Solved Win 7 - can't reach Control Panel

MH Lindsey · Oct 8, 2015

***** [ Web browsers ] *****

[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 845);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.address", "JLaBounta@aol.com");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.count", "8");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.id", "value");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.imagelist.layout", "open");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.aolmail.user", "JLaBounta");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.button.aol_mail_32490.click", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.button.ebay_46278.click", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.buttons.layout", "aol_mail_32490;weather_32502;_32513;_32524;facebook_41300;mapquest_41322;twitter_41333;ebay_46792;_41355;_41366;_41377;ebay_46278");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.calendar.timestamp", "1400726362788");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.cookie.homepage", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.cookie.search", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.curtain.debug", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.homepage.check", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.homepage.protection", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000003");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.newtab.check", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.search.check", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefox-ff&s_qt=sb&tb_uuid=20110817004921426&tb_oid=17-08-2011&tb_mrud=25-02-2015");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.guid", "{BA4003F5-A3A8-6AC4-681B-BAB81EF282CA}");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.active", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.enabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.ignoreids", "23;97;14");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.watchids", "1285");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.watchlist", "2");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.historybutton.watchtimes", "10");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.homepageprotection.enabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.homepageprotection.set", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.distroid", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.homepage.label", "AOL.com");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.10388");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.lid", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000003");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.ncid", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.newtab", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000081&tb_uuid={uid}");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.sethomepage", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.setnewtab", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.setsearch", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.install.type", "upgrade");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.activestampdate", "14");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "7");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2015");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.log", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalDate", "17");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalHours", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "49");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalMonth", "8");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "15");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.metrics.originalYear", "2011");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.presethomepage", "mywebsearch.com");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.presetnewtab", "about:newtab");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.presetsearch", "AOL Search");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote..xml", "1439606216077");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.alerts.xml", "1355982937804");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.config.js", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.historyconfig.js", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.publish.xml", "1439606216052");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.rtw.js", "1355982935397");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.searchterm.js", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.remote.ticker.rss", "1355982938069");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.reset.flag", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.reset.style", "A");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.resetprompt.daily.num", "5");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.resetprompt.daily.timestamp", "Tue Nov 26 2013 13:41:50 GMT-0800 (Pacific Standard Time)");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.resetprompt.display.limit", "5");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.resetprompt.skip", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.rtw.active", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.button", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.cid", "25-02-2015");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.focusnewtab", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.instd", "20110817004921426");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.newtab", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.oid", "17-08-2011");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.placement", "right");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.savehistory", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.searchtype", "web");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.search.source", "customfirefox-ff");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.searchengine.label", "AOL Search");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.searchprotection.enabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.searchprotection.set", "1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.skin.custom", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.date", "92");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.lastDate", "5");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.lastMonth", "10");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.mURL", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.month", "94");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.prevMonth", "71");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.show", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.total", "290");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.week", "94");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.surf.year", "164");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.active", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.animation", "hscroll");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.collapsed", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.endColor", "444444");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.fontFamily", "Arial, Helvetica, sans-serif");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.fontSize", "10");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.maxWidth", "200");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.show", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.startColor", "0D0D0D");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.tipHidden", "Show Headlines");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.tipVisible", "Hide Headlines");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.ticker.url", "hxxp://feeds.feedburner.com/aolnewstopstories");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.toolbar.langlocale", "en-US");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.uninstallreset", "3");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.condition", "30");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.degc", "18");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.degf", "65");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.degrees", "F");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/33_n.png");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.lastupdate", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.locationid", "USCA0500");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.metric", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.tooltip", "Huntington Beach , CA : Mostly Clear");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.update", "1383705014537");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.weather.zipcode", "10006");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.welcome.upg.display", "0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.widgets.layout", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.widgets.log", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.widgets.timestamp", "1439606221417");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.widgets.version", "5.74.1.10388");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.winamp.volume", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefox-ff&s_qt=sb&tb_uuid=20110817004921426&tb_oid=17-08-2011&tb_mrud=25-02-2015");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Secure Search");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.BUTTON_STRUCTURE", "[{\"b\":225170140,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":225170141,\"c\":\"mindspark.entersearchterms\",\"p[...]
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.browser.version.last", "39.0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.coId", "2633a177237148b4bbf590c3a7b80ff0");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.firstKnownVersion", "7.27.8.4249");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=F083DF83-82EA-48E0-983B-09649F53CDE2&n=781baf75&p2=^XP^xpt255^S13802^us&si=COnrz6HHjscC[...]
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.initialized", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installKeysSource", "Cookies");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installType", "XPI");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.contextKey", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.dlpCountryCode", "US");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.installDate", "2015080309");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.partnerId", "^XP^xpt255^S13802^us");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.partnerSubId", "COnrz6HHjscCFdgBgQodLX0Jhw");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.success", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.installation.toolbarId", "F083DF83-82EA-48E0-983B-09649F53CDE2");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.lastActivePing", "1439790869310");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.lastKnownVersion", "7.27.8.4249");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.options.defaultSearch", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.options.homePageEnabled", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.options.keywordEnabled", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.options.tabEnabled", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.successUrl", "hxxp://download.televisionfanatic.com/installComplete.jhtml");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.Mindspark._64Members_.toolbarCollapsed", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=CF6F0E39-4AF1-4BAB-9DA3-EF698F645044&n=77fd0d4a&p2=^YK^xdm149^YY^us&si=455002");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.hp.enabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.hp.lastGuardTime", -1306253660);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.hp.numGuards", 1);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.initialized", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.contextKey", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.installDate", "2013072714");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerId", "^YK^xdm149^YY^us");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerSubId", "455002");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.success", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.installation.toolbarId", "CF6F0E39-4AF1-4BAB-9DA3-EF698F645044");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.lastActivePing", "1385954133055");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.defaultSearch", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.homePageEnabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.keywordEnabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.options.tabEnabled", true);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.searchHistory", "southbay acceptancewww.sbac-finance.comaol.comthe gas companyamericanfirstcredit unionvibratersviamazonbratersamazon[...]
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._14Members_.weather.location", "90001");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._64Members_.lssState", "{\"previousLocales\":[\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLo[...]
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[-] [C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [50724 bytes] ##########

MH Lindsey · Oct 8, 2015

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jacqueline on Thu 10/08/2015 at 15:32:52.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\0215tb_RML
Successfully deleted: [Task] C:\Windows\Tasks\0215tb_RML.job

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6905DDF7-9472-438C-A4AD-F232702D7D42}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A195C577-4E26-4327-AEA3-CE76B29C425C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A195C577-4E26-4327-AEA3-CE76B29C425C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

~~~ Files

Successfully deleted: [File] C:\Windows\SysWOW64\sho1444.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD093.tmp

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Jacqueline\AppData\Roaming\mozilla\firefox\profiles\vbo092ro.default\prefs.js

user_pref(browser.search.defaultenginename, Secure Search);
user_pref(browser.search.order.1, Secure Search);
user_pref(browser.search.selectedEngine, Secure Search);
Emptied folder: C:\Users\Jacqueline\AppData\Roaming\mozilla\firefox\profiles\vbo092ro.default\minidumps [5 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/08/2015 at 15:37:15.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MH Lindsey · Oct 8, 2015

Malwarebytes Anti-Malware
www.malwarebytes.org

Error, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Update, Bad md5 or size: akadomains, 11,
Error, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Update, Bad md5 or size: akaips, 11,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, Remediation Database, 2015.5.13.1, 2015.10.7.3,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, Rootkit Database, 2015.6.2.1, 2015.10.6.1,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, IP Database, 0.0.0.0, 2015.10.8.1,
Update, 10/7/2015 7:11 PM, SYSTEM, JACQUELINE-HP, Manual, Domain Database, 0.0.0.0, 2015.10.8.2,
Update, 10/7/2015 7:12 PM, SYSTEM, JACQUELINE-HP, Manual, Malware Database, 2015.6.3.3, 2015.10.7.6,
Error, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Update, Bad md5 or size: akadomains, 11,
Error, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Update, Bad md5 or size: akaips, 11,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, Remediation Database, 2015.5.13.1, 2015.10.7.3,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, Rootkit Database, 2015.6.2.1, 2015.10.6.1,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, IP Database, 0.0.0.0, 2015.10.8.2,
Update, 10/7/2015 7:32 PM, SYSTEM, JACQUELINE-HP, Manual, Domain Database, 0.0.0.0, 2015.10.8.2,
Update, 10/7/2015 7:33 PM, SYSTEM, JACQUELINE-HP, Manual, Malware Database, 2015.6.3.3, 2015.10.7.6,
Scan, 10/7/2015 9:27 PM, SYSTEM, JACQUELINE-HP, Manual, Start:10/7/2015 7:33 PM, Duration:38 min 59 sec, Threat Scan, Completed, 6 Malware Detections, 8 Non-Malware Detections,

(end)

Broni · Oct 8, 2015

We have a rootkit there.

Download TDSSKiller and save it to your desktop.

Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

MH Lindsey · Oct 9, 2015

16:12:45.0369 0x1564 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:12:48.0762 0x1564 ============================================================
16:12:48.0762 0x1564 Current date / time: 2015/10/09 16:12:48.0762
16:12:48.0762 0x1564 SystemInfo:
16:12:48.0762 0x1564
16:12:48.0762 0x1564 OS Version: 6.1.7601 ServicePack: 1.0
16:12:48.0762 0x1564 Product type: Workstation
16:12:48.0763 0x1564 ComputerName: JACQUELINE-HP
16:12:48.0763 0x1564 UserName: Jacqueline
16:12:48.0763 0x1564 Windows directory: C:\Windows
16:12:48.0763 0x1564 System windows directory: C:\Windows
16:12:48.0763 0x1564 Running under WOW64
16:12:48.0763 0x1564 Processor architecture: Intel x64
16:12:48.0763 0x1564 Number of processors: 8
16:12:48.0763 0x1564 Page size: 0x1000
16:12:48.0763 0x1564 Boot type: Normal boot
16:12:48.0763 0x1564 ============================================================
16:12:49.0196 0x1564 KLMD registered as C:\Windows\system32\drivers\38406731.sys
16:12:49.0569 0x1564 System UUID: {955D3EBF-38B8-E8F2-D24F-464A7D224393}
16:12:50.0130 0x1564 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:12:50.0139 0x1564 ============================================================
16:12:50.0139 0x1564 \Device\Harddisk0\DR0:
16:12:50.0139 0x1564 MBR partitions:
16:12:50.0139 0x1564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:12:50.0139 0x1564 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55800000
16:12:50.0139 0x1564 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55864000, BlocksNum 0x1CAE800
16:12:50.0139 0x1564 ============================================================
16:12:50.0174 0x1564 C: <-> \Device\Harddisk0\DR0\Partition2
16:12:50.0209 0x1564 D: <-> \Device\Harddisk0\DR0\Partition3
16:12:50.0209 0x1564 ============================================================
16:12:50.0209 0x1564 Initialize success
16:12:50.0209 0x1564 ============================================================
16:13:12.0492 0x1f00 ============================================================
16:13:12.0492 0x1f00 Scan started
16:13:12.0492 0x1f00 Mode: Manual;
16:13:12.0492 0x1f00 ============================================================
16:13:12.0492 0x1f00 KSN ping started
16:13:15.0075 0x1f00 KSN ping finished: true
16:13:15.0761 0x1f00 ================ Scan system memory ========================
16:13:15.0761 0x1f00 Scan was interrupted by user!
