Jump to content


Photo

Error Messages

cannot locate snlfile format runtime error 216

  • Please log in to reply
43 replies to this topic

#1 bschaefer

bschaefer

    Member

  • Full Member
  • Pip
  • 81 posts

Posted 03 August 2015 - 06:58 PM

Sorry but I could not manage to copy the text of the files to the posting.  The only way I managed to post them was by coping the files themselves as doc and txt files.

I hope that's OK.

 

 

EDIT: Please read: http://www.spywarein...ypaste-problem/and copy/paste logs if possible...

Attached Files


Edited by Budfred, 04 August 2015 - 01:55 AM.


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 04 August 2015 - 06:17 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
 
Download the version of this tool for your operating system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===
 
Wait for further instructions.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 bschaefer

bschaefer

    Member

  • Full Member
  • Pip
  • 81 posts

Posted 04 August 2015 - 12:10 PM

Hi nasdaq,

Thanks for your response and suggestion to use another brouser.  It seems to have worked.

 

FRST .txt file

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by BS (administrator) on BS-HP (04-08-2015 12:19:04)
Running from C:\Users\BS\Downloads
Loaded Profiles: BS (Available Profiles: BS & Carole & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
() C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
() C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WinFile\WinFile.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-03-26] (NVIDIA Corporation)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [293360 2011-07-13] (Rovi Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [84464 2011-07-08] ()
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe [506352 2011-06-12] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\officejet 6100.lnk [2012-07-25]
ShortcutTarget: officejet 6100.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-548385734-4097216683-3063250578-1001 -> Backup.Old.DefaultScope {61265F54-AFA3-4EBB-9CD3-A0304F59D016}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: No Name -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-548385734-4097216683-3063250578-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2....DataManager.CAB
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.237.161.12
Tcpip\..\Interfaces\{05614AE7-17D4-440B-AFB6-62B4EB53F277}: [DhcpNameServer] 192.168.1.1 68.237.161.12

FireFox:
========
FF ProfilePath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.1: Google
FF Homepage: hxxp://www.msn.com/
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-10] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: HP Smart Print - C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default\Extensions\hpwebprint@hpwebprint.com [2014-09-30]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-18]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-03-19] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-13]
CHR Extension: (No Name) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Google Wallet) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [Not Found]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [21488 2011-07-15] ()
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-10] (WildTangent)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1095664 2011-07-13] (Rovi Corporation)
S2 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [340976 2011-07-13] (Rovi Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\BS\AppData\Local\Temp\7zS329E\hpslpsvc64.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AceecaUSBDx64; C:\Windows\System32\DRIVERS\AceecaUSBDx64.sys [66552 2011-04-05] (PalmSource, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 StnSport; C:\Windows\System32\DRIVERS\StnSport.sys [128000 2010-08-20] ()
S3 cpuz134; \??\C:\Users\BS\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 12:19 - 2015-08-04 12:19 - 00020404 _____ C:\Users\BS\Downloads\FRST.txt
2015-08-04 12:19 - 2015-08-04 12:19 - 00000000 ____D C:\FRST
2015-08-04 12:16 - 2015-08-04 12:18 - 02169856 _____ (Farbar) C:\Users\BS\Downloads\FRST64.exe
2015-08-04 12:16 - 2015-08-04 12:16 - 00000000 ____D C:\Users\BS\Desktop\SpywareInfo
2015-08-03 19:28 - 2015-08-03 19:28 - 00028604 _____ C:\Users\BS\Desktop\dds.txt
2015-08-03 19:28 - 2015-08-03 19:28 - 00014657 _____ C:\Users\BS\Desktop\attach.txt
2015-08-03 19:13 - 2015-08-03 19:13 - 00001058 _____ C:\Users\BS\Desktop\Malwarebyttes.txt
2015-08-01 12:07 - 2015-08-01 12:07 - 00000000 ____D C:\Users\BS\Documents\Simply Super Software
2015-07-31 14:17 - 2015-07-31 14:17 - 02248704 _____ C:\Users\BS\Downloads\AdwCleaner.exe
2015-07-31 14:15 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-31 14:15 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-31 14:15 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-31 14:15 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-31 14:15 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-31 14:15 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-31 14:15 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-31 13:31 - 2015-08-03 22:02 - 00000320 _____ C:\windows\Tasks\HPCeeScheduleForBS.job
2015-07-31 13:31 - 2015-08-03 18:01 - 00003168 _____ C:\windows\System32\Tasks\HPCeeScheduleForBS
2015-07-31 13:31 - 2015-07-31 13:31 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-07-31 13:31 - 2015-07-31 13:31 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-07-31 12:30 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-30 09:39 - 2015-07-30 09:39 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-23 12:05 - 2015-07-23 12:05 - 06609608 _____ (Piriform Ltd) C:\Users\BS\Downloads\ccsetup508.exe
2015-07-23 08:42 - 2015-07-23 08:42 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-07-23 08:39 - 2015-07-23 08:39 - 00001081 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-07-23 08:37 - 2015-07-23 08:37 - 04184064 _____ (BrightFort LLC ) C:\Users\BS\Downloads\spywareblastersetup52.exe
2015-07-23 08:27 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-23 08:27 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-23 08:27 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-23 08:27 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-23 08:27 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-23 08:27 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-23 08:27 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-23 08:27 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-23 08:27 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-23 08:27 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-20 12:16 - 2015-07-20 12:16 - 00000000 ____D C:\Users\Carole\AppData\Local\GWX
2015-07-18 19:41 - 2015-07-09 13:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner(78).exe
2015-07-18 19:41 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-18 19:41 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-18 19:41 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-18 19:41 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-18 19:41 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-18 19:41 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-18 19:41 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-18 19:41 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-18 19:41 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-18 19:41 - 2015-06-03 16:16 - 00193536 ____N (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-07-18 19:41 - 2015-06-03 16:16 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic(77).dll
2015-07-18 19:41 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-07-18 19:41 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-07-18 19:41 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-07-18 19:41 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-07-18 19:41 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-07-18 19:41 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-07-18 19:41 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-07-18 19:41 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-07-18 19:41 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-07-18 19:41 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-07-18 19:41 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-07-18 19:41 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-07-18 19:41 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-07-18 19:41 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-07-18 19:41 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-07-18 19:41 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-07-18 19:41 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-07-18 19:41 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-07-18 19:41 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-07-18 19:41 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-07-18 19:41 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-07-18 19:41 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-07-18 19:41 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-07-18 19:41 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-07-18 19:41 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-07-18 19:41 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-07-18 19:41 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-18 19:41 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-18 19:41 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-18 19:41 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-18 19:41 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-18 19:41 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-18 19:41 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-18 19:41 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-18 19:41 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-18 19:41 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-18 19:40 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-07-18 19:38 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2015-07-18 15:42 - 2015-08-03 09:53 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForCarole.job
2015-07-18 15:42 - 2015-08-02 18:36 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForCarole
2015-07-18 14:45 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-18 14:45 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-18 14:45 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-18 14:45 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-18 14:45 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-18 14:45 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-18 14:45 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-18 14:45 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-18 14:45 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-18 14:45 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-18 14:45 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-18 14:45 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-18 14:45 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-18 14:45 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-18 14:45 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-18 14:45 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-18 14:45 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-18 14:45 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-18 14:45 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-18 14:45 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-18 14:45 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-18 14:45 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-18 14:45 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-18 14:45 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-18 14:45 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-18 14:45 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-18 14:45 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-18 14:45 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-18 14:45 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-18 14:45 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-18 14:45 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-18 14:45 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-18 14:45 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-18 14:45 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-18 14:45 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-18 14:45 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-18 14:45 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-18 14:45 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-18 14:45 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-18 14:45 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-18 14:45 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-18 14:45 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-18 14:45 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-18 14:45 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-18 14:45 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-18 14:45 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-18 14:45 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-18 14:45 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-18 14:45 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-18 14:45 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-18 14:45 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-18 14:45 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-18 14:45 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-18 14:45 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-18 14:45 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-18 14:45 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-18 14:45 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-18 14:45 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-18 14:45 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-18 14:45 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-18 14:45 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-18 14:45 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-18 14:45 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-18 14:45 - 2015-06-09 14:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-18 14:45 - 2015-06-09 14:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-18 14:45 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-18 14:45 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-18 14:45 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-07-18 14:45 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-07-18 14:45 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-07-18 14:45 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-07-18 14:45 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-07-18 14:45 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-07-18 14:45 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-07-18 14:45 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-07-18 14:45 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-07-18 14:45 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-07-18 14:44 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-18 14:44 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-18 14:44 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-18 14:44 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-18 14:44 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-18 14:44 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-18 14:44 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-18 14:44 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-18 14:44 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-18 14:44 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-18 14:44 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-18 14:44 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-18 14:44 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-18 14:44 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-18 14:44 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-18 14:44 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-18 14:44 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-18 14:44 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-18 14:44 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-18 14:44 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-18 14:44 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-18 14:44 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-18 14:44 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-18 14:44 - 2015-06-11 13:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-18 14:44 - 2015-06-11 13:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-18 14:44 - 2015-06-11 13:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-18 14:44 - 2015-06-11 13:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-18 14:44 - 2015-06-11 13:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-18 14:44 - 2015-06-11 13:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-18 14:44 - 2015-06-11 09:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-18 14:44 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-07-18 14:44 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-07-18 14:43 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-18 14:43 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-18 14:43 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-18 14:43 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-18 14:43 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-18 14:43 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-18 14:43 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-18 14:43 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-18 14:43 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-18 14:43 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-18 14:43 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-18 14:43 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-18 14:41 - 2015-07-03 14:05 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk(17).dll
2015-07-18 14:41 - 2015-07-03 13:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk(19).dll
2015-07-18 10:38 - 2015-07-18 10:38 - 00000000 ____D C:\Users\BS\AppData\Local\GWX
2015-07-16 12:48 - 2015-07-16 12:48 - 18524336 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-16 10:59 - 2015-07-04 09:22 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw324B.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw1370.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00272248 _____ C:\windows\system32\Drivers\asw345E.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw3633.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw2B45.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw2E91.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00065736 _____ C:\windows\system32\Drivers\asw3057.tmp
2015-07-16 10:59 - 2015-05-17 12:29 - 00029168 _____ C:\windows\system32\Drivers\asw2C9D.tmp
2015-07-16 07:25 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil(187).dll
2015-07-16 07:25 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil(148).dll
2015-07-16 07:25 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon(196).dll
2015-07-16 07:25 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon(169).dll
2015-07-16 07:25 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet(172).dll
2015-07-16 07:25 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet(197).dll
2015-07-16 07:25 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32(147).dll
2015-07-16 07:25 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32(186).dll
2015-07-16 07:24 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32(159).dll
2015-07-16 07:24 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32(192).dll
2015-07-16 07:24 - 2015-07-03 14:05 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk(152).dll
2015-07-16 07:24 - 2015-07-03 13:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk(190).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv(153).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4(160).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos(149).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel(161).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0(156).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt(157).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest(170).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli(166).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg(168).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv(167).dll
2015-07-16 07:24 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32(163).dll
2015-07-16 07:24 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase(143).dll
2015-07-16 07:24 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp(141).dll
2015-07-16 07:24 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass(154).exe
2015-07-16 07:24 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase(185).dll
2015-07-16 07:24 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4(193).dll
2015-07-16 07:24 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli(195).dll
2015-07-16 07:24 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi(155).dll
2015-07-16 07:24 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui(139).dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 12:11 - 2012-12-22 14:10 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 12:11 - 2012-09-12 22:43 - 00000000 ____D C:\Users\BS\AppData\Local\CrashDumps
2015-08-04 12:11 - 2012-07-14 13:45 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 12:11 - 2012-07-14 13:45 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 10:22 - 2015-06-07 12:53 - 01692670 _____ C:\windows\WindowsUpdate.log
2015-08-04 10:03 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 10:03 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 09:39 - 2012-07-14 14:06 - 00000202 _____ C:\windows\WINFILE.INI
2015-08-04 09:04 - 2009-07-14 01:13 - 00786622 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-04 08:57 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-04 08:56 - 2012-06-20 00:46 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-03 22:08 - 2012-06-28 10:53 - 00003902 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FF012A23-8A15-4354-B0F6-8E9957804FE0}
2015-08-03 22:07 - 2014-05-01 09:13 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 20:00 - 2012-07-02 13:14 - 00000000 ____D C:\Users\BS\Documents\02 Word
2015-08-03 19:53 - 2013-05-09 10:48 - 00018944 ___SH C:\Users\BS\Thumbs.db
2015-08-03 18:51 - 2014-05-01 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-03 18:51 - 2014-05-01 09:12 - 00000000 ____D C:\P


#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 04 August 2015 - 12:45 PM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
 
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: No Name -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} ->  No File
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (Avast Online Security) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [Not Found]
S2 HPSLPSVC; C:\Users\BS\AppData\Local\Temp\7zS329E\hpslpsvc64.dll [X]
S3 cpuz134; \??\C:\Users\BS\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
Restart the computer normally to reset the registry.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
 
How is the computer running now?
 
p.s.
A file name Addition.txt was also created when your ran the Farbar tool.
 
