"="http://princecoupon.info"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"DisplayName"="PrInceCOUpon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"UninstallString"=""C:\ProgramData\PrInceCOUpon\m9KnyaF4.exe" /s /n /i:"ExecuteCommands;UninstallCommands" """
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}]
"SilentUninstall"=""C:\ProgramData\PrInceCOUpon\m9KnyaF4.exe" /s /n /i:"ExecuteCommands;UninstallCommands" """
-= EOF =-

Thanks,

C


----------



## Mark1956 (May 7, 2011)

Please follow this to remove the remaining items found above.

Not sure what the problem is with the Brother driver, you may like to see if they have a forum and start a thread there for the problem.

We are now going to run FRST in a different way.


*IMPORTANT---> *First download the attachment at the bottom of this post by clicking on it and save it in the same location as FRST.
Launch *FRST* by double clicking on it. *DO NOT* click on the *Scan* button or check any of the boxes.
You may see a message that an update is installing, if so the program will close when the update completes, you will then need to double click on *FRST* to open it again.
When the *FRST* window opens click on the *Fix* button *just once* and wait.
You will see a message confirming the fix has been run and the log saved, click on *OK* and the Fixlog will open. *Copy & Paste* the full log it into your next reply.

*NOTE:* This fix has been written specifically for the PC being dealt with in this thread, if you run it on another system it may have undesirable consequences. If you have a similar problem, ask for help by opening a new thread in the appropriate forum.


----------



## twinfin62 (Jun 25, 2014)

ok, here's the new log:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-06-2014
Ran by Chris's Computer at 2014-07-01 12:01:16 Run:2
Running from C:\Users\Chris's Computer\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Chris's Computer\AppData\Local\Packages\windows_ie_ac_001\AC\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat
C:\Users\Chris's Computer\AppData\LocalLow\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Util FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Util FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight"
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}"
*****************
C:\Users\Chris's Computer\AppData\Local\Packages\windows_ie_ac_001\AC\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat => Moved successfully.
C:\Users\Chris's Computer\AppData\LocalLow\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update FindRight (Yes/No)? The operation completed successfully.


========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Util FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Util FindRight (Yes/No)? The operation completed successfully.


========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update FindRight (Yes/No)? The operation completed successfully.


========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Util FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Util FindRight (Yes/No)? The operation completed successfully.


========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update FindRight (Yes/No)? ERROR: The system was unable to find the specified registry key or value.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util FindRight (Yes/No)? ERROR: The system was unable to find the specified registry key or value.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}" =========
Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566} (Yes/No)? The operation completed successfully.


========= End of Reg: =========

==== End of Fixlog ====


----------



## Mark1956 (May 7, 2011)

A couple of the reg keys were not found, I just want to be sure they have gone, please repeat the instruction in post 16 to do the scan with SystemLook and post the log.


----------



## twinfin62 (Jun 25, 2014)

Looks like you did it; here's the scan:

SystemLook 30.07.11 by jpshortstuff
Log created at 01:39 on 02/07/2014 by Chris's Computer
Administrator - Elevation successful
No Context: Code:
========== filefind ==========
Searching for "*FindRight*"
No files found.
Searching for "*PrInceCOUpon*"
C:\FRST\Quarantine\C\Users\Chris's Computer\AppData\Local\Packages\windows_ie_ac_001\AC\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat.xBAD --a---- 122 bytes [20:32 20/05/2014] [20:32 20/05/2014] DEB6D286F8958091758214107CE0868C
C:\FRST\Quarantine\C\Users\Chris's Computer\AppData\LocalLow\{4B3FE1BC-EF61-FC2E-78F3-D4525D447B85}\PrInceCOUpon.2.9.dat.xBAD --a---- 21670 bytes [20:32 20/05/2014] [18:03 18/06/2014] A3D8E841D408FB9A275CB55D12D44359
========== folderfind ==========
Searching for "*FindRight*"
No folders found.
Searching for "*PrInceCOUpon*"
C:\AdwCleaner\Quarantine\C\ProgramData\PrInceCOUpon d------ [03:25 26/06/2014]
========== regfind ==========
Searching for "FindRight"
No data found.
Searching for "PrInceCOUpon"
[HKEY_LOCAL_MACHINE\SOFTWARE\SUPERAntiSpyware.com\SUPERAntiSpyware\InUseFiles]
"File3"="C:\PROGRAMDATA\PRINCECOUPON\M9KNYAF4.EXE"
-= EOF =-


----------



## Mark1956 (May 7, 2011)

That log result is fine, unless you have any other problems I think we can rap this up.

You can remove all the tools used and the saved logs by right clicking on them and selecting Delete. I would recommend you keep Adwcleaner and run regular scans with it to keep the system clear of Adware.

I shall mark the thread as Solved, but you can still post back if you wish.


----------



## twinfin62 (Jun 25, 2014)

Ok. Thank you VERY VERY much!!! I really appreciate all of your help.


----------



## Mark1956 (May 7, 2011)

You're most welcome.


----------