16:13:15.0815 0x1f00 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.0.0.0 ), 0x50010 ( disabled : outofdate )
16:13:15.0816 0x1f00 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
16:13:15.0817 0x1f00 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.6086 ), 0x40000 ( disabled : updated )
16:13:15.0819 0x1f00 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.0.0.0 ), 0x51010 ( enabled )
16:13:18.0557 0x1f00 ============================================================
16:13:18.0557 0x1f00 Scan finished
16:13:18.0557 0x1f00 ============================================================
16:13:18.0572 0x0d0c Detected object count: 0
16:13:18.0572 0x0d0c Actual detected object count: 0
16:13:31.0414 0x1c1c ============================================================
16:13:31.0414 0x1c1c Scan started
16:13:31.0414 0x1c1c Mode: Manual;
16:13:31.0414 0x1c1c ============================================================
16:13:31.0414 0x1c1c KSN ping started
16:13:33.0964 0x1c1c KSN ping finished: true
16:13:34.0405 0x1c1c ================ Scan system memory ========================
16:13:34.0405 0x1c1c System memory - ok

MH Lindsey · Oct 9, 2015

16:13:34.0405 0x1c1c ================ Scan services =============================
16:13:34.0605 0x1c1c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:13:34.0620 0x1c1c 1394ohci - ok
16:13:34.0677 0x1c1c [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:13:34.0681 0x1c1c Accelerometer - ok
16:13:34.0759 0x1c1c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:13:34.0778 0x1c1c ACPI - ok
16:13:34.0832 0x1c1c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:13:34.0835 0x1c1c AcpiPmi - ok
16:13:34.0985 0x1c1c [ 4451CC2275B04043EC2BCC757AF97291, A07781C5C9AD344BF2B5F8E7ED0ACD804113B6BC02D082717E493768E6ABC393 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
16:13:34.0996 0x1c1c AdobeActiveFileMonitor8.0 - ok
16:13:35.0116 0x1c1c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:13:35.0121 0x1c1c AdobeARMservice - ok
16:13:35.0290 0x1c1c [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:13:35.0307 0x1c1c AdobeFlashPlayerUpdateSvc - ok
16:13:35.0395 0x1c1c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:13:35.0414 0x1c1c adp94xx - ok
16:13:35.0490 0x1c1c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:13:35.0505 0x1c1c adpahci - ok
16:13:35.0537 0x1c1c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:13:35.0542 0x1c1c adpu320 - ok
16:13:35.0567 0x1c1c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:13:35.0570 0x1c1c AeLookupSvc - ok
16:13:35.0774 0x1c1c [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:13:35.0782 0x1c1c AESTFilters - ok
16:13:35.0862 0x1c1c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:13:35.0877 0x1c1c AFD - ok
16:13:35.0929 0x1c1c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:13:35.0931 0x1c1c agp440 - ok
16:13:35.0993 0x1c1c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:13:36.0000 0x1c1c ALG - ok
16:13:36.0061 0x1c1c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:13:36.0064 0x1c1c aliide - ok
16:13:36.0143 0x1c1c [ 1B4A3C8E429F1FAB998ECEEA3CE3E0B8, 643D4390DA8F033739057F88B5A2FF93C515CE4B1D1A811A1CAF74607A13D079 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:13:36.0157 0x1c1c AMD External Events Utility - ok
16:13:36.0214 0x1c1c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:13:36.0217 0x1c1c amdide - ok
16:13:36.0274 0x1c1c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:13:36.0278 0x1c1c AmdK8 - ok
16:13:36.0609 0x1c1c [ E08CF0ED91FCCA0017776CFF4A506012, 32F038775C015BE8495CBFE5BDFEDAE44CDA20B4D1EAD6880CF25A59C95BA097 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:13:36.0773 0x1c1c amdkmdag - ok
16:13:36.0894 0x1c1c [ F072F317E430925C7D88C766DB7DA86E, BBE6DA3BFCAC3391C5544113CBDFEF77032D9D32914E3980EB0FFF4C67C6C6D9 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:13:36.0911 0x1c1c amdkmdap - ok
16:13:36.0943 0x1c1c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:13:36.0947 0x1c1c AmdPPM - ok
16:13:37.0003 0x1c1c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:13:37.0011 0x1c1c amdsata - ok
16:13:37.0050 0x1c1c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:13:37.0062 0x1c1c amdsbs - ok
16:13:37.0083 0x1c1c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:13:37.0085 0x1c1c amdxata - ok
16:13:37.0153 0x1c1c [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
16:13:37.0165 0x1c1c AMPPAL - ok
16:13:37.0205 0x1c1c [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
16:13:37.0216 0x1c1c AMPPALP - ok
16:13:37.0364 0x1c1c [ 576134E43169810B560F0BB6FDEE13F5, 8B6CC94AAACA7C1074A6A20FEBA13D653E1550B2C471A5A383AC97DDC3A0213B ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:13:37.0384 0x1c1c AMPPALR3 - ok
16:13:37.0448 0x1c1c [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\Windows\system32\drivers\appid.sys
16:13:37.0454 0x1c1c AppID - ok
16:13:37.0496 0x1c1c [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:13:37.0500 0x1c1c AppIDSvc - ok
16:13:37.0535 0x1c1c [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
16:13:37.0541 0x1c1c Appinfo - ok
16:13:37.0625 0x1c1c [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:13:37.0631 0x1c1c Apple Mobile Device - ok
16:13:37.0692 0x1c1c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:13:37.0694 0x1c1c arc - ok
16:13:37.0705 0x1c1c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:13:37.0707 0x1c1c arcsas - ok
16:13:37.0846 0x1c1c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:13:37.0848 0x1c1c aspnet_state - ok
16:13:37.0924 0x1c1c [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
16:13:37.0928 0x1c1c aswHwid - ok
16:13:37.0948 0x1c1c [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:13:37.0953 0x1c1c aswMonFlt - ok
16:13:38.0045 0x1c1c [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
16:13:38.0051 0x1c1c aswRdr - ok
16:13:38.0078 0x1c1c [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:13:38.0083 0x1c1c aswRvrt - ok
16:13:38.0208 0x1c1c [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:13:38.0227 0x1c1c aswSnx - ok
16:13:38.0314 0x1c1c [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:13:38.0328 0x1c1c aswSP - ok
16:13:38.0395 0x1c1c [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\Windows\system32\drivers\aswStm.sys
16:13:38.0406 0x1c1c aswStm - ok
16:13:38.0462 0x1c1c [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:13:38.0472 0x1c1c aswVmm - ok
16:13:38.0530 0x1c1c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:13:38.0533 0x1c1c AsyncMac - ok
16:13:38.0589 0x1c1c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:13:38.0593 0x1c1c atapi - ok
16:13:38.0766 0x1c1c [ 8A230F6C49809ABB642CD02117C796C4, EAD0FE07C4D40BB2793BE7CA8F5283164E9AD588AF83AB5F95185C28175895B1 ] AtiDCM C:\Users\Jacqueline\AppData\Local\Temp\atdcm64a.sys
16:13:38.0770 0x1c1c AtiDCM - ok
16:13:38.0877 0x1c1c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:13:38.0898 0x1c1c AudioEndpointBuilder - ok
16:13:38.0917 0x1c1c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:13:38.0930 0x1c1c AudioSrv - ok
16:13:39.0123 0x1c1c [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:13:39.0133 0x1c1c avast! Antivirus - ok
16:13:39.0243 0x1c1c [ E7C8FBDCB1C079C332F962DD1C075E5E, 4931B016C14B8ABE3CA5C8C0A3AC27253F2C72486CF43C299183EB65F93C06D4 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
16:13:39.0251 0x1c1c Avgdiska - ok
16:13:39.0496 0x1c1c [ E7FAE655001C18A7ECBD58B3BA971BF9, 25947054B1C8DA2128CDB3BA6231F692AC4655FFDE64A93DDCA59C2D2B4AAC1E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
16:13:39.0558 0x1c1c AVGIDSAgent - ok
16:13:39.0613 0x1c1c [ E3DC1089EDAD57F5279804167E6142E9, 454E6E735B531D1A90FA3E64558B7C125A6E9460C8C30736DD8E43B0ADDB28F1 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:13:39.0628 0x1c1c AVGIDSDriver - ok
16:13:39.0666 0x1c1c [ 54384FC2230B4469E7EDF938B7CF5FF7, 93EF11C8D1EC307A71B43578EE3EFFF3FBAFB26AE0A94E4CFD54342CAA4C108C ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:13:39.0673 0x1c1c AVGIDSHA - ok
16:13:39.0718 0x1c1c [ 0CFB17D66DC1D76214F50E33C41CC8B6, 344E0D99C8D741C63F62859A29284D328E76E07A409692F1B6FB1F9DB3946420 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:13:39.0726 0x1c1c Avgldx64 - ok
16:13:39.0826 0x1c1c [ 7EC2B7BBA7A30691D2E0D8478F219B90, EBB18E34D502E85F6450E944B3A1AD7B86692F2F0C9041B927F69CE40E7802A6 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:13:39.0837 0x1c1c Avgloga - ok
16:13:39.0903 0x1c1c [ BC3016B9921753DD3A3CF1082FBCF146, E50C49C208297A6DBB8A7A7D8A3DF47128C7205A411F9E47335887DEE07B053A ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:13:39.0914 0x1c1c Avgmfx64 - ok
16:13:39.0967 0x1c1c [ 719EF00B1C5BED9CF5675274A4F774B9, 3883B41AC13AC7B2E2D58AA3209B3D479C53469A3F423CAC151A3F25DA462E3D ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:13:39.0969 0x1c1c Avgrkx64 - ok
16:13:40.0051 0x1c1c [ EB9606C7C31E2C90BD9A81B0BEE01C28, D07A064C069124DEAF2782438E606BB497EF7E866FF9069C1C474B2A7CC0A61A ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:13:40.0065 0x1c1c Avgtdia - ok
16:13:40.0123 0x1c1c [ FE9742B20DD5FCF12D245D08BF5AAF98, 620024EDABC8C06C94D9F4A7EDD1E4D91929E9ADA685C5BF995E282D22B7CA35 ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
16:13:40.0135 0x1c1c avgwd - ok
16:13:40.0179 0x1c1c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:13:40.0182 0x1c1c AxInstSV - ok

MH Lindsey · Oct 9, 2015

16:13:40.0277 0x1c1c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:13:40.0301 0x1c1c b06bdrv - ok
16:13:40.0378 0x1c1c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:13:40.0392 0x1c1c b57nd60a - ok
16:13:40.0481 0x1c1c [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:13:40.0489 0x1c1c BBSvc - ok
16:13:40.0608 0x1c1c [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:13:40.0632 0x1c1c BCM43XX - ok
16:13:40.0685 0x1c1c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:13:40.0688 0x1c1c BDESVC - ok
16:13:40.0737 0x1c1c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:13:40.0740 0x1c1c Beep - ok
16:13:40.0848 0x1c1c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:13:40.0873 0x1c1c BFE - ok
16:13:40.0925 0x1c1c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:13:40.0943 0x1c1c BITS - ok
16:13:40.0997 0x1c1c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:13:41.0002 0x1c1c blbdrive - ok
16:13:41.0136 0x1c1c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:13:41.0147 0x1c1c Bonjour Service - ok
16:13:41.0214 0x1c1c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:13:41.0221 0x1c1c bowser - ok
16:13:41.0293 0x1c1c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:13:41.0296 0x1c1c BrFiltLo - ok
16:13:41.0321 0x1c1c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:13:41.0324 0x1c1c BrFiltUp - ok
16:13:41.0390 0x1c1c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:13:41.0400 0x1c1c Browser - ok
16:13:41.0466 0x1c1c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:13:41.0478 0x1c1c Brserid - ok
16:13:41.0501 0x1c1c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:13:41.0503 0x1c1c BrSerWdm - ok
16:13:41.0528 0x1c1c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:13:41.0530 0x1c1c BrUsbMdm - ok
16:13:41.0577 0x1c1c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:13:41.0580 0x1c1c BrUsbSer - ok
16:13:41.0640 0x1c1c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:13:41.0645 0x1c1c BthEnum - ok
16:13:41.0671 0x1c1c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:13:41.0677 0x1c1c BTHMODEM - ok
16:13:41.0716 0x1c1c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:13:41.0723 0x1c1c BthPan - ok
16:13:41.0795 0x1c1c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:13:41.0808 0x1c1c BTHPORT - ok
16:13:41.0860 0x1c1c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:13:41.0864 0x1c1c bthserv - ok
16:13:41.0931 0x1c1c [ 9E2AF97302B9F4BF97E952A865EB31AE, 2DE38CF8A24CC1E31604EF870704DE342D800762A2ECCF3E4AF0B183C1408456 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:13:41.0936 0x1c1c BTHSSecurityMgr - ok
16:13:41.0948 0x1c1c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:13:41.0952 0x1c1c BTHUSB - ok
16:13:42.0003 0x1c1c [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:13:42.0013 0x1c1c btwampfl - ok
16:13:42.0053 0x1c1c [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:13:42.0061 0x1c1c btwaudio - ok
16:13:42.0112 0x1c1c [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:13:42.0122 0x1c1c btwavdt - ok
16:13:42.0224 0x1c1c [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:13:42.0242 0x1c1c btwdins - ok
16:13:42.0263 0x1c1c [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:13:42.0265 0x1c1c btwl2cap - ok
16:13:42.0275 0x1c1c [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:13:42.0277 0x1c1c btwrchid - ok
16:13:42.0478 0x1c1c [ 9E530C6F0EEE34CCEAC8104838AB68C7, 836210CE25778694F9F348BB6790DF61F7ED896D2B16F5760B20023CD3AC79C9 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:13:42.0506 0x1c1c c2cautoupdatesvc - ok
16:13:42.0626 0x1c1c [ 96B14B79C71CE4A7783184CC8B5DBCE8, D3386930BF9A364DB35DB629FB09E244CB0E4ACF95721DE586832352262E373B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:13:42.0658 0x1c1c c2cpnrsvc - ok
16:13:42.0713 0x1c1c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:13:42.0721 0x1c1c cdfs - ok
16:13:42.0794 0x1c1c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:13:42.0801 0x1c1c cdrom - ok
16:13:42.0847 0x1c1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:13:42.0849 0x1c1c CertPropSvc - ok