Please copy the content and paste it in your next reply.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 bschaefer

bschaefer

    Member

  • Full Member
  • Pip
  • 81 posts

Posted 04 August 2015 - 04:22 PM

Hi nasdaq,

I knew it was only a matter of time 'til I screwed up.  I just didn't think that it would be this soon.  Everything was going so smooth.

 

I managed to run FRST and click on FIX.  Thats when things started to go wrong.  After about 45 min. the program seemed to freeze.  I thought that possibably it was because I had not closed out all open windows.  When I tried closing any open windows, thats when things started to go wrong.  Everything froze.  I tried to open Task Manager to see if FRST was still running.  That did not go well.  Everything was frozen.  I could not even log off of anything or shut down.  I finally had to shut down by cutting power.  This worked. 

 

When I re-booted I still got the error messages so I assumed that nothing had been changed.  I then checked for Fixlog.txt file and it was there.  However, there was not Assitional.txt file.  I opened the Fixlog file and it did not seem to be complete.  I am attaching it for your review.  I did not want to re-run the FRST program again without your say so.

 

I did check if a System Restore point was created and it looks like one has.

 

Sorry about the screw up.  Please advise.

Bob

 

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by BS (2015-08-04 16:24:58) Run:1
Running from C:\Users\BS\Downloads
Loaded Profiles: BS (Available Profiles: BS & Carole & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: No Name -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} ->  No File
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (Avast Online Security) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [Not Found]
S2 HPSLPSVC; C:\Users\BS\AppData\Local\Temp\7zS329E\hpslpsvc64.dll [X]
S3 cpuz134; \??\C:\Users\BS\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => key removed successfully
HPSLPSVC => service removed successfully
cpuz134 => service removed successfully



#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 05 August 2015 - 06:56 AM

Temporarily disable your AV program so it does not interfere.
 
Download Zeok tool from here
 
When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator 
(Give it a few seconds to appear.)
 
Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
 
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.
 
When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.
 
Please attach the zoek-results.log in your reply.
 
Also, please provide an update on how the computer is behaving after running the above script.
 
===

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 bschaefer

bschaefer

    Member

  • Full Member
  • Pip
  • 81 posts

Posted 05 August 2015 - 10:58 AM

Hi nasdaq,

Thanks for the follow-up. 

 

I disabled the AV Avast program until the system reboot.  Everything seemed to run correctly this time.  zoek-result.log file was created and is attached.

 

When the system rebooted it was slightly faster, about 2 min.,  loging onto my individual account also took about 1 min.  Both error messages did appear again.

 

Thanks,

Bob

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by BS on Wed 08/05/2015 at 11:25:54.28.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\BS\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8/5/2015 11:28:38 AM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\Program Files\Web Publish deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\Users\BS\AppData\Roaming\hpqlog deleted successfully
C:\Users\BS\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\BS\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Carole\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\BS\AppData\Local\assembly deleted successfully
C:\Users\BS\AppData\Local\CrashDumps deleted successfully
C:\Users\BS\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\BS\AppData\Local\EmieSiteList deleted successfully
C:\Users\BS\AppData\Local\EmieUserList deleted successfully
C:\Users\BS\AppData\Local\LogMeIn Rescue Applet deleted successfully
C:\Users\BS\AppData\Local\MigWiz deleted successfully
C:\Users\BS\AppData\Local\WMTools Downloaded Files deleted successfully
C:\Users\Carole\AppData\Local\CrashDumps deleted successfully
C:\Users\Carole\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Carole\AppData\Local\EmieSiteList deleted successfully
C:\Users\Carole\AppData\Local\EmieUserList deleted successfully
C:\Users\Carole\AppData\Local\PDFC deleted successfully
C:\Users\Carole\AppData\Local\VirtualStore deleted successfully
C:\Users\Carole\AppData\Local\{502DCF38-B222-4F85-AAF0-D5EDCBC44619} deleted successfully
C:\Users\Carole\AppData\Local\{67A8DFBD-6CAD-4D0A-9029-9FD3308A1F82} deleted successfully
C:\Users\Carole\AppData\Local\{67F86096-EF89-487A-8246-D22A222B7873} deleted successfully
C:\Users\Carole\AppData\Local\{6D03EF31-7ABA-4044-AD1A-41C28AB2AD09} deleted successfully
C:\Users\Carole\AppData\Local\{7C39EDCE-62B6-4A06-9915-742AEB9FD5DC} deleted successfully
C:\Users\Carole\AppData\Local\{E264E0DD-3D51-4C09-8E8D-5BA84135A55D} deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default

user.js not found
---- Lines vfdownload removed from prefs.js ----
user_pref("extensions.vfdownload.installDate", "2013-10-28");
user_pref("extensions.vfdownload.installID", "{92E868B2-4CDC-4E14-BD13-E90E71A4E4AE}");
user_pref("extensions.vfdownload.installedProduct", "selectionlinks");
user_pref("extensions.vfdownload.installerVersion", "3.2");
user_pref("extensions.vfdownload.installpartner", "apl");
user_pref("extensions.vfdownload.testgroup", "");
---- FireFox user.js and prefs.js backups ----

prefs_20150805_1140_.backup

ProfilePath: C:\Users\BS\AppData\Roaming\Thunderbird\Profiles\rkotbfj4.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20150805_1140_.backup

ProfilePath: C:\Users\Carole\AppData\Roaming\Thunderbird\Profiles\5qsuta3o.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20150805_1140_.backup

==== Batch Command(s) Run By Tool======================

C:\windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\VS Revo Group not found
"C:\windows\Installer\16dd68.msi" not found
C:\windows\syswow64\appdata deleted
C:\PROGRA~2\Savings Bond Wizard deleted
C:\Users\BS\AppData\Roaming\LogFile.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\wininit.ini deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\BS\Documents\Add-in Express deleted
C:\Users\BS\WinFile.exe.manifest.exe deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default
user_pref("browser.startup.homepage", "http://www.msn.com/");
user_pref("browser.newtab.url", "http://www.google.com/firefox");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename.US", "Google");
user_pref("keyword.URL", "http://www.google.co...&oe=utf-8&q=");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/31/2015 01:31 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- HP Smart Print - %ProfilePath%\extensions\hpwebprint@hpwebprint.com

ProfilePath: C:\Users\BS\AppData\Roaming\Thunderbird\Profiles\rkotbfj4.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

ProfilePath: C:\Users\Carole\AppData\Roaming\Thunderbird\Profiles\5qsuta3o.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default
FD82108FD60B63010325D9AF6F00AF99    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll -    Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.125



==== Chromium Startpages ======================

C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Preferences
9A51736AF57547252F82EB5C891575838DDA21D213AD67B90A6FF2E69B65E7F","search_url":"CEDE10E7D8F17E1EB915684820C09BC7CE32C40482DB38A120A355ADBC5193C1"},"default_search_provider_data":{"template_url_data":"7BA3F00DB07F0BC1C45111397FF738A540BC8E7CA3F9D8DE4165D5FF5F4478F8"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"62BC448E4024794EF6B34F7779634FF959168DB3EE61A9E0B5F3D58DF765DFC3","bepbmhgboaologfdajaanbcjmnhjmhfn":"1E772D9B393D065A976AE1F69334101B23D7BA0C2DEFD3E949C6424B364308BF","dnhpdliibojhegemfjheidglijccjfmc":"872FFD9EC6BE5A5B32A7C3435CA7F7CCA728C8A4CA467CDB1BE30070C127389F","eemcgdkfndhakfknompkggombfjjjeno":"C6491855519F1F31832CCECB8F3CF26FCCE21316FBD2A8C8A22B8B1E5338554B","ennkphjdgehloodpbhlhldgbnhmacadg":"DF95C2EB130C35FB606EF1698F7B9BDE97BDE581079BC03D4C0727ECBAB443DA","gfdkimpbcpahaombhbimeihdjnejgicl":"F40C22300F998E80B0ED1E3539E4562DF340257F5292998282D31D033EBF0009","gomekmidlodglbbmalcneegieacbdmki":"9882255267986C4F03A90314A915E7473024A2CA614AC61834E4B338E7291306","kmendfapggjehodndflmmgagdbamhnfd":"0A4D20C03B6573CF6FE1370A236B5D288428BADEE42BF8A045C9F2F9D6D588BB","lccekmodgklaepjeofjdjpbminllajkg":"1550CA7DFE3C16CE7C1357E3245839CCAE51A9A81A23B5EAC36DACDA653FD433","mfehgcgbbipciphmccgaenjidiccnmng":"43347B834DBB7FACC386D0D10BCD15F298ACCD00205253A9BAABE5F06C2FD256","mgndgikekgjfcpckkfioiadnlibdjbkf":"C65DACCCE1D78D494B609CAB3034FE160D67CD7B2DD96093B0CD047DB1DB3600","mhjfbmdgcfjbbpaeojofohoefgiehjai":"BE0A7CE34AC23E42041E1DFCFEF096CF128EBABECADF36A0B91F1472B4E63D4C","nbpagnldghgfoolbancepceaanlmhfmd":"04363404F1D8770F03863B816B732E63BF9DB92AFDB539EB451A65AF1FCE6B5A","neajdppkdcdipfabeoofebfddakdcjhd":"DED088A1EB2EC5B260734123B09E99169872CAC43415C01CD9E9B9F210DDBD40","nkeimhogjdpnpccoofpliimaahmaaome":"D066AB4AEF553EBA579C711E412E47481537189E472DFE692BD8A4BE487CBAD5","nmmhkkegccagdldgiimedpiccmgmieda":"48A74A96279F293B3E2C83921D3B19B73BB5FEF61FDFF8E5C76EA87AC305D5B5","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"02C7DDB442D9A7A7CE1493587D926F653CA47B76A9A0E92087E7C94F0F1F39B2"}},"google":{"services":{"account_id":"35FD443B32DC4592DACD07F90520F17BCEF9DB163903145CFEF4B23B4F862FB3","last_username":"B64BED6FA38D2A785576A02D2CE22CAA07B098CF9F8A3873C6A2B439BB02151D","username":"B6BF32F999FE50F64DE32D4D8417611A09393543F5E3015C7F5B8A9D2FE2B6C7"}},"homepage":"EA27D59B5CE35400F9FD4500EAB7F58FE392939EE0AADFB71ADB2801D35157CD","homepage_is_newtabpage":"EC150FF14EEBCBE9AA8E9D62973232617BEB803AC45E891FD744924DB076A2CC","pinned_tabs":"40B448EE9980947617F8D3189DDE27716900DEDDD1763415AA47A2DA284D0E44","prefs":{"preference_reset_time":"405D2D08C110E4C1ABCF28F741DE0791AA5E5DD389536455D8D7CF44F65A9D6C"},"profile":{"reset_prompt_memento":"F3FA43E5FC2AA76DD79A6A46FD79FE5EFE23CA588DCD7D9B3805B41379292A0A"},"safebrowsing":{"incidents_sent":"E994C8333A43476B7C3C1B596EB20198F84A3359E9CE2E52C6935A02084919AC"},"search_provider_overrides":"B5530F7AD18E45AB0DA80499E548363674F03C5A93E5365A71A9DC48E52560E0","session":{"restore_on_startup":"79BFDD59EE6046A6A6E8CEF2DB5CA54CE88B4A9180BF6514BD72970794B6C046","startup_urls":"4753725C9CC3C9B5A57A858149C38DC5423881D28757488FD3B0EDC9DC6CB8F1"},"software_reporter":{"prompt_reason":"B12B5498A9C032E91C6273D48B6C8DE032A9B8B9FE20C440839421191B8C7450","prompt_seed":"FD93A8012A0C7B006B76CC84A2C8A221FA25B336E0026EE8B52E6886764A614C","prompt_version":"B0C0C8E7C9537E8A71B22DCBBC28C6B2741AA83C7EE541D1EB008E6AF574C89D"},"sync":{"remaining_rollback_tries":"BBB77452AB9E38E6C2AB6EFFD59971523B50501A0497F14DB303476BAF56F872"}},"super_mac":"8E2587AE4CF4F3B4D4CA971E22E96006ECD38C405642B36788EC2B54AB493896"},"session":{"restore_on_startup":4,"startup_urls":["http://www.msn.com/?pc=U142&ocid=U142DHP"]},"sync":{"remaining_rollback_tries":0}}

C:\Users\Carole\AppData\Local\Google\Chrome\User Data\Default\Preferences
448EE9980947617F8D3189DDE27716900DEDDD1763415AA47A2DA284D0E44","prefs":{"preference_reset_time":"B9BB7D83A5AEAD96D660D90898F078EE3B7FE74789C72E0BDC6B17303733D66F"},"profile":{"reset_prompt_memento":"F3FA43E5FC2AA76DD79A6A46FD79FE5EFE23CA588DCD7D9B3805B41379292A0A"},"safebrowsing":{"incidents_sent":"E994C8333A43476B7C3C1B596EB20198F84A3359E9CE2E52C6935A02084919AC"},"search_provider_overrides":"B5530F7AD18E45AB0DA80499E548363674F03C5A93E5365A71A9DC48E52560E0","session":{"restore_on_startup":"3B8F76B5AE4EA9221A3C2AAB1077A95C527C8CDE17C3A1727477884FBCC5A270","startup_urls":"7CEEB57EF30F31B3F613106924FD2F4D945AD6B8C0ADF1DD5DFE46E353F31633"},"software_reporter":{"prompt_reason":"B12B5498A9C032E91C6273D48B6C8DE032A9B8B9FE20C440839421191B8C7450","prompt_seed":"FD93A8012A0C7B006B76CC84A2C8A221FA25B336E0026EE8B52E6886764A614C","prompt_version":"B0C0C8E7C9537E8A71B22DCBBC28C6B2741AA83C7EE541D1EB008E6AF574C89D"},"sync":{"remaining_rollback_tries":"D99EB7D8681BA40519F870B9F175CDB2E51F06F09EC719A0C6C657F73C52E2B9"}},"super_mac":"4CDE3B8034CAA953781690607109E7FF027DC1F86CF0C4D1E4427337C6C0B97C"},"session":{"startup_urls":["http://www.msn.com/?pc=U147E&ocid=U147EDHP"]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
{79135201-E772-BD02-E535-5ABD032FA9AA} Google  Url="http://www.google.co...I7GGNI_enUS492"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843 deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\BS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\BS\AppData\Local\Mozilla\Firefox\Profiles\lqhi3w2z.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Carole\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=73 folders=25 55235601 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\BS\AppData\Local\Temp will be emptied at reboot
C:\Users\Carole\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\TEMP\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\BS\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Wed 08/05/2015 at 11:48:14.40 ======================
 



#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 05 August 2015 - 01:02 PM

We will check your BIOS and Master boot record.
 
Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  •  
    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
  • TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  •  
    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • ===
     
    Download http://public.avast....erek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===
     
    Wait for further instructions.
     
    p.s.
    Can you give me some additional information on the error message.
    Post the complete message if you can.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #9 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 05 August 2015 - 07:39 PM

    Found the TDSSKiller file and is attached. 

     

    Ran the aswMBR program and found file.  I zipped it but can not figure out how to attach it.  It looks like the MBR.dat file is only 512 K.  Since it is so short I'll attach it at the end hoping that is what you’re looking for.  If not, please guide me through attaching the Zip Folder to the next reply.

    p.s. I did notice that my wife’s User Account does not look as if it were scanned.  Is that right or did I do something wrong again?

     

     

     