16:13:42.0899 0x1c1c [ 274CE03459896006F7A5069266E0469E, C7D12E8DE8E2CB927BA64ABD7EB1C255BD4AA232EB05992505966D676A84EE73 ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:13:42.0901 0x1c1c cfwids - ok
16:13:42.0950 0x1c1c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:13:42.0951 0x1c1c circlass - ok
16:13:43.0006 0x1c1c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:13:43.0016 0x1c1c CLFS - ok
16:13:43.0110 0x1c1c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:13:43.0118 0x1c1c clr_optimization_v2.0.50727_32 - ok
16:13:43.0181 0x1c1c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:13:43.0187 0x1c1c clr_optimization_v2.0.50727_64 - ok
16:13:43.0319 0x1c1c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:13:43.0327 0x1c1c clr_optimization_v4.0.30319_32 - ok
16:13:43.0367 0x1c1c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:13:43.0373 0x1c1c clr_optimization_v4.0.30319_64 - ok
16:13:43.0429 0x1c1c [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
16:13:43.0431 0x1c1c clwvd - ok
16:13:43.0488 0x1c1c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:13:43.0491 0x1c1c CmBatt - ok
16:13:43.0521 0x1c1c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:13:43.0524 0x1c1c cmdide - ok
16:13:43.0628 0x1c1c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:13:43.0642 0x1c1c CNG - ok
16:13:43.0702 0x1c1c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:13:43.0704 0x1c1c Compbatt - ok
16:13:43.0753 0x1c1c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:13:43.0758 0x1c1c CompositeBus - ok
16:13:43.0781 0x1c1c COMSysApp - ok
16:13:43.0800 0x1c1c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:13:43.0803 0x1c1c crcdisk - ok
16:13:43.0864 0x1c1c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:13:43.0874 0x1c1c CryptSvc - ok
16:13:44.0031 0x1c1c [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:13:44.0054 0x1c1c cvhsvc - ok
16:13:44.0125 0x1c1c [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:13:44.0130 0x1c1c dc3d - ok
16:13:44.0223 0x1c1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:13:44.0239 0x1c1c DcomLaunch - ok
16:13:44.0265 0x1c1c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:13:44.0272 0x1c1c defragsvc - ok
16:13:44.0286 0x1c1c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:13:44.0288 0x1c1c DfsC - ok
16:13:44.0352 0x1c1c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:13:44.0370 0x1c1c Dhcp - ok
16:13:44.0539 0x1c1c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
16:13:44.0565 0x1c1c DiagTrack - ok
16:13:44.0588 0x1c1c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:13:44.0590 0x1c1c discache - ok
16:13:44.0655 0x1c1c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:13:44.0661 0x1c1c Disk - ok
16:13:44.0699 0x1c1c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:13:44.0708 0x1c1c Dnscache - ok
16:13:44.0743 0x1c1c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:13:44.0756 0x1c1c dot3svc - ok
16:13:44.0773 0x1c1c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:13:44.0777 0x1c1c DPS - ok
16:13:44.0829 0x1c1c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:13:44.0832 0x1c1c drmkaud - ok
16:13:44.0908 0x1c1c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:13:44.0932 0x1c1c DXGKrnl - ok

MH Lindsey · Oct 9, 2015

16:13:44.0959 0x1c1c EapHost - ok
16:13:45.0085 0x1c1c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:13:45.0145 0x1c1c ebdrv - ok
16:13:45.0197 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS C:\Windows\System32\lsass.exe
16:13:45.0205 0x1c1c EFS - ok
16:13:45.0341 0x1c1c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:13:45.0354 0x1c1c ehRecvr - ok
16:13:45.0371 0x1c1c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:13:45.0374 0x1c1c ehSched - ok
16:13:45.0451 0x1c1c [ 627350A11295D82BF78D155B12FFD0EF, BF4A80A379803C765EF5163EE7422A30D8F35820E38690F11A27FA605DD20FFA ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
16:13:45.0455 0x1c1c ElRawDisk - ok
16:13:45.0547 0x1c1c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:13:45.0559 0x1c1c elxstor - ok
16:13:45.0583 0x1c1c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:13:45.0584 0x1c1c ErrDev - ok
16:13:45.0663 0x1c1c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:13:45.0676 0x1c1c EventSystem - ok
16:13:45.0778 0x1c1c [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:13:45.0806 0x1c1c EvtEng - ok
16:13:45.0872 0x1c1c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:13:45.0882 0x1c1c exfat - ok
16:13:45.0901 0x1c1c ezSharedSvc - ok
16:13:45.0937 0x1c1c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:13:45.0945 0x1c1c fastfat - ok
16:13:46.0030 0x1c1c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:13:46.0044 0x1c1c Fax - ok
16:13:46.0113 0x1c1c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:13:46.0117 0x1c1c fdc - ok
16:13:46.0150 0x1c1c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:13:46.0155 0x1c1c fdPHost - ok
16:13:46.0178 0x1c1c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:13:46.0184 0x1c1c FDResPub - ok
16:13:46.0228 0x1c1c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:13:46.0234 0x1c1c FileInfo - ok
16:13:46.0251 0x1c1c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:13:46.0255 0x1c1c Filetrace - ok
16:13:46.0363 0x1c1c [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:13:46.0379 0x1c1c FLEXnet Licensing Service - ok
16:13:46.0435 0x1c1c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:13:46.0436 0x1c1c flpydisk - ok
16:13:46.0453 0x1c1c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:13:46.0459 0x1c1c FltMgr - ok
16:13:46.0561 0x1c1c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
16:13:46.0586 0x1c1c FontCache - ok
16:13:46.0631 0x1c1c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:13:46.0635 0x1c1c FontCache3.0.0.0 - ok
16:13:46.0695 0x1c1c [ 2074A85A6B8F84A5A9C60B915B465FAF, 08848D6B5A7B9CCD3E6D4A35CCE93D32C2AE06D7D179C7B2EA9DAFC9DD91EC65 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:13:46.0703 0x1c1c FPLService - ok
16:13:46.0726 0x1c1c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:13:46.0729 0x1c1c FsDepends - ok
16:13:46.0811 0x1c1c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:13:46.0815 0x1c1c Fs_Rec - ok
16:13:46.0898 0x1c1c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:13:46.0913 0x1c1c fvevol - ok
16:13:46.0973 0x1c1c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:13:46.0979 0x1c1c gagp30kx - ok
16:13:47.0047 0x1c1c [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:13:47.0061 0x1c1c GamesAppService - ok
16:13:47.0121 0x1c1c [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:13:47.0126 0x1c1c GEARAspiWDM - ok
16:13:47.0233 0x1c1c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:13:47.0254 0x1c1c gpsvc - ok
16:13:47.0384 0x1c1c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:13:47.0394 0x1c1c gupdate - ok
16:13:47.0409 0x1c1c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:13:47.0414 0x1c1c gupdatem - ok
16:13:47.0479 0x1c1c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:13:47.0492 0x1c1c gusvc - ok
16:13:47.0540 0x1c1c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:13:47.0544 0x1c1c hcw85cir - ok
16:13:47.0611 0x1c1c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:13:47.0626 0x1c1c HdAudAddService - ok
16:13:47.0672 0x1c1c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:13:47.0676 0x1c1c HDAudBus - ok
16:13:47.0699 0x1c1c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:13:47.0701 0x1c1c HidBatt - ok
16:13:47.0721 0x1c1c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:13:47.0725 0x1c1c HidBth - ok
16:13:47.0790 0x1c1c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:13:47.0795 0x1c1c HidIr - ok
16:13:47.0824 0x1c1c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:13:47.0829 0x1c1c hidserv - ok
16:13:47.0904 0x1c1c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:13:47.0908 0x1c1c HidUsb - ok
16:13:47.0933 0x1c1c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:13:47.0943 0x1c1c hkmsvc - ok
16:13:47.0996 0x1c1c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:13:48.0002 0x1c1c HomeGroupListener - ok
16:13:48.0029 0x1c1c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:13:48.0035 0x1c1c HomeGroupProvider - ok
16:13:48.0128 0x1c1c [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:13:48.0130 0x1c1c HP Support Assistant Service - ok
16:13:48.0182 0x1c1c [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:13:48.0196 0x1c1c HPClientSvc - ok
16:13:48.0309 0x1c1c [ E040F0064D39F73BB4995D494F3DCBB8, F13369719673DC7E533931EDD07464E03146D9C226E8399A062CF9A70F5942A7 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:13:48.0329 0x1c1c hpCMSrv - ok
16:13:48.0363 0x1c1c [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:13:48.0364 0x1c1c hpdskflt - ok
16:13:48.0500 0x1c1c [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:13:48.0521 0x1c1c hpqwmiex - ok
16:13:48.0562 0x1c1c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:13:48.0564 0x1c1c HpSAMD - ok
16:13:48.0595 0x1c1c [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
16:13:48.0598 0x1c1c hpsrv - ok
16:13:48.0657 0x1c1c [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:13:48.0658 0x1c1c HPWMISVC - ok
16:13:48.0750 0x1c1c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:13:48.0767 0x1c1c HTTP - ok
16:13:48.0789 0x1c1c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:13:48.0791 0x1c1c hwpolicy - ok
16:13:48.0850 0x1c1c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:13:48.0853 0x1c1c i8042prt - ok
16:13:48.0919 0x1c1c [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:13:48.0930 0x1c1c iaStor - ok
16:13:49.0012 0x1c1c [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:13:49.0014 0x1c1c IAStorDataMgrSvc - ok
16:13:49.0096 0x1c1c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:13:49.0117 0x1c1c iaStorV - ok
16:13:49.0387 0x1c1c [ D72BF0AE484F88399E8343E821C10D6A, E8D78E61EEC80934396F233565DB5682B2475867C98F09C3CE3F906373A5C1A2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:13:49.0431 0x1c1c IconMan_R - ok
16:13:49.0521 0x1c1c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:13:49.0542 0x1c1c idsvc - ok
16:13:49.0563 0x1c1c IEEtwCollectorService - ok
16:13:49.0605 0x1c1c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:13:49.0610 0x1c1c iirsp - ok
16:13:49.0684 0x1c1c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:13:49.0701 0x1c1c IKEEXT - ok
16:13:49.0787 0x1c1c [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:13:49.0802 0x1c1c IntcDAud - ok
16:13:49.0827 0x1c1c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:13:49.0828 0x1c1c intelide - ok
16:13:50.0239 0x1c1c [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
16:13:50.0456 0x1c1c intelkmd - ok
16:13:50.0549 0x1c1c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:13:50.0551 0x1c1c intelppm - ok
16:13:50.0648 0x1c1c [ 3DC635B66DD7412E1C9C3A77B8D78F25, D3894065DA2D08744863ECC5EE9027A0E39711A6A56AAB599F1CAF4BB996F42A ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:13:50.0651 0x1c1c IntuitUpdateService - ok
16:13:50.0779 0x1c1c [ 01D805FAC2510E3C963EA4727B1E2F00, EDEC59524A7BFA44929AEF87BF34A7A46D8BC3E9C0C6607138E9014636629D56 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
16:13:50.0806 0x1c1c ioloSystemService - ok
16:13:50.0877 0x1c1c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:13:50.0888 0x1c1c IPBusEnum - ok
16:13:50.0931 0x1c1c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:13:50.0938 0x1c1c IpFilterDriver - ok
16:13:51.0013 0x1c1c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:13:51.0037 0x1c1c iphlpsvc - ok
16:13:51.0076 0x1c1c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:13:51.0083 0x1c1c IPMIDRV - ok
16:13:51.0120 0x1c1c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:13:51.0129 0x1c1c IPNAT - ok
16:13:51.0258 0x1c1c [ 50D6CCC6FF5561F9F56946B3E6164FB8, 27529E751D3CB13B651B54474F04A17DF5737AD0170CD41F601E779F90603D11 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:13:51.0281 0x1c1c iPod Service - ok
16:13:51.0323 0x1c1c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:13:51.0325 0x1c1c IRENUM - ok
16:13:51.0378 0x1c1c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:13:51.0381 0x1c1c isapnp - ok
16:13:51.0430 0x1c1c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:13:51.0444 0x1c1c iScsiPrt - ok

MH Lindsey · Oct 9, 2015

16:13:51.0469 0x1c1c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:13:51.0473 0x1c1c kbdclass - ok
16:13:51.0522 0x1c1c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:13:51.0526 0x1c1c kbdhid - ok
16:13:51.0575 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso C:\Windows\system32\lsass.exe
16:13:51.0580 0x1c1c KeyIso - ok
16:13:51.0607 0x1c1c [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:13:51.0609 0x1c1c KSecDD - ok
16:13:51.0626 0x1c1c [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:13:51.0629 0x1c1c KSecPkg - ok
16:13:51.0646 0x1c1c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:13:51.0647 0x1c1c ksthunk - ok
16:13:51.0679 0x1c1c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:13:51.0688 0x1c1c KtmRm - ok
16:13:51.0743 0x1c1c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:13:51.0750 0x1c1c LanmanServer - ok
16:13:51.0794 0x1c1c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:13:51.0811 0x1c1c LanmanWorkstation - ok
16:13:51.0865 0x1c1c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:13:51.0868 0x1c1c lltdio - ok
16:13:51.0906 0x1c1c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:13:51.0916 0x1c1c lltdsvc - ok
16:13:51.0958 0x1c1c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:13:51.0961 0x1c1c lmhosts - ok