    19:44:53.0957 0x1098  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
    19:44:53.0957 0x1098  UEFI system
    19:45:13.0737 0x1098  ============================================================
    19:45:13.0737 0x1098  Current date / time: 2015/08/05 19:45:13.0737
    19:45:13.0737 0x1098  SystemInfo:
    19:45:13.0737 0x1098  
    19:45:13.0737 0x1098  OS Version: 6.1.7601 ServicePack: 1.0
    19:45:13.0737 0x1098  Product type: Workstation
    19:45:13.0737 0x1098  ComputerName: BS-HP
    19:45:13.0737 0x1098  UserName: BS
    19:45:13.0737 0x1098  Windows directory: C:\windows
    19:45:13.0737 0x1098  System windows directory: C:\windows
    19:45:13.0737 0x1098  Running under WOW64
    19:45:13.0737 0x1098  Processor architecture: Intel x64
    19:45:13.0737 0x1098  Number of processors: 4
    19:45:13.0737 0x1098  Page size: 0x1000
    19:45:13.0737 0x1098  Boot type: Normal boot
    19:45:13.0737 0x1098  ============================================================
    19:45:15.0317 0x1098  KLMD registered as C:\windows\system32\drivers\56351736.sys
    19:45:15.0637 0x1098  System UUID: {946539E2-4649-18A9-495A-881DCA4178F1}
    19:45:16.0147 0x1098  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:45:16.0187 0x1098  ============================================================
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0:
    19:45:16.0187 0x1098  GPT partitions:
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A446FB6B-67B4-4904-A8CB-DD3C00635126}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7328E916-5A0A-4E05-9151-CB49118F4613}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {56D10D2A-C6B6-4127-9E29-759F687FD572}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x72505000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {049DDEC8-2ECE-4652-862F-A464331654CC}, Name: Basic data partition, StartLBA 0x72577800, BlocksNum 0x218F000
    19:45:16.0187 0x1098  MBR partitions:
    19:45:16.0187 0x1098  ============================================================
    19:45:16.0217 0x1098  C: <-> \Device\Harddisk0\DR0\Partition3
    19:45:16.0257 0x1098  D: <-> \Device\Harddisk0\DR0\Partition4
    19:45:16.0257 0x1098  ============================================================
    19:45:16.0257 0x1098  Initialize success
    19:45:16.0257 0x1098  ============================================================
    19:45:19.0477 0x19fc  ============================================================
    19:45:19.0477 0x19fc  Scan started
    19:45:19.0477 0x19fc  Mode: Manual;
    19:45:19.0477 0x19fc  ============================================================
    19:45:19.0477 0x19fc  KSN ping started
    19:45:22.0657 0x19fc  KSN ping finished: true
    19:45:23.0747 0x19fc  ================ Scan system memory ========================
    19:45:23.0747 0x19fc  System memory - ok
    19:45:23.0747 0x19fc  ================ Scan services =============================
    19:45:23.0897 0x19fc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
    19:45:23.0907 0x19fc  1394ohci - ok
    19:45:23.0957 0x19fc  [ 5677F1633EA1FA5DB3482080A506EA24, 0EC3E2B1C288702360C34433819D014522CEE01BA482A4E4546C8D056C151565 ] AceecaUSBDx64   C:\windows\system32\DRIVERS\AceecaUSBDx64.sys
    19:45:23.0967 0x19fc  AceecaUSBDx64 - ok
    19:45:23.0987 0x19fc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
    19:45:23.0997 0x19fc  ACPI - ok
    19:45:24.0017 0x19fc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
    19:45:24.0017 0x19fc  AcpiPmi - ok
    19:45:24.0107 0x19fc  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    19:45:24.0107 0x19fc  AdobeARMservice - ok
    19:45:24.0247 0x19fc  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:45:24.0247 0x19fc  AdobeFlashPlayerUpdateSvc - ok
    19:45:24.0307 0x19fc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
    19:45:24.0327 0x19fc  adp94xx - ok
    19:45:24.0357 0x19fc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
    19:45:24.0367 0x19fc  adpahci - ok
    19:45:24.0377 0x19fc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
    19:45:24.0387 0x19fc  adpu320 - ok
    19:45:24.0427 0x19fc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
    19:45:24.0427 0x19fc  AeLookupSvc - ok
    19:45:24.0487 0x19fc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
    19:45:24.0507 0x19fc  AFD - ok
    19:45:24.0517 0x19fc  AFS - ok
    19:45:24.0537 0x19fc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
    19:45:24.0537 0x19fc  agp440 - ok
    19:45:24.0567 0x19fc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
    19:45:24.0567 0x19fc  ALG - ok
    19:45:24.0627 0x19fc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
    19:45:24.0627 0x19fc  aliide - ok
    19:45:24.0667 0x19fc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
    19:45:24.0667 0x19fc  amdide - ok
    19:45:24.0687 0x19fc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
    19:45:24.0687 0x19fc  AmdK8 - ok
    19:45:24.0707 0x19fc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
    19:45:24.0717 0x19fc  AmdPPM - ok
    19:45:24.0727 0x19fc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
    19:45:24.0737 0x19fc  amdsata - ok
    19:45:24.0757 0x19fc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
    19:45:24.0767 0x19fc  amdsbs - ok
    19:45:24.0787 0x19fc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
    19:45:24.0787 0x19fc  amdxata - ok
    19:45:24.0847 0x19fc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
    19:45:24.0857 0x19fc  AppID - ok
    19:45:24.0867 0x19fc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
    19:45:24.0867 0x19fc  AppIDSvc - ok
    19:45:24.0927 0x19fc  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\windows\System32\appinfo.dll
    19:45:24.0937 0x19fc  Appinfo - ok
    19:45:24.0957 0x19fc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
    19:45:24.0967 0x19fc  arc - ok
    19:45:24.0987 0x19fc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
    19:45:24.0987 0x19fc  arcsas - ok
    19:45:25.0067 0x19fc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    19:45:25.0067 0x19fc  aspnet_state - ok
    19:45:25.0137 0x19fc  [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
    19:45:25.0147 0x19fc  aswHwid - ok
    19:45:25.0187 0x19fc  [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
    19:45:25.0187 0x19fc  aswMonFlt - ok
    19:45:25.0257 0x19fc  [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
    19:45:25.0257 0x19fc  aswRdr - ok
    19:45:25.0297 0x19fc  [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
    19:45:25.0297 0x19fc  aswRvrt - ok
    19:45:25.0347 0x19fc  [ 5B6A864A2CE292992040CEBAFC8F746A, 3AC0D60B3530AA55266C6547686E4488FE3C5CDD19223ECAF6E5C5A4109EF0C1 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
    19:45:25.0367 0x19fc  aswSnx - ok
    19:45:25.0427 0x19fc  [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP           C:\windows\system32\drivers\aswSP.sys
    19:45:25.0437 0x19fc  aswSP - ok
    19:45:25.0457 0x19fc  [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm          C:\windows\system32\drivers\aswStm.sys
    19:45:25.0457 0x19fc  aswStm - ok
    19:45:25.0467 0x19fc  [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
    19:45:25.0477 0x19fc  aswVmm - ok
    19:45:25.0507 0x19fc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
    19:45:25.0507 0x19fc  AsyncMac - ok
    19:45:25.0547 0x19fc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
    19:45:25.0547 0x19fc  atapi - ok
    19:45:25.0607 0x19fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    19:45:25.0627 0x19fc  AudioEndpointBuilder - ok
    19:45:25.0637 0x19fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
    19:45:25.0647 0x19fc  AudioSrv - ok
    19:45:25.0767 0x19fc  [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    19:45:25.0767 0x19fc  avast! Antivirus - ok
    19:45:25.0807 0x19fc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
    19:45:25.0807 0x19fc  AxInstSV - ok
    19:45:25.0847 0x19fc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
    19:45:25.0857 0x19fc  b06bdrv - ok
    19:45:25.0897 0x19fc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
    19:45:25.0907 0x19fc  b57nd60a - ok
    19:45:25.0927 0x19fc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
    19:45:25.0927 0x19fc  BDESVC - ok
    19:45:25.0947 0x19fc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
    19:45:25.0947 0x19fc  Beep - ok
    19:45:25.0997 0x19fc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
    19:45:26.0017 0x19fc  BFE - ok
    19:45:26.0067 0x19fc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
    19:45:26.0087 0x19fc  BITS - ok
    19:45:26.0117 0x19fc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
    19:45:26.0117 0x19fc  blbdrive - ok
    19:45:26.0177 0x19fc  [ C752A6902163B5E9C3554BA69A275F41, 29D729B52700DCCA4E57FE38A5B92103CE79C8C59B6E7162CCB8E7C19BAE1942 ] BOT4Service     C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
    19:45:26.0177 0x19fc  BOT4Service - ok
    19:45:26.0197 0x19fc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
    19:45:26.0197 0x19fc  bowser - ok
    19:45:26.0217 0x19fc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
    19:45:26.0217 0x19fc  BrFiltLo - ok
    19:45:26.0237 0x19fc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
    19:45:26.0237 0x19fc  BrFiltUp - ok
    19:45:26.0287 0x19fc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
    19:45:26.0297 0x19fc  BridgeMP - ok
    19:45:26.0317 0x19fc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
    19:45:26.0327 0x19fc  Browser - ok
    19:45:26.0357 0x19fc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
    19:45:26.0367 0x19fc  Brserid - ok
    19:45:26.0387 0x19fc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
    19:45:26.0387 0x19fc  BrSerWdm - ok
    19:45:26.0397 0x19fc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
    19:45:26.0397 0x19fc  BrUsbMdm - ok
    19:45:26.0417 0x19fc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
    19:45:26.0417 0x19fc  BrUsbSer - ok
    19:45:26.0437 0x19fc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
    19:45:26.0437 0x19fc  BTHMODEM - ok
    19:45:26.0467 0x19fc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
    19:45:26.0477 0x19fc  bthserv - ok
    19:45:26.0537 0x19fc  [ A3AD13CA2747953DDD4C9AE4FB925BEC, 860FA3A04DE9DA0B19C625681E594713844F3401FEFD7C26A28C6C94BA6920C7 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    19:45:26.0537 0x19fc  CalendarSynchService - ok
    19:45:26.0557 0x19fc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
    19:45:26.0557 0x19fc  cdfs - ok
    19:45:26.0577 0x19fc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
    19:45:26.0587 0x19fc  cdrom - ok
    19:45:26.0607 0x19fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
    19:45:26.0617 0x19fc  CertPropSvc - ok
    19:45:26.0637 0x19fc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
    19:45:26.0637 0x19fc  circlass - ok
    19:45:26.0687 0x19fc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
    19:45:26.0707 0x19fc  CLFS - ok
    19:45:26.0757 0x19fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:45:26.0757 0x19fc  clr_optimization_v2.0.50727_32 - ok
    19:45:26.0797 0x19fc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:45:26.0797 0x19fc  clr_optimization_v2.0.50727_64 - ok
    19:45:26.0887 0x19fc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:45:26.0897 0x19fc  clr_optimization_v4.0.30319_32 - ok
    19:45:26.0907 0x19fc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:45:26.0907 0x19fc  clr_optimization_v4.0.30319_64 - ok
    19:45:26.0927 0x19fc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
    19:45:26.0927 0x19fc  CmBatt - ok
    19:45:26.0957 0x19fc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
    19:45:26.0957 0x19fc  cmdide - ok
    19:45:27.0007 0x19fc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
    19:45:27.0027 0x19fc  CNG - ok
    19:45:27.0047 0x19fc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
    19:45:27.0057 0x19fc  Compbatt - ok
    19:45:27.0097 0x19fc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
    19:45:27.0097 0x19fc  CompositeBus - ok
    19:45:27.0107 0x19fc  COMSysApp - ok
    19:45:27.0117 0x19fc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
    19:45:27.0127 0x19fc  crcdisk - ok
    19:45:27.0167 0x19fc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
    19:45:27.0177 0x19fc  CryptSvc - ok
    19:45:27.0207 0x19fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
    19:45:27.0227 0x19fc  DcomLaunch - ok
    19:45:27.0247 0x19fc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
    19:45:27.0257 0x19fc  defragsvc - ok
    19:45:27.0277 0x19fc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
    19:45:27.0277 0x19fc  DfsC - ok
    19:45:27.0307 0x19fc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
    19:45:27.0307 0x19fc  Dhcp - ok
    19:45:27.0407 0x19fc  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\windows\system32\diagtrack.dll
    19:45:27.0437 0x19fc  DiagTrack - ok
    19:45:27.0457 0x19fc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
    19:45:27.0457 0x19fc  discache - ok
    19:45:27.0487 0x19fc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
    19:45:27.0487 0x19fc  Disk - ok
    19:45:27.0507 0x19fc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
    19:45:27.0517 0x19fc  Dnscache - ok
    19:45:27.0537 0x19fc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
    19:45:27.0537 0x19fc  dot3svc - ok
    19:45:27.0557 0x19fc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
    19:45:27.0557 0x19fc  DPS - ok
    19:45:27.0587 0x19fc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
    19:45:27.0587 0x19fc  drmkaud - ok
    19:45:27.0657 0x19fc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
    19:45:27.0677 0x19fc  DXGKrnl - ok
    19:45:27.0697 0x19fc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
    19:45:27.0697 0x19fc  EapHost - ok
    19:45:27.0807 0x19fc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
    19:45:27.0867 0x19fc  ebdrv - ok
    19:45:27.0917 0x19fc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\windows\System32\lsass.exe
    19:45:27.0917 0x19fc  EFS - ok
    19:45:27.0977 0x19fc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
    19:45:27.0997 0x19fc  ehRecvr - ok
    19:45:28.0007 0x19fc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
    19:45:28.0017 0x19fc  ehSched - ok
    19:45:28.0047 0x19fc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
    19:45:28.0057 0x19fc  elxstor - ok
    19:45:28.0067 0x19fc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
    19:45:28.0067 0x19fc  ErrDev - ok
    19:45:28.0107 0x19fc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
    19:45:28.0117 0x19fc  EventSystem - ok
    19:45:28.0137 0x19fc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
    19:45:28.0147 0x19fc  exfat - ok
    19:45:28.0157 0x19fc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
    19:45:28.0157 0x19fc  fastfat - ok
    19:45:28.0197 0x19fc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
    19:45:28.0217 0x19fc  Fax - ok
    19:45:28.0227 0x19fc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
    19:45:28.0227 0x19fc  fdc - ok
    19:45:28.0247 0x19fc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
    19:45:28.0247 0x19fc  fdPHost - ok
    19:45:28.0257 0x19fc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
    19:45:28.0257 0x19fc  FDResPub - ok
    19:45:28.0267 0x19fc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
    19:45:28.0267 0x19fc  FileInfo - ok
    19:45:28.0277 0x19fc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
    19:45:28.0277 0x19fc  Filetrace - ok
    19:45:28.0307 0x19fc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
    19:45:28.0307 0x19fc  flpydisk - ok
    19:45:28.0327 0x19fc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
    19:45:28.0337 0x19fc  FltMgr - ok
    19:45:28.0417 0x19fc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\windows\system32\FntCache.dll
    19:45:28.0447 0x19fc  FontCache - ok
    19:45:28.0477 0x19fc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:45:28.0487 0x19fc  FontCache3.0.0.0 - ok
    19:45:28.0497 0x19fc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
    19:45:28.0497 0x19fc  FsDepends - ok
    19:45:28.0527 0x19fc  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
    19:45:28.0527 0x19fc  fssfltr - ok
    19:45:28.0637 0x19fc  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    19:45:28.0677 0x19fc  fsssvc - ok
    19:45:28.0707 0x19fc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
    19:45:28.0707 0x19fc  Fs_Rec - ok
    19:45:28.0757 0x19fc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
    19:45:28.0757 0x19fc  fvevol - ok
    19:45:28.0797 0x19fc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
    19:45:28.0807 0x19fc  gagp30kx - ok
    19:45:28.0867 0x19fc  [ 8503C5808817070ACBF4CAF9AC498AAB, 2232372BEBE523878571A3881B0A5B8FAE68BEAA407ED198E147259DF8BC33C9 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    19:45:28.0877 0x19fc  GamesAppIntegrationService - ok
    19:45:28.0917 0x19fc  [ E304C7C0D7AA1A871B4145385AD6F8FB, 40462C37600E0412EC69D8438B6B5C2496C0B3709A46C2960B8D719297AB2DAA ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    19:45:28.0927 0x19fc  GamesAppService - ok
    19:45:28.0997 0x19fc  [ 12CD74D8F037AE10E03C2415EFF59EF5, EDE7187DC57010119A46730B63EAF1548E3BDC170D375568880478AB36340726 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    19:45:29.0017 0x19fc  Garmin Core Update Service - ok
    19:45:29.0067 0x19fc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
    19:45:29.0087 0x19fc  gpsvc - ok
    19:45:29.0167 0x19fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:45:29.0167 0x19fc  gupdate - ok
    19:45:29.0187 0x19fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:45:29.0187 0x19fc  gupdatem - ok
    19:45:29.0227 0x19fc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    19:45:29.0227 0x19fc  gusvc - ok
    19:45:29.0247 0x19fc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
    19:45:29.0257 0x19fc  hcw85cir - ok
    19:45:29.0277 0x19fc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    19:45:29.0297 0x19fc  HdAudAddService - ok
    19:45:29.0337 0x19fc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
    19:45:29.0337 0x19fc  HDAudBus - ok
    19:45:29.0357 0x19fc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
    19:45:29.0357 0x19fc  HidBatt - ok
    19:45:29.0377 0x19fc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
    19:45:29.0387 0x19fc  HidBth - ok
    19:45:29.0397 0x19fc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
    19:45:29.0407 0x19fc  HidIr - ok
    19:45:29.0427 0x19fc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
    19:45:29.0427 0x19fc  hidserv - ok
    19:45:29.0467 0x19fc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
    19:45:29.0467 0x19fc  HidUsb - ok
    19:45:29.0487 0x19fc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
    19:45:29.0497 0x19fc  hkmsvc - ok
    19:45:29.0517 0x19fc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
    19:45:29.0527 0x19fc  HomeGroupListener - ok
    19:45:29.0547 0x19fc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    19:45:29.0547 0x19fc  HomeGroupProvider - ok
    19:45:29.0597 0x19fc  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    19:45:29.0597 0x19fc  HP Support Assistant Service - ok
    19:45:29.0647 0x19fc  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    19:45:29.0667 0x19fc  HPAuto - ok
    19:45:29.0767 0x19fc  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    19:45:29.0787 0x19fc  hpqwmiex - ok
    19:45:29.0807 0x19fc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
    19:45:29.0807 0x19fc  HpSAMD - ok
    19:45:29.0877 0x19fc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
    19:45:29.0897 0x19fc  HTTP - ok
    19:45:29.0907 0x19fc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
    19:45:29.0907 0x19fc  hwpolicy - ok
    19:45:29.0937 0x19fc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
    19:45:29.0937 0x19fc  i8042prt - ok
    19:45:29.0957 0x19fc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
    19:45:29.0967 0x19fc  iaStorV - ok
    19:45:30.0037 0x19fc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:45:30.0057 0x19fc  idsvc - ok
    19:45:30.0097 0x19fc  IEEtwCollectorService - ok
    19:45:30.0257 0x19fc  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
    19:45:30.0377 0x19fc  igfx - ok
    19:45:30.0407 0x19fc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
    19:45:30.0407 0x19fc  iirsp - ok
    19:45:30.0477 0x19fc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
    19:45:30.0497 0x19fc  IKEEXT - ok
    19:45:30.0537 0x19fc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
    19:45:30.0537 0x19fc  intelide - ok
    19:45:30.0557 0x19fc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
    19:45:30.0567 0x19fc  intelppm - ok
    19:45:30.0597 0x19fc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
    19:45:30.0607 0x19fc  IPBusEnum - ok
    19:45:30.0617 0x19fc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
    19:45:30.0627 0x19fc  IpFilterDriver - ok
    19:45:30.0667 0x19fc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
    19:45:30.0687 0x19fc  iphlpsvc - ok
    19:45:30.0697 0x19fc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
    19:45:30.0697 0x19fc  IPMIDRV - ok
    19:45:30.0707 0x19fc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
    19:45:30.0717 0x19fc  IPNAT - ok
    19:45:30.0727 0x19fc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
    19:45:30.0727 0x19fc  IRENUM - ok
    19:45:30.0737 0x19fc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
    19:45:30.0737 0x19fc  isapnp - ok
    19:45:30.0787 0x19fc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
    19:45:30.0797 0x19fc  iScsiPrt - ok
    19:45:30.0827 0x19fc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
    19:45:30.0837 0x19fc  kbdclass - ok
    19:45:30.0847 0x19fc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
    19:45:30.0847 0x19fc  kbdhid - ok
    19:45:30.0867 0x19fc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\windows\system32\lsass.exe
    19:45:30.0867 0x19fc  KeyIso - ok
    19:45:30.0907 0x19fc  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
    19:45:30.0917 0x19fc  KSecDD - ok
    19:45:30.0927 0x19fc  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
    19:45:30.0937 0x19fc  KSecPkg - ok
    19:45:30.0947 0x19fc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
    19:45:30.0947 0x19fc  ksthunk - ok
    19:45:30.0987 0x19fc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
    19:45:30.0997 0x19fc  KtmRm - ok
    19:45:31.0027 0x19fc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
    19:45:31.0037 0x19fc  LanmanServer - ok
    19:45:31.0057 0x19fc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    19:45:31.0067 0x19fc  LanmanWorkstation - ok
    19:45:31.0097 0x19fc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
    19:45:31.0097 0x19fc  lltdio - ok
    19:45:31.0117 0x19fc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
    19:45:31.0127 0x19fc  lltdsvc - ok
    19:45:31.0147 0x19fc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
    19:45:31.0147 0x19fc  lmhosts - ok
    19:45:31.0177 0x19fc  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    19:45:31.0187 0x19fc  LMS - ok
    19:45:31.0217 0x19fc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
    19:45:31.0227 0x19fc  LSI_FC - ok
    19:45:31.0237 0x19fc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
    19:45:31.0247 0x19fc  LSI_SAS - ok
    19:45:31.0257 0x19fc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
    19:45:31.0257 0x19fc  LSI_SAS2 - ok
    19:45:31.0287 0x19fc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
    19:45:31.0287 0x19fc  LSI_SCSI - ok
    19:45:31.0337 0x19fc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
    19:45:31.0347 0x19fc  luafv - ok
    19:45:31.0407 0x19fc  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
    19:45:31.0407 0x19fc  MBAMProtector - ok
    19:45:31.0507 0x19fc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    19:45:31.0527 0x19fc  MBAMService - ok
    19:45:31.0557 0x19fc  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
    19:45:31.0567 0x19fc  MBAMWebAccessControl - ok
    19:45:31.0587 0x19fc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
    19:45:31.0597 0x19fc  Mcx2Svc - ok
    19:45:31.0617 0x19fc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
    19:45:31.0627 0x19fc  megasas - ok
    19:45:31.0677 0x19fc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
    19:45:31.0687 0x19fc  MegaSR - ok
    19:45:31.0707 0x19fc  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\windows\system32\drivers\HECIx64.sys
    19:45:31.0707 0x19fc  MEIx64 - ok
    19:45:31.0747 0x19fc  [ 8D0E52F36A153D099DE7D5A1E233FAC7, 8E908122262C54E166F2E4D0B5C91EEC94E1B231B221B0841CDD932DD8B1B782 ] mf              C:\windows\system32\DRIVERS\mf.sys
    19:45:31.0747 0x19fc  mf - ok
    19:45:31.0767 0x19fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
    19:45:31.0777 0x19fc  MMCSS - ok
    19:45:31.0787 0x19fc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
    19:45:31.0787 0x19fc  Modem - ok
    19:45:31.0817 0x19fc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
    19:45:31.0827 0x19fc  monitor - ok
    19:45:31.0887 0x19fc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
    19:45:31.0887 0x19fc  mouclass - ok
    19:45:31.0927 0x19fc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
    19:45:31.0927 0x19fc  mouhid - ok
    19:45:31.0967 0x19fc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
    19:45:31.0977 0x19fc  mountmgr - ok
    19:45:32.0037 0x19fc  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    19:45:32.0047 0x19fc  MozillaMaintenance - ok
    19:45:32.0077 0x19fc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
    19:45:32.0087 0x19fc  mpio - ok
    19:45:32.0107 0x19fc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
    19:45:32.0107 0x19fc  mpsdrv - ok
    19:45:32.0157 0x19fc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
    19:45:32.0177 0x19fc  MpsSvc - ok
    19:45:32.0217 0x19fc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
    19:45:32.0227 0x19fc  MRxDAV - ok
    19:45:32.0267 0x19fc  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
    19:45:32.0277 0x19fc  mrxsmb - ok
    19:45:32.0287 0x19fc  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
    19:45:32.0297 0x19fc  mrxsmb10 - ok
    19:45:32.0317 0x19fc  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
    19:45:32.0317 0x19fc  mrxsmb20 - ok
    19:45:32.0347 0x19fc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
    19:45:32.0357 0x19fc  msahci - ok
    19:45:32.0377 0x19fc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
    19:45:32.0377 0x19fc  msdsm - ok
    19:45:32.0387 0x19fc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
    19:45:32.0397 0x19fc  MSDTC - ok
    19:45:32.0407 0x19fc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
    19:45:32.0407 0x19fc  Msfs - ok
    19:45:32.0417 0x19fc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
    19:45:32.0417 0x19fc  mshidkmdf - ok
    19:45:32.0437 0x19fc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
    19:45:32.0437 0x19fc  msisadrv - ok
    19:45:32.0457 0x19fc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
    19:45:32.0467 0x19fc  MSiSCSI - ok
    19:45:32.0467 0x19fc  msiserver - ok
    19:45:32.0487 0x19fc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
    19:45:32.0487 0x19fc  MSKSSRV - ok
    19:45:32.0487 0x19fc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
    19:45:32.0497 0x19fc  MSPCLOCK - ok
    19:45:32.0497 0x19fc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
    19:45:32.0497 0x19fc  MSPQM - ok
    19:45:32.0517 0x19fc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
    19:45:32.0527 0x19fc  MsRPC - ok
    19:45:32.0547 0x19fc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
    19:45:32.0557 0x19fc  mssmbios - ok
    19:45:32.0557 0x19fc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
    19:45:32.0567 0x19fc  MSTEE - ok
    19:45:32.0577 0x19fc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
    19:45:32.0577 0x19fc  MTConfig - ok
    19:45:32.0597 0x19fc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
    19:45:32.0597 0x19fc  Mup - ok
    19:45:32.0627 0x19fc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
    19:45:32.0647 0x19fc  napagent - ok
    19:45:32.0677 0x19fc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
    19:45:32.0677 0x19fc  NativeWifiP - ok
    19:45:32.0717 0x19fc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
    19:45:32.0727 0x19fc  NDIS - ok
    19:45:32.0737 0x19fc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
    19:45:32.0737 0x19fc  NdisCap - ok
    19:45:32.0767 0x19fc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
    19:45:32.0767 0x19fc  NdisTapi - ok
    19:45:32.0787 0x19fc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
    19:45:32.0797 0x19fc  Ndisuio - ok
    19:45:32.0807 0x19fc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
    19:45:32.0817 0x19fc  NdisWan - ok
    19:45:32.0837 0x19fc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
    19:45:32.0837 0x19fc  NDProxy - ok
    19:45:32.0847 0x19fc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
    19:45:32.0847 0x19fc  NetBIOS - ok
    19:45:32.0857 0x19fc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
    19:45:32.0867 0x19fc  NetBT - ok
    19:45:32.0877 0x19fc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\windows\system32\lsass.exe
    19:45:32.0887 0x19fc  Netlogon - ok
    19:45:32.0927 0x19fc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
    19:45:32.0937 0x19fc  Netman - ok
    19:45:32.0997 0x19fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:45:32.0997 0x19fc  NetMsmqActivator - ok
    19:45:33.0007 0x19fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.303