16:13:52.0004 0x1c1c [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:13:52.0014 0x1c1c LMS - ok
16:13:52.0083 0x1c1c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:13:52.0092 0x1c1c LSI_FC - ok
16:13:52.0126 0x1c1c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:13:52.0135 0x1c1c LSI_SAS - ok
16:13:52.0161 0x1c1c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:13:52.0164 0x1c1c LSI_SAS2 - ok
16:13:52.0190 0x1c1c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:13:52.0195 0x1c1c LSI_SCSI - ok
16:13:52.0255 0x1c1c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:13:52.0263 0x1c1c luafv - ok
16:13:52.0380 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0393 0x1c1c McAfee SiteAdvisor Service - ok
16:13:52.0522 0x1c1c [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
16:13:52.0540 0x1c1c McComponentHostService - ok
16:13:52.0583 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0589 0x1c1c McMPFSvc - ok
16:13:52.0616 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0623 0x1c1c mcmscsvc - ok
16:13:52.0638 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0647 0x1c1c McNaiAnn - ok
16:13:52.0666 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0672 0x1c1c McNASvc - ok
16:13:52.0789 0x1c1c [ DD01BF24DD6BF70A90549F9A7BB2D1EB, F4F0C0B636F1C8A33B6AA985601B974BDE3416FC02AF3BFBEE287189278DAD31 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
16:13:52.0805 0x1c1c McODS - ok
16:13:52.0891 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:52.0904 0x1c1c McProxy - ok
16:13:52.0960 0x1c1c [ E998E3B12101288D716558466CBF6AE1, 77089927576541B32F525C2346E5AE63B472C725DBCBBF7A42318F1C14DFB4E5 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:13:52.0967 0x1c1c McShield - ok
16:13:53.0033 0x1c1c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:13:53.0044 0x1c1c Mcx2Svc - ok
16:13:53.0075 0x1c1c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:13:53.0078 0x1c1c megasas - ok
16:13:53.0113 0x1c1c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:13:53.0119 0x1c1c MegaSR - ok
16:13:53.0202 0x1c1c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:13:53.0204 0x1c1c MEIx64 - ok
16:13:53.0255 0x1c1c [ 01884CB7655C8908B43FF5E364FE6FD2, 6D033F42D1490B79275182FBBA5E15C531D31104CDB4AC396120880B78E862DE ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:13:53.0259 0x1c1c mfeapfk - ok
16:13:53.0361 0x1c1c [ DAB9A9CDFB04E4D68924492AA043019D, 79140283CD36A82AA875E637653D469E36440C79B1B4E5DB7BA28325904D60C0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:13:53.0376 0x1c1c mfeavfk - ok
16:13:53.0424 0x1c1c mfeavfk01 - ok
16:13:53.0467 0x1c1c [ B26782C3D6045B4464017D7926877560, F34C4A33E93A2F17105B61B637CCFC4551FA39857A97C6C613337F405CD7DC55 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:13:53.0480 0x1c1c mfefire - ok
16:13:53.0572 0x1c1c [ CE9A3680675C0907ADE16404CA967B49, 98DDCBB74C2CF350D99003769908A4D306E328D42F7AE7947C9F97D3E14800AA ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:13:53.0592 0x1c1c mfefirek - ok
16:13:53.0667 0x1c1c [ 60CF67458DD29CD17E77F2327B1A9A54, 803CEB205D56EF85C38698447099CEC499D3F8804BC8F2B7320C953978BAF81A ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:13:53.0690 0x1c1c mfehidk - ok
16:13:53.0711 0x1c1c [ A8129CFB919347F8533C934B365E9202, A1B84263714DFE92AF3C7D8DF5EBE5BBC7C96954337119BF9754676DDDE5DBED ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
16:13:53.0714 0x1c1c mfenlfk - ok
16:13:53.0785 0x1c1c [ 5041FA2BD2B3A2693B015771BFBF6DCA, 0765A1410F4182626570F8B7CB9FB2F7AF8E21AC806A0E51DAF4CAB87003C554 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:13:53.0792 0x1c1c mferkdet - ok
16:13:53.0847 0x1c1c [ 723A5EB6CEF7F408C3D0F15A82A6BFF8, 10D301327B29E753BE2774378DBF5FB878DAAEADB3D7853C99706BDC4A77C55F ] mfevtp C:\Windows\system32\mfevtps.exe
16:13:53.0859 0x1c1c mfevtp - ok
16:13:53.0896 0x1c1c [ 919C56DB14A0E1E2AB6DA5D2821DC26E, FE7D2897FFD664A45FE821785D540AC18679630B64F5A600AC545E1B00EC6582 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:13:53.0902 0x1c1c mfewfpk - ok
16:13:53.0922 0x1c1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:13:53.0925 0x1c1c MMCSS - ok
16:13:53.0952 0x1c1c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:13:53.0954 0x1c1c Modem - ok
16:13:53.0998 0x1c1c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:13:53.0999 0x1c1c monitor - ok
16:13:54.0064 0x1c1c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:13:54.0068 0x1c1c mouclass - ok
16:13:54.0127 0x1c1c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:13:54.0130 0x1c1c mouhid - ok
16:13:54.0172 0x1c1c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:13:54.0177 0x1c1c mountmgr - ok
16:13:54.0263 0x1c1c [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:13:54.0271 0x1c1c MozillaMaintenance - ok
16:13:54.0302 0x1c1c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:13:54.0306 0x1c1c mpio - ok
16:13:54.0366 0x1c1c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:13:54.0373 0x1c1c mpsdrv - ok
16:13:54.0424 0x1c1c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:13:54.0443 0x1c1c MpsSvc - ok
16:13:54.0484 0x1c1c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:13:54.0488 0x1c1c MRxDAV - ok
16:13:54.0517 0x1c1c [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:13:54.0521 0x1c1c mrxsmb - ok
16:13:54.0545 0x1c1c [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:13:54.0551 0x1c1c mrxsmb10 - ok
16:13:54.0571 0x1c1c [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:13:54.0574 0x1c1c mrxsmb20 - ok
16:13:54.0605 0x1c1c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:13:54.0606 0x1c1c msahci - ok
16:13:54.0637 0x1c1c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:13:54.0643 0x1c1c msdsm - ok
16:13:54.0673 0x1c1c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:13:54.0678 0x1c1c MSDTC - ok
16:13:54.0716 0x1c1c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:13:54.0717 0x1c1c Msfs - ok
16:13:54.0731 0x1c1c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:13:54.0732 0x1c1c mshidkmdf - ok
16:13:54.0759 0x1c1c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:13:54.0762 0x1c1c msisadrv - ok
16:13:54.0842 0x1c1c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:13:54.0856 0x1c1c MSiSCSI - ok
16:13:54.0865 0x1c1c msiserver - ok
16:13:54.0898 0x1c1c [ ACB01BF1A905356AB7F978C7FE852209, AC0B08FAFD992F81B94ACB8A58D1C510C8F218D29CEA496467EA5709F63410AB ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:13:54.0907 0x1c1c MSK80Service - ok
16:13:54.0947 0x1c1c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:13:54.0949 0x1c1c MSKSSRV - ok
16:13:54.0991 0x1c1c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:13:54.0993 0x1c1c MSPCLOCK - ok
16:13:55.0006 0x1c1c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:13:55.0008 0x1c1c MSPQM - ok
16:13:55.0041 0x1c1c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:13:55.0055 0x1c1c MsRPC - ok
16:13:55.0082 0x1c1c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:13:55.0083 0x1c1c mssmbios - ok
16:13:55.0142 0x1c1c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:13:55.0145 0x1c1c MSTEE - ok
16:13:55.0186 0x1c1c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:13:55.0189 0x1c1c MTConfig - ok
16:13:55.0211 0x1c1c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:13:55.0215 0x1c1c Mup - ok
16:13:55.0298 0x1c1c [ 8F57DB74BF5407A4CDA6C8B005DC8DD0, 07D8F8605DD8FCBB3404E3A35274C87E9EC78E402C11C3E809CB44C0EB516434 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:13:55.0309 0x1c1c MyWiFiDHCPDNS - ok
16:13:55.0355 0x1c1c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:13:55.0372 0x1c1c napagent - ok
16:13:55.0447 0x1c1c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:13:55.0457 0x1c1c NativeWifiP - ok
16:13:55.0517 0x1c1c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:13:55.0540 0x1c1c NDIS - ok
16:13:55.0587 0x1c1c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:13:55.0591 0x1c1c NdisCap - ok
16:13:55.0616 0x1c1c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:13:55.0619 0x1c1c NdisTapi - ok
16:13:55.0640 0x1c1c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:13:55.0645 0x1c1c Ndisuio - ok
16:13:55.0670 0x1c1c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:13:55.0681 0x1c1c NdisWan - ok
16:13:55.0705 0x1c1c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:13:55.0708 0x1c1c NDProxy - ok
16:13:55.0752 0x1c1c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:13:55.0754 0x1c1c NetBIOS - ok
16:13:55.0783 0x1c1c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:13:55.0791 0x1c1c NetBT - ok
16:13:55.0809 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon C:\Windows\system32\lsass.exe
16:13:55.0813 0x1c1c Netlogon - ok
16:13:55.0912 0x1c1c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:13:55.0932 0x1c1c Netman - ok
16:13:55.0988 0x1c1c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:55.0992 0x1c1c NetMsmqActivator - ok
16:13:55.0997 0x1c1c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:56.0001 0x1c1c NetPipeActivator - ok
16:13:56.0050 0x1c1c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:13:56.0061 0x1c1c netprofm - ok
16:13:56.0071 0x1c1c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:56.0074 0x1c1c NetTcpActivator - ok
16:13:56.0080 0x1c1c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:13:56.0083 0x1c1c NetTcpPortSharing - ok
16:13:56.0380 0x1c1c [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:13:56.0532 0x1c1c NETwNs64 - ok
16:13:56.0678 0x1c1c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:13:56.0682 0x1c1c nfrd960 - ok
16:13:56.0728 0x1c1c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:13:56.0740 0x1c1c NlaSvc - ok
16:13:56.0756 0x1c1c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:13:56.0759 0x1c1c Npfs - ok
16:13:56.0794 0x1c1c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:13:56.0799 0x1c1c nsi - ok
16:13:56.0810 0x1c1c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:13:56.0812 0x1c1c nsiproxy - ok
16:13:56.0892 0x1c1c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:13:56.0922 0x1c1c Ntfs - ok
16:13:56.0992 0x1c1c [ 317020D31F1696334679B9D0416EB62E, 7A12A86FAD9F3767B8578D5A79B7AE109E3FADC8FD876A8A326FCC70D83D4E7E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
16:13:56.0994 0x1c1c NuidFltr - ok
16:13:57.0019 0x1c1c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:13:57.0020 0x1c1c Null - ok
16:13:57.0076 0x1c1c [ 9A33100AC62A0463C49E47EE8E77083A, A4DD5329448A684E4EC83AEC229DA468E074D54BCBDBB6D938274B46202CDA18 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:13:57.0084 0x1c1c nusb3hub - ok
16:13:57.0124 0x1c1c [ 87C321F7BEE646B7EC6EEDD6EB725741, C21067F40656588203B8C938857B5598D201C59BD69F47715EF21EEE536BB882 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:13:57.0134 0x1c1c nusb3xhc - ok
16:13:57.0221 0x1c1c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:13:57.0242 0x1c1c NVENETFD - ok
16:13:57.0305 0x1c1c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:13:57.0314 0x1c1c nvraid - ok
16:13:57.0342 0x1c1c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:13:57.0351 0x1c1c nvstor - ok
16:13:57.0374 0x1c1c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:13:57.0381 0x1c1c nv_agp - ok
16:13:57.0411 0x1c1c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:13:57.0416 0x1c1c ohci1394 - ok
16:13:57.0484 0x1c1c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:13:57.0492 0x1c1c ose - ok
16:13:57.0685 0x1c1c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:13:57.0773 0x1c1c osppsvc - ok
16:13:57.0804 0x1c1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:13:57.0812 0x1c1c p2pimsvc - ok
16:13:57.0832 0x1c1c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:13:57.0843 0x1c1c p2psvc - ok
16:13:57.0873 0x1c1c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:13:57.0875 0x1c1c Parport - ok
16:13:57.0905 0x1c1c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:13:57.0907 0x1c1c partmgr - ok
16:13:58.0011 0x1c1c [ 8AA434597BF8C129209BD9FF4835EAEF, 819F0EA6B7144F03BC0FFCE071B73EB727A0B7584A5DEEC4F7049856516E5E46 ] PasswordBox C:\Program Files (x86)\PasswordBox\pbbtnService.exe
16:13:58.0016 0x1c1c PasswordBox - ok
16:13:58.0068 0x1c1c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:13:58.0087 0x1c1c PcaSvc - ok
16:13:58.0124 0x1c1c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:13:58.0130 0x1c1c pci - ok
16:13:58.0157 0x1c1c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:13:58.0158 0x1c1c pciide - ok
16:13:58.0183 0x1c1c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:13:58.0188 0x1c1c pcmcia - ok
16:13:58.0220 0x1c1c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:13:58.0222 0x1c1c pcw - ok
16:13:58.0242 0x1c1c [ 8570C04D9DBFDDD2CCF655DEB4D84715, FF2A810A1395EC134154528640152306425163EAB4A8E71D6F506758487D2B6D ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
16:13:58.0244 0x1c1c PDFsFilter - ok
16:13:58.0283 0x1c1c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:13:58.0295 0x1c1c PEAUTH - ok
16:13:58.0392 0x1c1c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:13:58.0400 0x1c1c PerfHost - ok
16:13:58.0491 0x1c1c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:13:58.0518 0x1c1c pla - ok
16:13:58.0593 0x1c1c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:13:58.0604 0x1c1c PlugPlay - ok
16:13:58.0625 0x1c1c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:13:58.0628 0x1c1c PNRPAutoReg - ok
16:13:58.0649 0x1c1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:13:58.0657 0x1c1c PNRPsvc - ok
16:13:58.0707 0x1c1c [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:13:58.0711 0x1c1c Point64 - ok
16:13:58.0793 0x1c1c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:13:58.0813 0x1c1c PolicyAgent - ok
16:13:58.0843 0x1c1c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:13:58.0849 0x1c1c Power - ok
16:13:58.0882 0x1c1c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:13:58.0885 0x1c1c PptpMiniport - ok
16:13:58.0907 0x1c1c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:13:58.0909 0x1c1c Processor - ok
16:13:58.0959 0x1c1c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:13:58.0965 0x1c1c ProfSvc - ok
16:13:58.0987 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:13:58.0990 0x1c1c ProtectedStorage - ok
16:13:59.0035 0x1c1c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:13:59.0046 0x1c1c Psched - ok
16:13:59.0112 0x1c1c [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:13:59.0117 0x1c1c PxHlpa64 - ok
16:13:59.0256 0x1c1c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:13:59.0285 0x1c1c ql2300 - ok
16:13:59.0312 0x1c1c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:13:59.0315 0x1c1c ql40xx - ok
16:13:59.0345 0x1c1c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:13:59.0352 0x1c1c QWAVE - ok
16:13:59.0376 0x1c1c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:13:59.0378 0x1c1c QWAVEdrv - ok
16:13:59.0391 0x1c1c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:13:59.0392 0x1c1c RasAcd - ok
16:13:59.0418 0x1c1c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:13:59.0423 0x1c1c RasAgileVpn - ok
16:13:59.0446 0x1c1c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:13:59.0453 0x1c1c RasAuto - ok
16:13:59.0476 0x1c1c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:13:59.0481 0x1c1c Rasl2tp - ok
16:13:59.0507 0x1c1c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:13:59.0523 0x1c1c RasMan - ok
16:13:59.0540 0x1c1c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:13:59.0542 0x1c1c RasPppoe - ok
16:13:59.0568 0x1c1c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:13:59.0570 0x1c1c RasSstp - ok
16:13:59.0591 0x1c1c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:13:59.0597 0x1c1c rdbss - ok
16:13:59.0616 0x1c1c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:13:59.0617 0x1c1c rdpbus - ok
16:13:59.0657 0x1c1c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:13:59.0660 0x1c1c RDPCDD - ok
16:13:59.0688 0x1c1c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:13:59.0690 0x1c1c RDPENCDD - ok
16:13:59.0706 0x1c1c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:13:59.0708 0x1c1c RDPREFMP - ok
16:13:59.0761 0x1c1c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:13:59.0769 0x1c1c RDPWD - ok
16:13:59.0858 0x1c1c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:13:59.0867 0x1c1c rdyboost - ok
16:13:59.0962 0x1c1c [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:13:59.0985 0x1c1c RegSrvc - ok
16:14:00.0011 0x1c1c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:14:00.0015 0x1c1c RemoteAccess - ok
16:14:00.0039 0x1c1c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:14:00.0044 0x1c1c RemoteRegistry - ok
16:14:00.0114 0x1c1c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:14:00.0126 0x1c1c RFCOMM - ok
16:14:00.0185 0x1c1c [ 085D18C71AB2611A3D61528132B6501E, 2AD2DD88EBD8C498E3043CDAA37E83C69F7FE2FD6B65524F631527555B80C112 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
16:14:00.0198 0x1c1c RoxioNow Service - ok
16:14:00.0224 0x1c1c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:14:00.0229 0x1c1c RpcEptMapper - ok
16:14:00.0255 0x1c1c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:14:00.0258 0x1c1c RpcLocator - ok
16:14:00.0288 0x1c1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:14:00.0305 0x1c1c RpcSs - ok
16:14:00.0419 0x1c1c [ 1F5E7AF59B390261A85F5BEDB1BB88B3, 8A0B23EED74475E6790EF03E54B53BB964A0EC08ADF28BD6AAFA9CF6BE6F20DA ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:14:00.0433 0x1c1c RSPCIESTOR - ok
16:14:00.0470 0x1c1c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:14:00.0473 0x1c1c rspndr - ok
16:14:00.0550 0x1c1c [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:14:00.0558 0x1c1c RTL8167 - ok

MH Lindsey · Oct 9, 2015

16:14:00.0576 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs C:\Windows\system32\lsass.exe
16:14:00.0579 0x1c1c SamSs - ok
16:14:00.0609 0x1c1c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:14:00.0612 0x1c1c sbp2port - ok
16:14:00.0636 0x1c1c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:14:00.0644 0x1c1c SCardSvr - ok
16:14:00.0661 0x1c1c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:14:00.0663 0x1c1c scfilter - ok
16:14:00.0721 0x1c1c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
16:14:00.0743 0x1c1c Schedule - ok
16:14:00.0772 0x1c1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:14:00.0774 0x1c1c SCPolicySvc - ok
16:14:00.0828 0x1c1c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:14:00.0837 0x1c1c sdbus - ok
16:14:00.0873 0x1c1c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:14:00.0881 0x1c1c SDRSVC - ok
16:14:00.0952 0x1c1c [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:14:00.0968 0x1c1c SeaPort - ok
16:14:01.0031 0x1c1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:14:01.0035 0x1c1c secdrv - ok
16:14:01.0094 0x1c1c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:14:01.0105 0x1c1c seclogon - ok
16:14:01.0137 0x1c1c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:14:01.0143 0x1c1c SENS - ok
16:14:01.0169 0x1c1c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:14:01.0175 0x1c1c SensrSvc - ok
16:14:01.0219 0x1c1c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:14:01.0223 0x1c1c Serenum - ok
16:14:01.0252 0x1c1c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
16:14:01.0259 0x1c1c Serial - ok
16:14:01.0327 0x1c1c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:14:01.0331 0x1c1c sermouse - ok
16:14:01.0382 0x1c1c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:14:01.0390 0x1c1c SessionEnv - ok
16:14:01.0417 0x1c1c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:14:01.0419 0x1c1c sffdisk - ok
16:14:01.0445 0x1c1c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:14:01.0447 0x1c1c sffp_mmc - ok
16:14:01.0464 0x1c1c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:14:01.0466 0x1c1c sffp_sd - ok
16:14:01.0511 0x1c1c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:14:01.0515 0x1c1c sfloppy - ok
16:14:01.0607 0x1c1c [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:14:01.0626 0x1c1c Sftfs - ok
16:14:01.0727 0x1c1c [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:14:01.0737 0x1c1c sftlist - ok
16:14:01.0786 0x1c1c [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:14:01.0804 0x1c1c Sftplay - ok
16:14:01.0832 0x1c1c [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:14:01.0834 0x1c1c Sftredir - ok
16:14:01.0850 0x1c1c [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:14:01.0851 0x1c1c Sftvol - ok
16:14:01.0873 0x1c1c [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:14:01.0878 0x1c1c sftvsa - ok
16:14:01.0919 0x1c1c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:14:01.0930 0x1c1c SharedAccess - ok
16:14:01.0957 0x1c1c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:14:01.0967 0x1c1c ShellHWDetection - ok
16:14:02.0020 0x1c1c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:14:02.0025 0x1c1c SiSRaid2 - ok
16:14:02.0057 0x1c1c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:14:02.0061 0x1c1c SiSRaid4 - ok
16:14:02.0188 0x1c1c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:14:02.0203 0x1c1c SkypeUpdate - ok
16:14:02.0250 0x1c1c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:14:02.0254 0x1c1c Smb - ok
16:14:02.0319 0x1c1c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:14:02.0324 0x1c1c SNMPTRAP - ok
16:14:02.0333 0x1c1c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:14:02.0335 0x1c1c spldr - ok
16:14:02.0383 0x1c1c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:14:02.0403 0x1c1c Spooler - ok
16:14:02.0545 0x1c1c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:14:02.0611 0x1c1c sppsvc - ok
16:14:02.0637 0x1c1c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:14:02.0640 0x1c1c sppuinotify - ok
16:14:02.0676 0x1c1c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:14:02.0685 0x1c1c srv - ok
16:14:02.0703 0x1c1c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:14:02.0712 0x1c1c srv2 - ok
16:14:02.0785 0x1c1c [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:14:02.0801 0x1c1c SrvHsfHDA - ok
16:14:02.0855 0x1c1c [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:14:02.0881 0x1c1c SrvHsfV92 - ok
16:14:02.0913 0x1c1c [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:14:02.0927 0x1c1c SrvHsfWinac - ok
16:14:02.0955 0x1c1c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:14:02.0959 0x1c1c srvnet - ok
16:14:03.0023 0x1c1c [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
16:14:03.0034 0x1c1c sscdbus - ok
16:14:03.0074 0x1c1c [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
16:14:03.0076 0x1c1c sscdmdfl - ok
16:14:03.0104 0x1c1c [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
16:14:03.0112 0x1c1c sscdmdm - ok
16:14:03.0143 0x1c1c [ 05FFA552F578E27AB2D41B6828DB477F, F3292A431D656C039F4300AA584FA13F26A69B351C2F903B3E47CEF464A6233A ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
16:14:03.0150 0x1c1c sscdserd - ok
16:14:03.0183 0x1c1c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:14:03.0190 0x1c1c SSDPSRV - ok
16:14:03.0208 0x1c1c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:14:03.0212 0x1c1c SstpSvc - ok
16:14:03.0405 0x1c1c [ 20E27AA5BCC01C2149830C05FE22F675, F4A8154229B5EB07B379064047EEDDA54A9396421E1FEEFA2FF3077091D3870F ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:14:03.0413 0x1c1c STacSV - ok
16:14:03.0444 0x1c1c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:14:03.0446 0x1c1c stexstor - ok
16:14:03.0510 0x1c1c [ BEB37CE4E7456F5EFA52D783D1E06D8C, A6E202412FB904CCA86A1D9EDD600EC247460B1A31243325FC8747D39A456B79 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:14:03.0520 0x1c1c STHDA - ok
16:14:03.0576 0x1c1c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
16:14:03.0578 0x1c1c StillCam - ok
16:14:03.0670 0x1c1c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:14:03.0684 0x1c1c stisvc - ok
16:14:03.0698 0x1c1c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:14:03.0699 0x1c1c swenum - ok
16:14:03.0761 0x1c1c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:14:03.0773 0x1c1c swprv - ok
16:14:03.0863 0x1c1c [ C447977ED2A4AE9346FE3A0579A34D7C, 35A8F13AAB57549BBC1457AD86F44FEF2394E55841A1D6D6C5E029310E02F377 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:14:03.0889 0x1c1c SynTP - ok
16:14:03.0963 0x1c1c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
16:14:04.0003 0x1c1c SysMain - ok
16:14:04.0035 0x1c1c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:14:04.0040 0x1c1c TabletInputService - ok
16:14:04.0062 0x1c1c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:14:04.0071 0x1c1c TapiSrv - ok
16:14:04.0086 0x1c1c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:14:04.0090 0x1c1c TBS - ok
16:14:04.0168 0x1c1c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:14:04.0203 0x1c1c Tcpip - ok
16:14:04.0265 0x1c1c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:14:04.0299 0x1c1c TCPIP6 - ok
16:14:04.0348 0x1c1c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:14:04.0349 0x1c1c tcpipreg - ok
16:14:04.0376 0x1c1c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:14:04.0378 0x1c1c TDPIPE - ok
16:14:04.0412 0x1c1c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:14:04.0416 0x1c1c TDTCP - ok
16:14:04.0457 0x1c1c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:14:04.0466 0x1c1c tdx - ok
16:14:04.0521 0x1c1c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:14:04.0528 0x1c1c TermDD - ok
16:14:04.0606 0x1c1c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:14:04.0632 0x1c1c TermService - ok
16:14:04.0667 0x1c1c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:14:04.0671 0x1c1c Themes - ok
16:14:04.0701 0x1c1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:14:04.0704 0x1c1c THREADORDER - ok
16:14:04.0724 0x1c1c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:14:04.0730 0x1c1c TrkWks - ok
16:14:04.0813 0x1c1c [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
16:14:04.0818 0x1c1c TrueSight - ok
16:14:04.0889 0x1c1c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:14:04.0900 0x1c1c TrustedInstaller - ok
16:14:04.0931 0x1c1c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:14:04.0934 0x1c1c tssecsrv - ok
16:14:04.0992 0x1c1c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:14:04.0998 0x1c1c TsUsbFlt - ok
16:14:05.0025 0x1c1c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:14:05.0027 0x1c1c TsUsbGD - ok
16:14:05.0096 0x1c1c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:14:05.0107 0x1c1c tunnel - ok
16:14:05.0149 0x1c1c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:14:05.0152 0x1c1c uagp35 - ok
16:14:05.0182 0x1c1c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:14:05.0193 0x1c1c udfs - ok
16:14:05.0226 0x1c1c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:14:05.0230 0x1c1c UI0Detect - ok
16:14:05.0243 0x1c1c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:14:05.0245 0x1c1c uliagpkx - ok
16:14:05.0313 0x1c1c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:14:05.0319 0x1c1c umbus - ok
16:14:05.0372 0x1c1c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:14:05.0373 0x1c1c UmPass - ok