    #10 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 05 August 2015 - 07:48 PM

    Sorry nasdaq but it looks like something went wrong when I hit the Post button.  I'll try to resend it again.

     

    Found the TDSSKiller file and is attached. 

     

    Ran the aswMBR program and found file.  I zipped it but can not figure out how to attach it.  It looks like the MBR.dat file is only 512 K.  Since it is so short I'll attach it at the end hoping that is what you’re looking for.  If not, please guide me through attaching the Zip Folder to the next reply.

    p.s. I did notice that my wife’s User Account does not look as if it were scanned.  Is that right or did I do something wrong again?

     

     

    aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
    Run date: 2015-08-05 20:00:34
    -----------------------------
    20:00:34.665    OS Version: Windows x64 6.1.7601 Service Pack 1
    20:00:34.665    Number of processors: 4 586 0x2A07
    20:00:34.665    ComputerName: BS-HP  UserName: BS
    20:00:36.927    Initialize success
    20:00:36.958    VM: initialized successfully
    20:00:36.974    VM: Intel CPU BiosDisabled
    20:00:40.546    AVAST engine defs: 15080502
    20:00:46.147    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    20:00:46.147    Disk 0 Vendor: Hitachi_HDS721010CLA630 JP4OA41A Size: 953869MB BusType: 11
    20:00:46.272    Disk 0 MBR read successfully
    20:00:46.272    Disk 0 MBR scan
    20:00:46.272    Disk 0 unknown MBR code
    20:00:46.272    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
    20:00:46.381    Disk 0 scanning C:\windows\system32\drivers
    20:00:56.068    Service scanning
    20:01:14.445    Modules scanning
    20:01:14.445    Disk 0 trace - called modules:
    20:01:14.492    ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
    20:01:14.492    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800782b060]
    20:01:14.820    3 CLASSPNP.SYS[fffff8800186343f] -> nt!IofCallDriver -> [0xfffffa800766fa20]
    20:01:14.820    5 Sahdad64.sys[fffff880015e4e25] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071e7680]
    20:01:16.723    AVAST engine scan C:\windows
    20:01:19.578    AVAST engine scan C:\windows\system32
    20:03:32.895    AVAST engine scan C:\windows\system32\drivers
    20:03:48.464    AVAST engine scan C:\Users\BS
    20:07:24.353    AVAST engine scan C:\ProgramData
    20:11:47.229    Disk 0 statistics 4147371/0/0 @ 3.71 MB/s
    20:11:47.245    Scan finished successfully
    20:12:32.173    Disk 0 MBR has been saved successfully to "C:\Users\BS\Desktop\MBR.dat"
    20:12:32.173    The log file has been saved successfully to "C:\Users\BS\Desktop\aswMBR.txt"

     

     

    TDSSKiller file

     