16:14:05.0537 0x1c1c [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:14:05.0583 0x1c1c UNS - ok
16:14:05.0614 0x1c1c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:14:05.0623 0x1c1c upnphost - ok
16:14:05.0673 0x1c1c [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:14:05.0677 0x1c1c USBAAPL64 - ok
16:14:05.0705 0x1c1c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:14:05.0710 0x1c1c usbccgp - ok
16:14:05.0780 0x1c1c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:14:05.0789 0x1c1c usbcir - ok
16:14:05.0829 0x1c1c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:14:05.0833 0x1c1c usbehci - ok
16:14:05.0880 0x1c1c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:14:05.0891 0x1c1c usbhub - ok
16:14:05.0909 0x1c1c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:14:05.0910 0x1c1c usbohci - ok
16:14:05.0963 0x1c1c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:14:05.0968 0x1c1c usbprint - ok
16:14:06.0038 0x1c1c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:14:06.0043 0x1c1c usbscan - ok
16:14:06.0076 0x1c1c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:14:06.0084 0x1c1c USBSTOR - ok
16:14:06.0121 0x1c1c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:14:06.0124 0x1c1c usbuhci - ok
16:14:06.0192 0x1c1c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:14:06.0199 0x1c1c usbvideo - ok
16:14:06.0230 0x1c1c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:14:06.0236 0x1c1c UxSms - ok
16:14:06.0255 0x1c1c [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc C:\Windows\system32\lsass.exe
16:14:06.0259 0x1c1c VaultSvc - ok
16:14:06.0284 0x1c1c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:14:06.0286 0x1c1c vdrvroot - ok
16:14:06.0325 0x1c1c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:14:06.0344 0x1c1c vds - ok
16:14:06.0405 0x1c1c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:14:06.0409 0x1c1c vga - ok
16:14:06.0429 0x1c1c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:14:06.0432 0x1c1c VgaSave - ok
16:14:06.0472 0x1c1c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:14:06.0482 0x1c1c vhdmp - ok
16:14:06.0508 0x1c1c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:14:06.0509 0x1c1c viaide - ok
16:14:06.0560 0x1c1c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:14:06.0567 0x1c1c volmgr - ok
16:14:06.0598 0x1c1c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:14:06.0611 0x1c1c volmgrx - ok
16:14:06.0640 0x1c1c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:14:06.0646 0x1c1c volsnap - ok
16:14:06.0697 0x1c1c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:14:06.0700 0x1c1c vsmraid - ok
16:14:06.0776 0x1c1c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:14:06.0808 0x1c1c VSS - ok
16:14:06.0820 0x1c1c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:14:06.0822 0x1c1c vwifibus - ok
16:14:06.0877 0x1c1c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:14:06.0879 0x1c1c vwififlt - ok
16:14:06.0897 0x1c1c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:14:06.0901 0x1c1c vwifimp - ok
16:14:06.0946 0x1c1c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:14:06.0955 0x1c1c W32Time - ok
16:14:06.0971 0x1c1c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:14:06.0972 0x1c1c WacomPen - ok
16:14:07.0035 0x1c1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:14:07.0043 0x1c1c WANARP - ok
16:14:07.0058 0x1c1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:14:07.0062 0x1c1c Wanarpv6 - ok
16:14:07.0165 0x1c1c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:14:07.0191 0x1c1c WatAdminSvc - ok
16:14:07.0261 0x1c1c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:14:07.0290 0x1c1c wbengine - ok
16:14:07.0316 0x1c1c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:14:07.0323 0x1c1c WbioSrvc - ok
16:14:07.0345 0x1c1c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:14:07.0354 0x1c1c wcncsvc - ok
16:14:07.0372 0x1c1c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:14:07.0376 0x1c1c WcsPlugInService - ok
16:14:07.0410 0x1c1c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:14:07.0412 0x1c1c Wd - ok
16:14:07.0484 0x1c1c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:14:07.0499 0x1c1c Wdf01000 - ok
16:14:07.0528 0x1c1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:14:07.0533 0x1c1c WdiServiceHost - ok
16:14:07.0537 0x1c1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:14:07.0542 0x1c1c WdiSystemHost - ok
16:14:07.0598 0x1c1c [ 5E1640435DD54D00451156CA5340B109, 414044DAA1ACA5161CEF9D48F9796B1C10E350C187A1CE0703E432E9D6248259 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
16:14:07.0603 0x1c1c wdkmd - ok
16:14:07.0657 0x1c1c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
16:14:07.0673 0x1c1c WebClient - ok
16:14:07.0709 0x1c1c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:14:07.0716 0x1c1c Wecsvc - ok
16:14:07.0728 0x1c1c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:14:07.0733 0x1c1c wercplsupport - ok
16:14:07.0772 0x1c1c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:14:07.0776 0x1c1c WerSvc - ok
16:14:07.0823 0x1c1c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:14:07.0827 0x1c1c WfpLwf - ok
16:14:07.0842 0x1c1c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:14:07.0845 0x1c1c WIMMount - ok
16:14:07.0877 0x1c1c WinDefend - ok
16:14:07.0907 0x1c1c WinHttpAutoProxySvc - ok
16:14:07.0987 0x1c1c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:14:08.0003 0x1c1c Winmgmt - ok
16:14:08.0129 0x1c1c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:14:08.0168 0x1c1c WinRM - ok
16:14:08.0213 0x1c1c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
16:14:08.0215 0x1c1c WinUsb - ok
16:14:08.0277 0x1c1c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:14:08.0299 0x1c1c Wlansvc - ok
16:14:08.0386 0x1c1c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:14:08.0391 0x1c1c wlcrasvc - ok
16:14:08.0562 0x1c1c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:14:08.0604 0x1c1c wlidsvc - ok
16:14:08.0663 0x1c1c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:14:08.0665 0x1c1c WmiAcpi - ok
16:14:08.0693 0x1c1c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:14:08.0698 0x1c1c wmiApSrv - ok
16:14:08.0719 0x1c1c WMPNetworkSvc - ok
16:14:08.0768 0x1c1c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:14:08.0780 0x1c1c WPCSvc - ok
16:14:08.0813 0x1c1c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:14:08.0830 0x1c1c WPDBusEnum - ok
16:14:08.0851 0x1c1c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:14:08.0853 0x1c1c ws2ifsl - ok
16:14:08.0868 0x1c1c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:14:08.0873 0x1c1c wscsvc - ok
16:14:08.0914 0x1c1c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:14:08.0915 0x1c1c WSDPrintDevice - ok
16:14:08.0945 0x1c1c [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
16:14:08.0949 0x1c1c WSDScan - ok
16:14:08.0955 0x1c1c WSearch - ok
16:14:09.0092 0x1c1c [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv C:\Windows\system32\wuaueng.dll
16:14:09.0142 0x1c1c wuauserv - ok
16:14:09.0182 0x1c1c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:14:09.0185 0x1c1c WudfPf - ok
16:14:09.0234 0x1c1c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
16:14:09.0248 0x1c1c WUDFRd - ok
16:14:09.0269 0x1c1c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:14:09.0274 0x1c1c wudfsvc - ok
16:14:09.0304 0x1c1c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:14:09.0312 0x1c1c WwanSvc - ok
16:14:09.0357 0x1c1c ================ Scan global ===============================
16:14:09.0393 0x1c1c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:14:09.0431 0x1c1c [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
16:14:09.0466 0x1c1c [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
16:14:09.0511 0x1c1c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:14:09.0566 0x1c1c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:14:09.0585 0x1c1c [ Global ] - ok
16:14:09.0586 0x1c1c ================ Scan MBR ==================================
16:14:09.0598 0x1c1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:14:09.0839 0x1c1c \Device\Harddisk0\DR0 - ok
16:14:09.0840 0x1c1c ================ Scan VBR ==================================
16:14:09.0844 0x1c1c [ 72F8FDA7BFBB71F249B7CA687FF58AFA ] \Device\Harddisk0\DR0\Partition1
16:14:09.0847 0x1c1c \Device\Harddisk0\DR0\Partition1 - ok
16:14:09.0852 0x1c1c [ 22FCC9E22516C663AE3E73BF744A71FD ] \Device\Harddisk0\DR0\Partition2
16:14:09.0854 0x1c1c \Device\Harddisk0\DR0\Partition2 - ok
16:14:09.0860 0x1c1c [ DB4FE8A8685DC74D266C20228FFB8816 ] \Device\Harddisk0\DR0\Partition3
16:14:09.0863 0x1c1c \Device\Harddisk0\DR0\Partition3 - ok
16:14:09.0863 0x1c1c ================ Scan generic autorun ======================
16:14:09.0905 0x1c1c [ E5E36F473EE6C78D59BD146AEA72126E, 53C5C5885C96D7CEA9983ECF857D35E0DEF5882C041AB3BFA9FA855E6B15512C ] C:\Windows\system32\igfxtray.exe
16:14:09.0918 0x1c1c IgfxTray - ok
16:14:09.0975 0x1c1c [ B344EFF1EF4B8B38E62285C879DEEF15, 0D5CF8C9DD4ADFDF8F7A98A15157B96BF8D719B20939DE3A5BDE557534AA211C ] C:\Windows\system32\hkcmd.exe
16:14:09.0999 0x1c1c HotKeysCmds - ok
16:14:10.0023 0x1c1c [ C08DE420FED6773828CEB64E38D5CE73, C08C01711D625386145802FD0E627DF5D22BCBBA7F0FACAA22BC1977176DF3EC ] C:\Windows\system32\igfxpers.exe
16:14:10.0032 0x1c1c Persistence - ok
16:14:10.0033 0x1c1c SynTPEnh - ok
16:14:10.0196 0x1c1c [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
16:14:10.0239 0x1c1c IntelliPoint - ok
16:14:10.0333 0x1c1c [ 1D0F1F7A17293ED2AC88FC356EA4FDB4, FA722A8F7ACE0DACEE5360370CA2F9CA3FC19C0ED172B7A743AAACC050E2460B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
16:14:10.0367 0x1c1c IntelPAN - ok
16:14:10.0420 0x1c1c [ 96655903769E4996A0988769837E39FD, EDF69C3187F3111F58433159B475E572D5DDDA223E81AFD2A3061593959E7B19 ] C:\Program Files\IDT\WDM\sttray64.exe
16:14:10.0441 0x1c1c SysTrayApp - ok
16:14:10.0552 0x1c1c [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
16:14:10.0554 0x1c1c NCPluginUpdater - ok
16:14:10.0600 0x1c1c [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:14:10.0613 0x1c1c IAStorIcon - ok
16:14:10.0713 0x1c1c [ A0C65EA48C515771F29915C221E51908, 0F95F30A4A5393BA0F116CB70F5ED7ABA223F1D05718AD0F3AD6025D74B0675E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:14:10.0735 0x1c1c StartCCC - ok
16:14:10.0811 0x1c1c [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
16:14:10.0819 0x1c1c NUSB3MON - ok
16:14:10.0916 0x1c1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:10.0941 0x1c1c Sidebar - ok
16:14:10.0988 0x1c1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:10.0995 0x1c1c mctadmin - ok
16:14:11.0046 0x1c1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:14:11.0068 0x1c1c Sidebar - ok
16:14:11.0073 0x1c1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:14:11.0077 0x1c1c mctadmin - ok
16:14:11.0077 0x1c1c Waiting for KSN requests completion. In queue: 158
16:14:12.0077 0x1c1c Waiting for KSN requests completion. In queue: 158
16:14:13.0077 0x1c1c Waiting for KSN requests completion. In queue: 158
16:14:14.0077 0x1c1c Waiting for KSN requests completion. In queue: 158
16:14:15.0090 0x1c1c AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.0.0.0 ), 0x50010 ( disabled : outofdate )
16:14:15.0093 0x1c1c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
16:14:15.0096 0x1c1c AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.6086 ), 0x40000 ( disabled : updated )
16:14:15.0103 0x1c1c FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.0.0.0 ), 0x51010 ( enabled )
16:14:17.0848 0x1c1c ============================================================
16:14:17.0848 0x1c1c Scan finished
16:14:17.0848 0x1c1c ============================================================
16:14:17.0863 0x1828 Detected object count: 0
16:14:17.0863 0x1828 Actual detected object count: 0

Broni · Oct 9, 2015

Good

It looks like MBAM took care of it.

Let's double check.

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download

Malwarebytes Anti-Rootkit (MBAR) to your desktop.

Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Double click on downloaded file. OK self extracting prompt.
MBAR will start. Click "Next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
- "mbar-log-{date} (xx-xx-xx).txt"
- "system-log.txt"

NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

MH Lindsey · Oct 9, 2015

Restore point instruction want me to go to Computer>Properties - but the menu options remain unaccessable.

Broni · Oct 9, 2015

Skip restore point.

MH Lindsey · Oct 9, 2015

The scan finished - screen said there were no issues - then it closed and did not generate any reports

Broni · Oct 9, 2015

OK...

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.
Close any open browsers.
Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix.
Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

Double-click on the Rkill desktop icon to run the tool.
If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

MH Lindsey · Oct 9, 2015

---------------------------------------
found this after reboot on the desktop - its in a folder - this is the only readable file I can find.
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18015

Java version: 1.6.0_30

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 8535261184, free: 5785088000

Downloaded database version: v2015.10.09.07
Downloaded database version: v2015.10.06.01
Downloaded database version: v2015.10.09.01
=======================================

Broni · Oct 9, 2015

That's fine. Go ahead with Combofix.