    19:44:53.0957 0x1098  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
    19:44:53.0957 0x1098  UEFI system
    19:45:13.0737 0x1098  ============================================================
    19:45:13.0737 0x1098  Current date / time: 2015/08/05 19:45:13.0737
    19:45:13.0737 0x1098  SystemInfo:
    19:45:13.0737 0x1098  
    19:45:13.0737 0x1098  OS Version: 6.1.7601 ServicePack: 1.0
    19:45:13.0737 0x1098  Product type: Workstation
    19:45:13.0737 0x1098  ComputerName: BS-HP
    19:45:13.0737 0x1098  UserName: BS
    19:45:13.0737 0x1098  Windows directory: C:\windows
    19:45:13.0737 0x1098  System windows directory: C:\windows
    19:45:13.0737 0x1098  Running under WOW64
    19:45:13.0737 0x1098  Processor architecture: Intel x64
    19:45:13.0737 0x1098  Number of processors: 4
    19:45:13.0737 0x1098  Page size: 0x1000
    19:45:13.0737 0x1098  Boot type: Normal boot
    19:45:13.0737 0x1098  ============================================================
    19:45:15.0317 0x1098  KLMD registered as C:\windows\system32\drivers\56351736.sys
    19:45:15.0637 0x1098  System UUID: {946539E2-4649-18A9-495A-881DCA4178F1}
    19:45:16.0147 0x1098  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:45:16.0187 0x1098  ============================================================
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0:
    19:45:16.0187 0x1098  GPT partitions:
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A446FB6B-67B4-4904-A8CB-DD3C00635126}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7328E916-5A0A-4E05-9151-CB49118F4613}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {56D10D2A-C6B6-4127-9E29-759F687FD572}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x72505000
    19:45:16.0187 0x1098  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {049DDEC8-2ECE-4652-862F-A464331654CC}, Name: Basic data partition, StartLBA 0x72577800, BlocksNum 0x218F000
    19:45:16.0187 0x1098  MBR partitions:
    19:45:16.0187 0x1098  ============================================================
    19:45:16.0217 0x1098  C: <-> \Device\Harddisk0\DR0\Partition3
    19:45:16.0257 0x1098  D: <-> \Device\Harddisk0\DR0\Partition4
    19:45:16.0257 0x1098  ============================================================
    19:45:16.0257 0x1098  Initialize success
    19:45:16.0257 0x1098  ============================================================
    19:45:19.0477 0x19fc  ============================================================
    19:45:19.0477 0x19fc  Scan started
    19:45:19.0477 0x19fc  Mode: Manual;
    19:45:19.0477 0x19fc  ============================================================
    19:45:19.0477 0x19fc  KSN ping started
    19:45:22.0657 0x19fc  KSN ping finished: true
    19:45:23.0747 0x19fc  ================ Scan system memory ========================
    19:45:23.0747 0x19fc  System memory - ok
    19:45:23.0747 0x19fc  ================ Scan services =============================
    19:45:23.0897 0x19fc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
    19:45:23.0907 0x19fc  1394ohci - ok
    19:45:23.0957 0x19fc  [ 5677F1633EA1FA5DB3482080A506EA24, 0EC3E2B1C288702360C34433819D014522CEE01BA482A4E4546C8D056C151565 ] AceecaUSBDx64   C:\windows\system32\DRIVERS\AceecaUSBDx64.sys
    19:45:23.0967 0x19fc  AceecaUSBDx64 - ok
    19:45:23.0987 0x19fc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
    19:45:23.0997 0x19fc  ACPI - ok
    19:45:24.0017 0x19fc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
    19:45:24.0017 0x19fc  AcpiPmi - ok
    19:45:24.0107 0x19fc  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    19:45:24.0107 0x19fc  AdobeARMservice - ok
    19:45:24.0247 0x19fc  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:45:24.0247 0x19fc  AdobeFlashPlayerUpdateSvc - ok
    19:45:24.0307 0x19fc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
    19:45:24.0327 0x19fc  adp94xx - ok
    19:45:24.0357 0x19fc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
    19:45:24.0367 0x19fc  adpahci - ok
    19:45:24.0377 0x19fc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
    19:45:24.0387 0x19fc  adpu320 - ok
    19:45:24.0427 0x19fc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
    19:45:24.0427 0x19fc  AeLookupSvc - ok
    19:45:24.0487 0x19fc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
    19:45:24.0507 0x19fc  AFD - ok
    19:45:24.0517 0x19fc  AFS - ok
    19:45:24.0537 0x19fc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
    19:45:24.0537 0x19fc  agp440 - ok
    19:45:24.0567 0x19fc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
    19:45:24.0567 0x19fc  ALG - ok
    19:45:24.0627 0x19fc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
    19:45:24.0627 0x19fc  aliide - ok
    19:45:24.0667 0x19fc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
    19:45:24.0667 0x19fc  amdide - ok
    19:45:24.0687 0x19fc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
    19:45:24.0687 0x19fc  AmdK8 - ok
    19:45:24.0707 0x19fc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
    19:45:24.0717 0x19fc  AmdPPM - ok
    19:45:24.0727 0x19fc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
    19:45:24.0737 0x19fc  amdsata - ok
    19:45:24.0757 0x19fc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
    19:45:24.0767 0x19fc  amdsbs - ok
    19:45:24.0787 0x19fc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
    19:45:24.0787 0x19fc  amdxata - ok
    19:45:24.0847 0x19fc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
    19:45:24.0857 0x19fc  AppID - ok
    19:45:24.0867 0x19fc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
    19:45:24.0867 0x19fc  AppIDSvc - ok
    19:45:24.0927 0x19fc  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\windows\System32\appinfo.dll
    19:45:24.0937 0x19fc  Appinfo - ok
    19:45:24.0957 0x19fc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
    19:45:24.0967 0x19fc  arc - ok
    19:45:24.0987 0x19fc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
    19:45:24.0987 0x19fc  arcsas - ok
    19:45:25.0067 0x19fc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    19:45:25.0067 0x19fc  aspnet_state - ok
    19:45:25.0137 0x19fc  [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
    19:45:25.0147 0x19fc  aswHwid - ok
    19:45:25.0187 0x19fc  [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
    19:45:25.0187 0x19fc  aswMonFlt - ok
    19:45:25.0257 0x19fc  [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
    19:45:25.0257 0x19fc  aswRdr - ok
    19:45:25.0297 0x19fc  [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
    19:45:25.0297 0x19fc  aswRvrt - ok
    19:45:25.0347 0x19fc  [ 5B6A864A2CE292992040CEBAFC8F746A, 3AC0D60B3530AA55266C6547686E4488FE3C5CDD19223ECAF6E5C5A4109EF0C1 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
    19:45:25.0367 0x19fc  aswSnx - ok
    19:45:25.0427 0x19fc  [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP           C:\windows\system32\drivers\aswSP.sys
    19:45:25.0437 0x19fc  aswSP - ok
    19:45:25.0457 0x19fc  [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm          C:\windows\system32\drivers\aswStm.sys
    19:45:25.0457 0x19fc  aswStm - ok
    19:45:25.0467 0x19fc  [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
    19:45:25.0477 0x19fc  aswVmm - ok
    19:45:25.0507 0x19fc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
    19:45:25.0507 0x19fc  AsyncMac - ok
    19:45:25.0547 0x19fc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
    19:45:25.0547 0x19fc  atapi - ok
    19:45:25.0607 0x19fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    19:45:25.0627 0x19fc  AudioEndpointBuilder - ok
    19:45:25.0637 0x19fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
    19:45:25.0647 0x19fc  AudioSrv - ok
    19:45:25.0767 0x19fc  [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    19:45:25.0767 0x19fc  avast! Antivirus - ok
    19:45:25.0807 0x19fc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
    19:45:25.0807 0x19fc  AxInstSV - ok
    19:45:25.0847 0x19fc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
    19:45:25.0857 0x19fc  b06bdrv - ok
    19:45:25.0897 0x19fc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
    19:45:25.0907 0x19fc  b57nd60a - ok
    19:45:25.0927 0x19fc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
    19:45:25.0927 0x19fc  BDESVC - ok
    19:45:25.0947 0x19fc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
    19:45:25.0947 0x19fc  Beep - ok
    19:45:25.0997 0x19fc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
    19:45:26.0017 0x19fc  BFE - ok
    19:45:26.0067 0x19fc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
    19:45:26.0087 0x19fc  BITS - ok
    19:45:26.0117 0x19fc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
    19:45:26.0117 0x19fc  blbdrive - ok
    19:45:26.0177 0x19fc  [ C752A6902163B5E9C3554BA69A275F41, 29D729B52700DCCA4E57FE38A5B92103CE79C8C59B6E7162CCB8E7C19BAE1942 ] BOT4Service     C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
    19:45:26.0177 0x19fc  BOT4Service - ok
    19:45:26.0197 0x19fc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
    19:45:26.0197 0x19fc  bowser - ok
    19:45:26.0217 0x19fc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
    19:45:26.0217 0x19fc  BrFiltLo - ok
    19:45:26.0237 0x19fc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
    19:45:26.0237 0x19fc  BrFiltUp - ok
    19:45:26.0287 0x19fc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
    19:45:26.0297 0x19fc  BridgeMP - ok
    19:45:26.0317 0x19fc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
    19:45:26.0327 0x19fc  Browser - ok
    19:45:26.0357 0x19fc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
    19:45:26.0367 0x19fc  Brserid - ok
    19:45:26.0387 0x19fc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
    19:45:26.0387 0x19fc  BrSerWdm - ok
    19:45:26.0397 0x19fc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
    19:45:26.0397 0x19fc  BrUsbMdm - ok
    19:45:26.0417 0x19fc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
    19:45:26.0417 0x19fc  BrUsbSer - ok
    19:45:26.0437 0x19fc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
    19:45:26.0437 0x19fc  BTHMODEM - ok
    19:45:26.0467 0x19fc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
    19:45:26.0477 0x19fc  bthserv - ok
    19:45:26.0537 0x19fc  [ A3AD13CA2747953DDD4C9AE4FB925BEC, 860FA3A04DE9DA0B19C625681E594713844F3401FEFD7C26A28C6C94BA6920C7 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    19:45:26.0537 0x19fc  CalendarSynchService - ok
    19:45:26.0557 0x19fc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
    19:45:26.0557 0x19fc  cdfs - ok
    19:45:26.0577 0x19fc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
    19:45:26.0587 0x19fc  cdrom - ok
    19:45:26.0607 0x19fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
    19:45:26.0617 0x19fc  CertPropSvc - ok
    19:45:26.0637 0x19fc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
    19:45:26.0637 0x19fc  circlass - ok
    19:45:26.0687 0x19fc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
    19:45:26.0707 0x19fc  CLFS - ok
    19:45:26.0757 0x19fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:45:26.0757 0x19fc  clr_optimization_v2.0.50727_32 - ok
    19:45:26.0797 0x19fc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:45:26.0797 0x19fc  clr_optimization_v2.0.50727_64 - ok
    19:45:26.0887 0x19fc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:45:26.0897 0x19fc  clr_optimization_v4.0.30319_32 - ok
    19:45:26.0907 0x19fc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:45:26.0907 0x19fc  clr_optimization_v4.0.30319_64 - ok
    19:45:26.0927 0x19fc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
    19:45:26.0927 0x19fc  CmBatt - ok
    19:45:26.0957 0x19fc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
    19:45:26.0957 0x19fc  cmdide - ok
    19:45:27.0007 0x19fc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
    19:45:27.0027 0x19fc  CNG - ok
    19:45:27.0047 0x19fc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
    19:45:27.0057 0x19fc  Compbatt - ok
    19:45:27.0097 0x19fc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
    19:45:27.0097 0x19fc  CompositeBus - ok
    19:45:27.0107 0x19fc  COMSysApp - ok
    19:45:27.0117 0x19fc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
    19:45:27.0127 0x19fc  crcdisk - ok
    19:45:27.0167 0x19fc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
    19:45:27.0177 0x19fc  CryptSvc - ok
    19:45:27.0207 0x19fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
    19:45:27.0227 0x19fc  DcomLaunch - ok
    19:45:27.0247 0x19fc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
    19:45:27.0257 0x19fc  defragsvc - ok
    19:45:27.0277 0x19fc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
    19:45:27.0277 0x19fc  DfsC - ok
    19:45:27.0307 0x19fc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
    19:45:27.0307 0x19fc  Dhcp - ok
    19:45:27.0407 0x19fc  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\windows\system32\diagtrack.dll
    19:45:27.0437 0x19fc  DiagTrack - ok
    19:45:27.0457 0x19fc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
    19:45:27.0457 0x19fc  discache - ok
    19:45:27.0487 0x19fc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
    19:45:27.0487 0x19fc  Disk - ok
    19:45:27.0507 0x19fc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
    19:45:27.0517 0x19fc  Dnscache - ok
    19:45:27.0537 0x19fc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
    19:45:27.0537 0x19fc  dot3svc - ok
    19:45:27.0557 0x19fc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
    19:45:27.0557 0x19fc  DPS - ok
    19:45:27.0587 0x19fc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
    19:45:27.0587 0x19fc  drmkaud - ok
    19:45:27.0657 0x19fc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
    19:45:27.0677 0x19fc  DXGKrnl - ok
    19:45:27.0697 0x19fc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
    19:45:27.0697 0x19fc  EapHost - ok
    19:45:27.0807 0x19fc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
    19:45:27.0867 0x19fc  ebdrv - ok
    19:45:27.0917 0x19fc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\windows\System32\lsass.exe
    19:45:27.0917 0x19fc  EFS - ok
    19:45:27.0977 0x19fc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
    19:45:27.0997 0x19fc  ehRecvr - ok
    19:45:28.0007 0x19fc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
    19:45:28.0017 0x19fc  ehSched - ok
    19:45:28.0047 0x19fc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
    19:45:28.0057 0x19fc  elxstor - ok
    19:45:28.0067 0x19fc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
    19:45:28.0067 0x19fc  ErrDev - ok
    19:45:28.0107 0x19fc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
    19:45:28.0117 0x19fc  EventSystem - ok
    19:45:28.0137 0x19fc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
    19:45:28.0147 0x19fc  exfat - ok
    19:45:28.0157 0x19fc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
    19:45:28.0157 0x19fc  fastfat - ok
    19:45:28.0197 0x19fc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
    19:45:28.0217 0x19fc  Fax - ok
    19:45:28.0227 0x19fc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
    19:45:28.0227 0x19fc  fdc - ok
    19:45:28.0247 0x19fc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
    19:45:28.0247 0x19fc  fdPHost - ok
    19:45:28.0257 0x19fc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
    19:45:28.0257 0x19fc  FDResPub - ok
    19:45:28.0267 0x19fc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
    19:45:28.0267 0x19fc  FileInfo - ok
    19:45:28.0277 0x19fc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
    19:45:28.0277 0x19fc  Filetrace - ok
    19:45:28.0307 0x19fc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
    19:45:28.0307 0x19fc  flpydisk - ok
    19:45:28.0327 0x19fc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
    19:45:28.0337 0x19fc  FltMgr - ok
    19:45:28.0417 0x19fc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\windows\system32\FntCache.dll
    19:45:28.0447 0x19fc  FontCache - ok
    19:45:28.0477 0x19fc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:45:28.0487 0x19fc  FontCache3.0.0.0 - ok
    19:45:28.0497 0x19fc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
    19:45:28.0497 0x19fc  FsDepends - ok
    19:45:28.0527 0x19fc  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
    19:45:28.0527 0x19fc  fssfltr - ok
    19:45:28.0637 0x19fc  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    19:45:28.0677 0x19fc  fsssvc - ok
    19:45:28.0707 0x19fc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
    19:45:28.0707 0x19fc  Fs_Rec - ok
    19:45:28.0757 0x19fc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
    19:45:28.0757 0x19fc  fvevol - ok
    19:45:28.0797 0x19fc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
    19:45:28.0807 0x19fc  gagp30kx - ok
    19:45:28.0867 0x19fc  [ 8503C5808817070ACBF4CAF9AC498AAB, 2232372BEBE523878571A3881B0A5B8FAE68BEAA407ED198E147259DF8BC33C9 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    19:45:28.0877 0x19fc  GamesAppIntegrationService - ok
    19:45:28.0917 0x19fc  [ E304C7C0D7AA1A871B4145385AD6F8FB, 40462C37600E0412EC69D8438B6B5C2496C0B3709A46C2960B8D719297AB2DAA ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    19:45:28.0927 0x19fc  GamesAppService - ok
    19:45:28.0997 0x19fc  [ 12CD74D8F037AE10E03C2415EFF59EF5, EDE7187DC57010119A46730B63EAF1548E3BDC170D375568880478AB36340726 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    19:45:29.0017 0x19fc  Garmin Core Update Service - ok
    19:45:29.0067 0x19fc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
    19:45:29.0087 0x19fc  gpsvc - ok
    19:45:29.0167 0x19fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:45:29.0167 0x19fc  gupdate - ok
    19:45:29.0187 0x19fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:45:29.0187 0x19fc  gupdatem - ok
    19:45:29.0227 0x19fc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    19:45:29.0227 0x19fc  gusvc - ok
    19:45:29.0247 0x19fc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
    19:45:29.0257 0x19fc  hcw85cir - ok
    19:45:29.0277 0x19fc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    19:45:29.0297 0x19fc  HdAudAddService - ok
    19:45:29.0337 0x19fc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
    19:45:29.0337 0x19fc  HDAudBus - ok
    19:45:29.0357 0x19fc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
    19:45:29.0357 0x19fc  HidBatt - ok
    19:45:29.0377 0x19fc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
    19:45:29.0387 0x19fc  HidBth - ok
    19:45:29.0397 0x19fc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
    19:45:29.0407 0x19fc  HidIr - ok
    19:45:29.0427 0x19fc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
    19:45:29.0427 0x19fc  hidserv - ok
    19:45:29.0467 0x19fc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
    19:45:29.0467 0x19fc  HidUsb - ok
    19:45:29.0487 0x19fc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
    19:45:29.0497 0x19fc  hkmsvc - ok
    19:45:29.0517 0x19fc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
    19:45:29.0527 0x19fc  HomeGroupListener - ok
    19:45:29.0547 0x19fc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    19:45:29.0547 0x19fc  HomeGroupProvider - ok
    19:45:29.0597 0x19fc  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    19:45:29.0597 0x19fc  HP Support Assistant Service - ok
    19:45:29.0647 0x19fc  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    19:45:29.0667 0x19fc  HPAuto - ok
    19:45:29.0767 0x19fc  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    19:45:29.0787 0x19fc  hpqwmiex - ok
    19:45:29.0807 0x19fc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
    19:45:29.0807 0x19fc  HpSAMD - ok
    19:45:29.0877 0x19fc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
    19:45:29.0897 0x19fc  HTTP - ok
    19:45:29.0907 0x19fc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
    19:45:29.0907 0x19fc  hwpolicy - ok
    19:45:29.0937 0x19fc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
    19:45:29.0937 0x19fc  i8042prt - ok
    19:45:29.0957 0x19fc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
    19:45:29.0967 0x19fc  iaStorV - ok
    19:45:30.0037 0x19fc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:45:30.0057 0x19fc  idsvc - ok
    19:45:30.0097 0x19fc  IEEtwCollectorService - ok
    19:45:30.0257 0x19fc  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
    19:45:30.0377 0x19fc  igfx - ok
    19:45:30.0407 0x19fc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
    19:45:30.0407 0x19fc  iirsp - ok
    19:45:30.0477 0x19fc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
    19:45:30.0497 0x19fc  IKEEXT - ok
    19:45:30.0537 0x19fc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
    19:45:30.0537 0x19fc  intelide - ok
    19:45:30.0557 0x19fc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
    19:45:30.0567 0x19fc  intelppm - ok
    19:45:30.0597 0x19fc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
    19:45:30.0607 0x19fc  IPBusEnum - ok
    19:45:30.0617 0x19fc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
    19:45:30.0627 0x19fc  IpFilterDriver - ok
    19:45:30.0667 0x19fc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
    19:45:30.0687 0x19fc  iphlpsvc - ok
    19:45:30.0697 0x19fc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
    19:45:30.0697 0x19fc  IPMIDRV - ok
    19:45:30.0707 0x19fc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
    19:45:30.0717 0x19fc  IPNAT - ok
    19:45:30.0727 0x19fc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
    19:45:30.0727 0x19fc  IRENUM - ok
    19:45:30.0737 0x19fc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
    19:45:30.0737 0x19fc  isapnp - ok
    19:45:30.0787 0x19fc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
    19:45:30.0797 0x19fc  iScsiPrt - ok
    19:45:30.0827 0x19fc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
    19:45:30.0837 0x19fc  kbdclass - ok
    19:45:30.0847 0x19fc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
    19:45:30.0847 0x19fc  kbdhid - ok
    19:45:30.0867 0x19fc  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\windows\system32\lsass.exe
    19:45:30.0867 0x19fc  KeyIso - ok
    19:45:30.0907 0x19fc  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
    19:45:30.0917 0x19fc  KSecDD - ok
    19:45:30.0927 0x19fc  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
    19:45:30.0937 0x19fc  KSecPkg - ok
    19:45:30.0947 0x19fc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
    19:45:30.0947 0x19fc  ksthunk - ok
    19:45:30.0987 0x19fc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
    19:45:30.0997 0x19fc  KtmRm - ok
    19:45:31.0027 0x19fc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
    19:45:31.0037 0x19fc  LanmanServer - ok
    19:45:31.0057 0x19fc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    19:45:31.0067 0x19fc  LanmanWorkstation - ok
    19:45:31.0097 0x19fc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
    19:45:31.0097 0x19fc  lltdio - ok
    19:45:31.0117 0x19fc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
    19:45:31.0127 0x19fc  lltdsvc - ok
    19:45:31.0147 0x19fc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
    19:45:31.0147 0x19fc  lmhosts - ok
    19:45:31.0177 0x19fc  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    19:45:31.0187 0x19fc  LMS - ok
    19:45:31.0217 0x19fc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
    19:45:31.0227 0x19fc  LSI_FC - ok
    19:45:31.0237 0x19fc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
    19:45:31.0247 0x19fc  LSI_SAS - ok
    19:45:31.0257 0x19fc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
    19:45:31.0257 0x19fc  LSI_SAS2 - ok
    19:45:31.0287 0x19fc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
    19:45:31.0287 0x19fc  LSI_SCSI - ok
    19:45:31.0337 0x19fc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
    19:45:31.0347 0x19fc  luafv - ok
    19:45:31.0407 0x19fc  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
    19:45:31.0407 0x19fc  MBAMProtector - ok
    19:45:31.0507 0x19fc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    19:45:31.0527 0x19fc  MBAMService - ok
    19:45:31.0557 0x19fc  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
    19:45:31.0567 0x19fc  MBAMWebAccessControl - ok
    19:45:31.0587 0x19fc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
    19:45:31.0597 0x19fc  Mcx2Svc - ok
    19:45:31.0617 0x19fc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
    19:45:31.0627 0x19fc  megasas - ok
    19:45:31.0677 0x19fc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
    19:45:31.0687 0x19fc  MegaSR - ok
    19:45:31.0707 0x19fc  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\windows\system32\drivers\HECIx64.sys
    19:45:31.0707 0x19fc  MEIx64 - ok
    19:45:31.0747 0x19fc  [ 8D0E52F36A153D099DE7D5A1E233FAC7, 8E908122262C54E166F2E4D0B5C91EEC94E1B231B221B0841CDD932DD8B1B782 ] mf              C:\windows\system32\DRIVERS\mf.sys
    19:45:31.0747 0x19fc  mf - ok
    19:45:31.0767 0x19fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
    19:45:31.0777 0x19fc  MMCSS - ok
    19:45:31.0787 0x19fc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
    19:45:31.0787 0x19fc  Modem - ok
    19:45:31.0817 0x19fc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
    19:45:31.0827 0x19fc  monitor - ok
    19:45:31.0887 0x19fc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
    19:45:31.0887 0x19fc  mouclass - ok
    19:45:31.0927 0x19fc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
    19:45:31.0927 0x19fc  mouhid - ok
    19:45:31.0967 0x19fc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
    19:45:31.0977 0x19fc  mountmgr - ok
    19:45:32.0037 0x19fc  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    19:45:32.0047 0x19fc  MozillaMaintenance - ok
    19:45:32.0077 0x19fc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
    19:45:32.0087 0x19fc  mpio - ok
    19:45:32.0107 0x19fc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
    19:45:32.0107 0x19fc  mpsdrv - ok
    19:45:32.0157 0x19fc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
    19:45:32.0177 0x19fc  MpsSvc - ok
    19:45:32.0217 0x19fc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
    19:45:32.0227 0x19fc  MRxDAV - ok
    19:45:32.0267 0x19fc  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
    19:45:32.0277 0x19fc  mrxsmb - ok
    19:45:32.0287 0x19fc  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
    19:45:32.0297 0x19fc  mrxsmb10 - ok
    19:45:32.0317 0x19fc  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
    19:45:32.0317 0x19fc  mrxsmb20 - ok
    19:45:32.0347 0x19fc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
    19:45:32.0357 0x19fc  msahci - ok
    19:45:32.0377 0x19fc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
    19:45:32.0377 0x19fc  msdsm - ok
    19:45:32.0387 0x19fc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
    19:45:32.0397 0x19fc  MSDTC - ok
    19:45:32.0407 0x19fc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
    19:45:32.0407 0x19fc  Msfs - ok
    19:45:32.0417 0x19fc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
    19:45:32.0417 0x19fc  mshidkmdf - ok
    19:45:32.0437 0x19fc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
    19:45:32.0437 0x19fc  msisadrv - ok
    19:45:32.0457 0x19fc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
    19:45:32.0467 0x19fc  MSiSCSI - ok
    19:45:32.0467 0x19fc  msiserver - ok
    19:45:32.0487 0x19fc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
    19:45:32.0487 0x19fc  MSKSSRV - ok
    19:45:32.0487 0x19fc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
    19:45:32.0497 0x19fc  MSPCLOCK - ok
    19:45:32.0497 0x19fc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
    19:45:32.0497 0x19fc  MSPQM - ok
    19:45:32.0517 0x19fc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
    19:45:32.0527 0x19fc  MsRPC - ok
    19:45:32.0547 0x19fc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
    19:45:32.0557 0x19fc  mssmbios - ok
    19:45:32.0557 0x19fc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
    19:45:32.0567 0x19fc  MSTEE - ok
    19:45:32.0577 0x19fc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
    19:45:32.0577 0x19fc  MTConfig - ok
    19:45:32.0597 0x19fc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
    19:45:32.0597 0x19fc  Mup - ok
    19:45:32.0627 0x19fc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
    19:45:32.0647 0x19fc  napagent - ok
    19:45:32.0677 0x19fc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
    19:45:32.0677 0x19fc  NativeWifiP - ok
    19:45:32.0717 0x19fc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
    19:45:32.0727 0x19fc  NDIS - ok
    19:45:32.0737 0x19fc  [ 9F9A1F53AAD7DA4D6FEF5BB