MH Lindsey · Oct 9, 2015

ComboFix 15-10-09.01 - Jacqueline 10/09/2015 19:32:53.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8140.5669 [GMT -7:00]
Running from: c:\users\Jacqueline\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Jacqueline\0001.bmp
c:\users\Jacqueline\0002.bmp
c:\users\Jacqueline\0003.bmp
c:\users\Jacqueline\0004.bmp
c:\users\Jacqueline\0005.bmp
c:\users\Jacqueline\0006.bmp
c:\users\Jacqueline\0007.bmp
c:\users\Jacqueline\0008.bmp
c:\users\Jacqueline\0009.bmp
c:\users\Jacqueline\0010.bmp
c:\users\Jacqueline\0011.bmp
c:\users\Jacqueline\0012.bmp
c:\users\Jacqueline\0013.bmp
c:\users\Jacqueline\0014.bmp
c:\users\Jacqueline\0015.bmp
c:\users\Jacqueline\0016.bmp
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\075884af680ff6dc.fb
c:\windows\SysWow64\Cache\227113dfa1ca894d.fb
c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb
c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb
c:\windows\SysWow64\Cache\633a76311867bd11.fb
c:\windows\SysWow64\Cache\691f14230153a9e1.fb
c:\windows\SysWow64\Cache\6cb409d7ac73d9f1.fb
c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb
c:\windows\SysWow64\Cache\77664b6ccc36be9f.fb
c:\windows\SysWow64\Cache\881b3593316772f0.fb
c:\windows\SysWow64\Cache\98657d0579ae1930.fb
c:\windows\SysWow64\Cache\d5c0f4e7bbe35bf3.fb
c:\windows\SysWow64\Cache\d9ca663388d21ec0.fb
c:\windows\SysWow64\Cache\db56fc7f3eb56a73.fb
c:\windows\SysWow64\Cache\f2cda51fd108941f.fb
c:\windows\SysWow64\Cache\f34d8db84131d925.fb
.
.
((((((((((((((((((((((((( Files Created from 2015-09-10 to 2015-10-10 )))))))))))))))))))))))))))))))
.
.
2015-10-10 02:42 . 2015-10-10 02:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-10 02:42 . 2015-10-10 02:42 -------- d-----w- c:\users\MS Admin\AppData\Local\temp
2015-10-10 01:31 . 2015-10-10 01:31 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA8C4FAE-97BA-4F4A-8663-A55E9E02D983}\offreg.3924.dll
2015-10-10 00:41 . 2015-10-10 01:22 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-10 00:39 . 2015-10-10 01:22 -------- d-----w- C:\mbar
2015-10-09 22:34 . 2015-09-16 12:43 11062400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA8C4FAE-97BA-4F4A-8663-A55E9E02D983}\mpengine.dll
2015-10-08 22:12 . 2015-10-08 22:18 -------- d-----w- C:\AdwCleaner
2015-10-08 01:37 . 2015-10-08 01:37 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-10-08 01:37 . 2015-10-08 02:05 -------- d-----w- c:\programdata\RogueKiller
2015-10-08 01:27 . 2015-02-03 03:30 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-10-07 19:47 . 2015-07-15 03:17 2048 ----a-w- c:\windows\system32\tzres.dll
2015-10-07 19:42 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll
2015-10-07 19:41 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2015-10-07 19:40 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2015-10-07 19:40 . 2015-06-25 10:01 1941504 ----a-w- c:\windows\system32\authui.dll
2015-10-07 19:40 . 2015-06-25 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-10-07 19:40 . 2015-06-25 10:01 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-10-07 19:37 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-10-07 19:37 . 2015-09-02 03:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-10-07 19:37 . 2015-09-02 03:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-10-07 19:37 . 2015-09-02 03:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-10-07 19:37 . 2015-09-02 02:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-10-07 19:37 . 2015-09-02 02:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-10-07 19:37 . 2015-09-02 02:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-10-07 19:37 . 2015-09-02 02:47 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-10-07 19:37 . 2015-09-02 01:47 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-10-07 19:37 . 2015-09-02 01:33 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-10-07 19:35 . 2015-10-07 19:35 -------- d-----w- C:\$Windows.~BT
2015-10-07 16:18 . 2015-10-07 16:18 -------- d-----w- c:\users\Jacqueline\AppData\Local\Avg2015
2015-10-07 01:00 . 2015-07-22 23:52 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-07 00:59 . 2015-09-02 01:51 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-10-07 00:30 . 2015-10-07 00:34 -------- d-----w- C:\FRST
2015-10-02 02:41 . 2015-10-02 02:41 -------- d-----w- c:\program files\IDT
2015-10-02 02:39 . 2015-10-02 02:39 -------- d-----w- c:\programdata\Sonic
2015-10-02 02:39 . 2015-10-02 02:39 -------- d-----w- c:\users\Jacqueline\AppData\Roaming\Roxio Log Files
2015-09-30 23:07 . 2015-09-30 23:07 -------- d-----w- c:\programdata\Roxio
2015-09-12 14:28 . 2015-10-10 00:41 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-12 14:26 . 2015-10-10 01:24 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-12 14:26 . 2015-10-08 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-09-12 14:26 . 2015-09-12 14:26 -------- d-----w- c:\programdata\Malwarebytes
2015-09-12 14:26 . 2015-06-18 15:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-09-12 14:26 . 2015-06-18 15:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-09-12 14:25 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-09-12 14:25 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-12 02:34 . 2015-07-16 18:38 1310720 ----a-w- c:\windows\SysWow64\urlmon(78).dll
2015-09-12 02:34 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-09-12 02:34 . 2015-07-28 20:05 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-09-12 02:34 . 2015-07-28 20:05 437760 ----a-w- c:\windows\system32\devinv.dll
2015-09-12 02:34 . 2015-07-28 20:05 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-09-12 02:34 . 2015-07-28 20:05 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-09-12 02:34 . 2015-07-28 19:55 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-09-12 02:34 . 2015-07-28 20:09 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-12 02:34 . 2015-07-28 20:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-09-12 02:33 . 2015-07-15 18:15 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-09-12 02:33 . 2015-07-15 18:10 1743360 ----a-w- c:\windows\system32\sysmain.dll
2015-09-12 02:33 . 2015-07-15 18:10 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-09-12 02:33 . 2015-07-15 18:02 2560 ----a-w- c:\windows\system32\drivers\en-US\mountmgr.sys.mui
2015-09-12 02:33 . 2015-07-15 18:00 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0(76).dll
2015-09-12 02:33 . 2015-07-10 17:51 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-09-12 02:33 . 2015-07-10 17:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2015-09-12 02:33 . 2015-07-10 17:51 158720 ----a-w- c:\windows\system32\aaclient.dll
2015-09-12 02:33 . 2015-07-10 17:34 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2015-09-12 02:33 . 2015-07-10 17:34 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-09-12 02:33 . 2015-07-10 17:33 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-09-12 02:33 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2015-09-12 02:19 . 2015-09-12 02:19 -------- d-----w- c:\users\Jacqueline\AppData\Roaming\AVAST Software
2015-09-12 02:17 . 2015-09-12 02:17 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-09-12 02:17 . 2015-09-12 02:17 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-12 02:17 . 2015-09-12 02:17 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-12 02:17 . 2015-09-12 02:17 447944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-12 02:17 . 2015-09-12 02:17 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-12 02:17 . 2015-09-12 02:17 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-12 02:17 . 2015-09-12 02:17 150672 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-09-12 02:17 . 2015-09-12 02:18 1048344 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-09-12 02:17 . 2015-09-12 02:17 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-12 02:17 . 2015-09-12 02:17 43112 ----a-w- c:\windows\avastSS.scr
2015-09-12 02:00 . 2015-09-12 02:00 -------- d-----w- c:\program files\AVAST Software
2015-09-12 01:59 . 2015-09-12 01:59 -------- d-----w- c:\programdata\AVAST Software
2015-09-11 23:14 . 2015-09-11 23:14 -------- d-----w- c:\programdata\Blio
2015-09-11 23:13 . 2015-09-11 23:14 -------- d-----w- c:\users\Jacqueline\AppData\Roaming\Blio
2015-09-11 20:56 . 2015-09-12 14:30 -------- d-----w- c:\windows\system32\MpEngineStore
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-08 02:39 . 2013-12-16 02:18 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-08 02:39 . 2011-09-08 23:35 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-22 17:53 . 2015-10-07 19:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-15 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-12-01 113288]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2015-07-07 3730344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-09-12 6111824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.

MH Lindsey · Oct 9, 2015

R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AtiDCM;AtiDCM;c:\users\Jacqueline\AppData\Local\Temp\atdcm64a.sys;c:\users\Jacqueline\AppData\Local\Temp\atdcm64a.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 PasswordBox;PasswordBox;c:\program files (x86)\PasswordBox\pbbtnService.exe;c:\program files (x86)\PasswordBox\pbbtnService.exe [x]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys;c:\windows\SYSNATIVE\DRIVERS\PDFsFilter.sys [x]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.

MH Lindsey · Oct 9, 2015

--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2015-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-16 02:39]
.
2015-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10 15:11]
.
2015-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10 15:11]
.
2015-10-10 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
2015-10-06 c:\windows\Tasks\HPCeeScheduleForJacqueline.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-12 02:17 778056 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-01 1128448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-06-11 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?mtmhp=hyplogusaolp00000003
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-10-09 19:46:42
ComboFix-quarantined-files.txt 2015-10-10 02:46
.
Pre-Run: 627,996,282,880 bytes free
Post-Run: 628,861,267,968 bytes free
.
- - End Of File - - 9CABBE0A34BBD4AD9B523DDC8483C0B8

Broni · Oct 9, 2015

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

MH Lindsey · Oct 10, 2015

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
Ran by Jacqueline (administrator) on JACQUELINE-HP (10-10-2015 10:05:28)
Running from C:\Users\Jacqueline\Desktop
Loaded Profiles: Jacqueline (Available Profiles: Jacqueline)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe

MH Lindsey · Oct 10, 2015

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-12-01] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-12-01] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-12-01] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-11] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-08] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-11] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3C1D4D5B-20D1-4851-AFF7-6013A227EB15}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{9185E063-E294-42E2-9912-F65C85EB39C7}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2103894636-1046192603-3950623487-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2103894636-1046192603-3950623487-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://aol.com/
HKU\S-1-5-21-2103894636-1046192603-3950623487-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A195C577-4E26-4327-AEA3-CE76B29C425C} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2103894636-1046192603-3950623487-1000 -> DefaultScope {6905DDF7-9472-438C-A4AD-F232702D7D42} URL =
SearchScopes: HKU\S-1-5-21-2103894636-1046192603-3950623487-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2103894636-1046192603-3950623487-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120426092248.dll [2012-03-20] (McAfee, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-06] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-08] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-15] (McAfee, Inc.)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120426092248.dll [2012-03-20] (McAfee, Inc.)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17] (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-11] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-06] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-10-06] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-2103894636-1046192603-3950623487-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2012-03-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2012-03-21] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default
FF Homepage: hxxp://www.aol.com/?mtmhp=hyplogusaolp00000003
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-10-07] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-04-08] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2012-03-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-15] (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll [2012-03-21] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-06] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2012-03-26] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-20] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2010-10-06] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2010-10-06] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-20] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-05-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-05-19] (Apple Inc.)
FF SearchPlugin: C:\Users\Jacqueline\AppData\Roaming\Mozilla\Firefox\Profiles\vbo092ro.default\searchplugins\google-default.xml [2015-10-07]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-10-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-06-23]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-21]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-06-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-11]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-11]

MH Lindsey · Oct 10, 2015

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-11] (AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-12-01] (Realsil Microelectronics Inc.) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [502032 2012-03-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199272 2012-03-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [210584 2012-03-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [162192 2012-03-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-11] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-07] ()
S3 AtiDCM; \??\C:\Users\Jacqueline\AppData\Local\Temp\atdcm64a.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

MH Lindsey · Oct 10, 2015

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-10 10:05 - 2015-10-10 10:06 - 00031066 _____ C:\Users\Jacqueline\Desktop\FRST.txt
2015-10-10 10:05 - 2015-10-10 10:05 - 00000000 ____D C:\Users\Jacqueline\Desktop\FRST-OlderVersion
2015-10-10 10:05 - 2015-10-10 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-10-09 19:46 - 2015-10-09 19:46 - 00033950 _____ C:\ComboFix.txt
2015-10-09 19:31 - 2015-10-09 19:46 - 00000000 ____D C:\Qoobox
2015-10-09 19:31 - 2015-10-09 19:44 - 00000000 ____D C:\Windows\erdnt
2015-10-09 19:31 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-09 19:31 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-09 19:31 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-09 19:31 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-09 19:31 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-09 19:31 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-09 19:31 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-09 19:31 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-09 19:23 - 2015-10-09 19:23 - 05636349 ____R (Swearware) C:\Users\Jacqueline\Desktop\ComboFix.exe
2015-10-09 18:24 - 2015-10-09 19:26 - 00000000 ____D C:\Users\Jacqueline\Desktop\mbar
2015-10-09 17:41 - 2015-10-09 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-09 17:39 - 2015-10-09 18:22 - 00000000 ____D C:\mbar
2015-10-09 17:35 - 2015-10-09 17:38 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Jacqueline\Desktop\mbar-1.09.3.1001.exe
2015-10-09 16:06 - 2015-10-09 16:06 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jacqueline\Desktop\tdsskiller.exe
2015-10-08 15:37 - 2015-10-08 15:37 - 00002184 _____ C:\Users\Jacqueline\Desktop\JRT.txt
2015-10-08 15:12 - 2015-10-08 15:18 - 00000000 ____D C:\AdwCleaner
2015-10-08 15:11 - 2015-10-08 15:11 - 01682432 _____ C:\Users\Jacqueline\Desktop\adwcleaner_5.012.exe
2015-10-07 21:24 - 2015-10-07 21:26 - 00001806 _____ C:\malware-100715.txt
2015-10-07 19:24 - 2015-10-07 19:24 - 01801288 _____ (Malwarebytes) C:\Users\Jacqueline\Desktop\JRT.exe
2015-10-07 19:08 - 2015-10-08 15:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-07 19:05 - 2015-10-07 19:07 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jacqueline\Desktop\mbam-setup-2.1.8.1057.exe
2015-10-07 19:02 - 2015-10-07 19:02 - 00008602 _____ C:\Users\Jacqueline\Desktop\rouge.txt
2015-10-07 18:37 - 2015-10-07 19:05 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-07 18:37 - 2015-10-07 18:37 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-10-07 18:35 - 2015-10-07 18:36 - 18823752 _____ C:\Users\Jacqueline\Desktop\RogueKiller.exe
2015-10-07 18:29 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-07 18:29 - 2015-08-05 10:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-07 18:29 - 2015-08-05 10:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-07 18:29 - 2015-05-25 11:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-07 18:29 - 2015-05-25 11:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-07 18:29 - 2015-05-25 11:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-07 18:29 - 2015-05-25 11:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-07 18:29 - 2015-05-25 11:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-07 18:29 - 2015-05-25 11:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-07 18:29 - 2015-05-25 11:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-07 18:29 - 2015-05-25 11:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-07 18:29 - 2015-05-25 11:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-07 18:29 - 2015-05-25 11:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-07 18:29 - 2015-05-25 11:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-07 18:29 - 2015-05-25 11:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-07 18:27 - 2015-02-02 20:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-10-07 18:27 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-10-07 18:27 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-10-07 18:27 - 2015-02-02 20:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-10-07 18:27 - 2015-02-02 20:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-10-07 18:27 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-10-07 18:27 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-10-07 18:27 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-10-07 18:27 - 2015-02-02 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-10-07 18:27 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-10-07 18:27 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-10-07 18:27 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-10-07 18:27 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-10-07 18:27 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-10-07 18:27 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-10-07 12:47 - 2015-08-17 18:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-07 12:47 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-07 12:47 - 2015-08-14 23:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-07 12:47 - 2015-08-14 23:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-07 12:47 - 2015-08-14 23:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-07 12:47 - 2015-08-14 23:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-07 12:47 - 2015-08-14 23:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-07 12:47 - 2015-08-14 23:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-07 12:47 - 2015-08-14 23:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-07 12:47 - 2015-08-14 23:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-07 12:47 - 2015-08-14 23:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-07 12:47 - 2015-08-14 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-07 12:47 - 2015-08-14 23:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-07 12:47 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-07 12:47 - 2015-08-14 23:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-07 12:47 - 2015-08-14 23:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-07 12:47 - 2015-08-14 23:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-07 12:47 - 2015-08-14 23:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-07 12:47 - 2015-08-14 23:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-07 12:47 - 2015-08-14 23:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-07 12:47 - 2015-08-14 22:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-07 12:47 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-07 12:47 - 2015-08-14 22:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-07 12:47 - 2015-08-14 22:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-07 12:47 - 2015-08-14 22:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-07 12:47 - 2015-08-14 22:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-07 12:47 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-07 12:47 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-07 12:47 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-07 12:47 - 2015-08-14 22:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-07 12:47 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-07 12:47 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-07 12:47 - 2015-08-14 22:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-07 12:47 - 2015-08-14 22:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-07 12:47 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-07 12:47 - 2015-08-14 22:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-07 12:47 - 2015-08-14 22:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-07 12:47 - 2015-08-14 22:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-07 12:47 - 2015-08-14 22:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-07 12:47 - 2015-08-14 22:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-07 12:47 - 2015-08-14 22:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-07 12:47 - 2015-08-14 22:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-07 12:47 - 2015-08-14 22:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-07 12:47 - 2015-08-14 22:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-07 12:47 - 2015-08-14 22:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-07 12:47 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-07 12:47 - 2015-08-14 22:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-07 12:47 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-07 12:47 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-07 12:47 - 2015-08-14 22:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-07 12:47 - 2015-08-14 22:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-07 12:47 - 2015-08-14 22:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-07 12:47 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-07 12:47 - 2015-08-14 22:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-07 12:47 - 2015-08-14 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-07 12:47 - 2015-08-14 21:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-07 12:47 - 2015-08-14 21:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-07 12:47 - 2015-08-14 21:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-07 12:47 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-07 12:47 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-07 12:47 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-10-07 12:47 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-07 12:47 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-07 12:47 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-07 12:47 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-07 12:42 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-10-07 12:42 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-10-07 12:42 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-10-07 12:42 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-10-07 12:42 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-10-07 12:42 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-10-07 12:42 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-10-07 12:42 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-10-07 12:41 - 2015-07-22 17:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-07 12:41 - 2015-07-22 17:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-07 12:41 - 2015-07-22 17:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-07 12:41 - 2015-07-22 17:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-07 12:41 - 2015-07-22 17:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-07 12:41 - 2015-07-22 17:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-07 12:41 - 2015-07-22 17:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-07 12:41 - 2015-07-22 17:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-07 12:41 - 2015-07-22 17:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-07 12:41 - 2015-07-22 17:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-07 12:41 - 2015-07-22 17:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-07 12:41 - 2015-07-22 17:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-07 12:41 - 2015-07-22 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-07 12:41 - 2015-07-22 17:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-07 12:41 - 2015-07-22 16:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-07 12:41 - 2015-07-22 16:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 16:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-07 12:41 - 2015-07-22 10:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-07 12:41 - 2015-07-22 10:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-07 12:41 - 2015-07-22 10:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-07 12:41 - 2015-07-22 10:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-07 12:41 - 2015-07-22 10:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-07 12:41 - 2015-07-22 10:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-07 12:41 - 2015-07-22 10:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-07 12:41 - 2015-07-22 10:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-07 12:41 - 2015-07-22 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-07 12:41 - 2015-07-22 10:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-07 12:41 - 2015-07-22 10:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-07 12:41 - 2015-07-22 10:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-07 12:41 - 2015-07-22 10:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-07 12:41 - 2015-07-22 09:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-07 12:41 - 2015-07-22 09:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-07 12:41 - 2015-07-22 09:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-07 12:41 - 2015-07-22 09:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-07 12:41 - 2015-07-22 09:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-07 12:41 - 2015-07-22 09:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 09:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 09:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-07 12:41 - 2015-07-22 09:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-07 12:40 - 2015-06-25 03:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-07 12:40 - 2015-06-25 03:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-07 12:40 - 2015-06-25 03:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-07 12:40 - 2015-06-25 02:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-07 12:38 - 2015-08-27 11:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-07 12:38 - 2015-08-27 11:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-07 12:38 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-07 12:38 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-07 12:38 - 2015-08-27 10:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-07 12:38 - 2015-08-27 10:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-07 12:38 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-07 12:38 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-07 12:38 - 2015-08-04 11:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-07 12:38 - 2015-08-04 11:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-07 12:38 - 2015-08-04 10:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-07 12:38 - 2015-08-04 10:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-07 12:38 - 2015-08-04 10:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-07 12:38 - 2015-08-04 10:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-07 12:38 - 2015-08-04 10:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-07 12:38 - 2015-08-04 10:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-07 12:38 - 2015-08-04 09:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-07 12:38 - 2015-06-03 13:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-10-07 12:38 - 2015-06-03 13:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-07 12:38 - 2015-06-03 13:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-07 12:37 - 2015-09-01 20:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-07 12:37 - 2015-09-01 20:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-07 12:37 - 2015-09-01 20:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-07 12:37 - 2015-09-01 20:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-07 12:37 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-10-07 12:37 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-10-07 12:37 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-10-07 12:37 - 2015-09-01 19:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-10-07 12:37 - 2015-09-01 18:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-07 12:37 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-10-07 12:35 - 2015-10-07 12:35 - 00000000 ____D C:\$Windows.~BT
2015-10-07 12:34 - 2015-08-26 11:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 12:34 - 2015-08-26 11:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 12:34 - 2015-08-26 11:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 12:34 - 2015-08-26 11:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-07 12:34 - 2015-08-26 11:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 12:34 - 2015-08-26 11:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-07 12:34 - 2015-08-26 10:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-07 12:34 - 2015-08-26 10:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-07 12:34 - 2015-08-26 10:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-07 12:34 - 2015-08-26 10:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-07 12:34 - 2015-08-26 10:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-07 09:18 - 2015-10-07 09:18 - 00000000 ____D C:\Users\Jacqueline\AppData\Local\Avg2015
2015-10-06 18:51 - 2015-10-06 18:59 - 00000250 _____ C:\Users\Jacqueline\Desktop\Search.txt
2015-10-06 18:44 - 2015-10-06 18:49 - 00647276 _____ C:\Users\Jacqueline\Desktop\avgremover.log
2015-10-06 18:43 - 2015-10-06 18:44 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Jacqueline\Desktop\avg_remover_stf_x64_2015_5501.exe
2015-10-06 18:04 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-06 18:00 - 2015-07-22 16:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-06 17:59 - 2015-09-01 18:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-06 17:33 - 2015-10-06 17:34 - 00045904 _____ C:\Users\Jacqueline\Desktop\2015-1007Addition.txt
2015-10-06 17:32 - 2015-10-06 17:34 - 00077836 _____ C:\Users\Jacqueline\Desktop\2015-1007FRST.txt
2015-10-06 17:30 - 2015-10-10 10:05 - 02195456 _____ (Farbar) C:\Users\Jacqueline\Desktop\FRST64.exe
2015-10-06 17:30 - 2015-10-10 10:05 - 00000000 ____D C:\FRST
2015-10-06 17:26 - 2015-10-06 17:26 - 01697792 _____ (Farbar) C:\Users\Jacqueline\Downloads\FRST.exe
2015-10-01 19:41 - 2015-10-01 19:41 - 00000000 ____D C:\Program Files\IDT
2015-10-01 19:39 - 2015-10-01 19:39 - 00000000 ____D C:\Users\Jacqueline\AppData\Roaming\Roxio Log Files
2015-10-01 19:39 - 2015-10-01 19:39 - 00000000 ____D C:\ProgramData\Sonic
2015-09-30 18:44 - 2015-09-30 18:44 - 00000000 _____ C:\AdobeDebug.txt
2015-09-30 16:30 - 2015-09-30 16:30 - 00004096 _____ C:\conf.dat
2015-09-30 16:07 - 2015-09-30 16:07 - 00000000 ____D C:\ProgramData\Roxio
2015-09-12 07:28 - 2015-10-09 17:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-12 07:26 - 2015-10-09 18:24 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-12 07:26 - 2015-10-07 19:31 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-12 07:26 - 2015-10-07 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-12 07:26 - 2015-10-07 19:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-12 07:26 - 2015-09-12 07:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-12 07:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-12 07:25 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-12 07:25 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-12 07:22 - 2015-09-12 07:25 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jacqueline\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-12 06:56 - 2015-09-12 06:56 - 00032768 _____ C:\cache.dat
2015-09-12 06:56 - 2015-09-12 06:56 - 00000000 _____ C:\manifest.dat
2015-09-11 19:34 - 2015-07-28 13:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-11 19:34 - 2015-07-28 13:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-11 19:34 - 2015-07-28 13:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-11 19:34 - 2015-07-28 13:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-11 19:34 - 2015-07-28 13:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-11 19:34 - 2015-07-28 13:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-11 19:34 - 2015-07-28 13:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-11 19:34 - 2015-07-28 12:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-11 19:34 - 2015-07-16 11:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon(78).dll
2015-09-11 19:33 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-11 19:33 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-11 19:33 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-11 19:33 - 2015-07-15 11:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0(76).dll
2015-09-11 19:33 - 2015-07-14 20:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-11 19:33 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-11 19:33 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-11 19:33 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-11 19:33 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-11 19:33 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-09-11 19:33 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-09-11 19:27 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-11 19:27 - 2015-07-30 11:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-11 19:27 - 2015-07-30 11:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-11 19:27 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-11 19:27 - 2015-07-30 10:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-11 19:27 - 2015-07-30 09:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k(77).sys
2015-09-11 19:27 - 2015-07-10 10:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-11 19:27 - 2015-07-10 10:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-11 19:27 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-11 19:27 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-11 19:27 - 2015-07-09 10:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-11 19:27 - 2015-07-01 13:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-11 19:27 - 2015-07-01 13:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-11 19:27 - 2015-07-01 13:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-11 19:27 - 2015-07-01 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-11 19:19 - 2015-09-11 19:19 - 00000000 ____D C:\Users\Jacqueline\AppData\Roaming\AVAST Software
2015-09-11 19:18 - 2015-10-09 18:28 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-11 19:18 - 2015-09-11 19:18 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-11 19:18 - 2015-09-11 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-11 19:17 - 2015-09-11 19:18 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-11 19:17 - 2015-09-11 19:17 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-11 19:17 - 2015-09-11 19:17 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-11 19:17 - 2015-09-11 19:17 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-11 19:00 - 2015-09-11 19:00 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-11 18:59 - 2015-09-11 18:59 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-11 18:58 - 2015-09-11 18:58 - 05685712 _____ (AVAST Software) C:\Users\Jacqueline\Downloads\avast_free_antivirus_setup_online.exe
2015-09-11 16:14 - 2015-09-11 16:14 - 00000000 ____D C:\ProgramData\Blio
2015-09-11 16:13 - 2015-09-11 16:14 - 00000000 ____D C:\Users\Jacqueline\AppData\Roaming\Blio
2015-09-11 16:13 - 2015-09-11 16:13 - 00000000 ____D C:\Users\Jacqueline\Documents\Blio
2015-09-11 13:56 - 2015-09-12 07:30 - 00000000 ____D C:\Windows\system32\MpEngineStore

Solved Win 7 - can't reach Control Panel

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 56,041 +516

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Posts: 195 +0

Similar threads