    #11 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 06 August 2015 - 06:46 AM

    I did notice that my wife’s User Account does not look as if it were scanned.  Is that right or did I do something wrong again?
    It's normall we were checking the Master Boot record not the user accounts.
     
     I do not need to see the MBR.dat file. It's created just in case something is wrong and we need to restore the MBR.
     
    The logs are clean.
    ===
     
    Please Download and run the ComboFix tool.
     
    How to use ComboFix
     
    Follow the instructions on the page.
     
    Post the content of the C:\ComboFix.txt file for my review.
     
    p.s.
    When all is well you can remove the tool by following the Uninstall instructions on the same page.
     
    ====

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #12 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 06 August 2015 - 03:14 PM

    Hi nasdaq,

     

    My apologies for not including the error messages in my previous post.  Here is what they look like.

     

    The first error message I get is as follows;

    In the message box at the top it says:

     

    SDCleaner.exe – Entry Point Not Found

     

    This is followed in the text portion of the box by:

     

    @Snlffeventlogwindows@EventLogMessage$qqrxuixuipcp20System@UnicodeStringxi” could not be located in the dynamic link library snlfile formats 150.bpl”.

     

    This is followed shortly by;

    In the message box at the top it says:

     

    Error

     

    This is followed in the text portion of the box by:

     

    Runtime error 216 @ 5003A116

     

    This runtime error also appears whenever another program is opened.

     

    Now for todays request.  Everything seemed to run OK.  Here is the ComboFix.txt.  Please let me know if its OK and when I should uninstall the ComboFix program.

     

    Tks

    Bob

     

    ComboFix 15-08-06.01 - BS 08/06/2015  15:42:05.3.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8148.6384 [GMT -4:00]
    Running from: c:\users\BS\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\msdownld.tmp
    .
    .
    (((((((((((((((((((((((((   Files Created from 2015-07-06 to 2015-08-06  )))))))))))))))))))))))))))))))
    .
    .
    2015-08-06 19:46 . 2015-08-06 19:46    --------    d-----w-    c:\users\TEMP\AppData\Local\temp
    2015-08-05 21:13 . 2015-08-06 12:06    --------    d-----w-    c:\users\Carole\AppData\Local\CrashDumps
    2015-08-05 15:49 . 2015-08-06 19:01    --------    d-----w-    c:\users\BS\AppData\Local\CrashDumps
    2015-08-05 15:43 . 2015-08-06 19:46    --------    d-----w-    c:\users\BS\AppData\Local\Temp
    2015-08-05 15:43 . 2015-08-05 15:25    24064    ----a-w-    c:\windows\zoek-delete.exe
    2015-08-05 15:25 . 2015-08-05 15:40    --------    d-----w-    C:\zoek_backup
    2015-08-04 16:19 . 2015-08-04 20:58    --------    d-----w-    C:\FRST
    2015-08-04 13:04 . 2015-07-15 01:12    12222168    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{5AA9F5A4-63D5-4D5B-85E5-3EF21E169472}\mpengine.dll
    2015-07-31 18:15 . 2015-07-25 18:04    726528    ----a-w-    c:\windows\system32\generaltel.dll
    2015-07-31 18:15 . 2015-07-25 18:04    765440    ----a-w-    c:\windows\system32\invagent.dll
    2015-07-31 18:15 . 2015-07-25 18:03    433664    ----a-w-    c:\windows\system32\devinv.dll
    2015-07-31 18:15 . 2015-07-25 18:03    1085440    ----a-w-    c:\windows\system32\appraiser.dll
    2015-07-31 18:15 . 2015-07-25 18:03    67584    ----a-w-    c:\windows\system32\acmigration.dll
    2015-07-31 18:15 . 2015-07-25 18:03    227328    ----a-w-    c:\windows\system32\aepdu.dll
    2015-07-31 18:15 . 2015-07-25 17:55    1145856    ----a-w-    c:\windows\system32\aeinv.dll
    2015-07-31 17:31 . 2015-07-31 17:31    378880    ----a-w-    c:\windows\system32\aswBoot.exe
    2015-07-31 17:31 . 2015-07-31 17:31    43112    ----a-w-    c:\windows\avastSS.scr
    2015-07-31 16:30 . 2015-07-25 18:07    17856    ----a-w-    c:\windows\system32\CompatTelRunner.exe
    2015-07-30 13:39 . 2015-07-30 13:39    --------    d-----w-    c:\program files\Common Files\AV
    2015-07-23 12:27 . 2015-07-15 03:19    41984    ----a-w-    c:\windows\system32\lpk.dll
    2015-07-23 12:27 . 2015-07-15 03:19    100864    ----a-w-    c:\windows\system32\fontsub.dll
    2015-07-23 12:27 . 2015-07-15 03:19    14336    ----a-w-    c:\windows\system32\dciman32.dll
    2015-07-23 12:27 . 2015-07-15 03:19    46080    ----a-w-    c:\windows\system32\atmlib.dll
    2015-07-23 12:27 . 2015-07-15 02:55    70656    ----a-w-    c:\windows\SysWow64\fontsub.dll
    2015-07-23 12:27 . 2015-07-15 02:55    10240    ----a-w-    c:\windows\SysWow64\dciman32.dll
    2015-07-23 12:27 . 2015-07-15 02:55    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
    2015-07-23 12:27 . 2015-07-15 02:54    25600    ----a-w-    c:\windows\SysWow64\lpk.dll
    2015-07-23 12:27 . 2015-07-15 01:59    372224    ----a-w-    c:\windows\system32\atmfd.dll
    2015-07-23 12:27 . 2015-07-15 01:52    299008    ----a-w-    c:\windows\SysWow64\atmfd.dll
    2015-07-20 16:16 . 2015-07-20 16:16    --------    d-----w-    c:\users\Carole\AppData\Local\GWX
    2015-07-19 14:44 . 2015-07-19 14:44    --------    d-----w-    c:\program files (x86)\Common Files\Java
    2015-07-18 23:40 . 2015-04-11 03:19    69888    ----a-w-    c:\windows\system32\drivers\stream.sys
    2015-07-18 23:38 . 2015-05-09 18:26    493504    ----a-w-    c:\windows\system32\mcupdate_GenuineIntel.dll
    2015-07-18 18:44 . 2015-04-24 18:17    633856    ----a-w-    c:\windows\system32\comctl32.dll
    2015-07-18 18:43 . 2015-06-15 21:45    3242496    ----a-w-    c:\windows\system32\msi.dll
    2015-07-18 18:43 . 2015-06-15 21:45    1941504    ----a-w-    c:\windows\system32\authui.dll
    2015-07-18 18:43 . 2015-06-15 21:44    128000    ----a-w-    c:\windows\system32\msiexec.exe
    2015-07-18 18:43 . 2015-06-15 21:43    2364416    ----a-w-    c:\windows\SysWow64\msi.dll
    2015-07-18 18:43 . 2015-06-15 21:43    1805824    ----a-w-    c:\windows\SysWow64\authui.dll
    2015-07-18 18:43 . 2015-06-15 21:50    112064    ----a-w-    c:\windows\system32\consent.exe
    2015-07-18 18:43 . 2015-06-15 21:45    504320    ----a-w-    c:\windows\system32\msihnd.dll
    2015-07-18 18:43 . 2015-06-15 21:45    70656    ----a-w-    c:\windows\system32\appinfo.dll
    2015-07-18 18:43 . 2015-06-15 21:43    337408    ----a-w-    c:\windows\SysWow64\msihnd.dll
    2015-07-18 18:43 . 2015-06-15 21:42    73216    ----a-w-    c:\windows\SysWow64\msiexec.exe
    2015-07-18 18:43 . 2015-06-15 21:42    25088    ----a-w-    c:\windows\system32\msimsg.dll
    2015-07-18 18:43 . 2015-06-15 21:37    25088    ----a-w-    c:\windows\SysWow64\msimsg.dll
    2015-07-18 18:41 . 2015-07-03 18:05    41984    ----a-w-    c:\windows\system32\lpk(17).dll
    2015-07-18 18:41 . 2015-07-03 17:55    25600    ----a-w-    c:\windows\SysWow64\lpk(19).dll
    2015-07-18 14:38 . 2015-07-18 14:38    --------    d-----w-    c:\users\BS\AppData\Local\GWX
    2015-07-16 16:48 . 2015-07-16 16:48    18524336    ----a-w-    c:\windows\SysWow64\FlashPlayerInstaller.exe
    2015-07-16 14:59 . 2015-05-17 16:29    137288    ----a-w-    c:\windows\system32\drivers\asw3633.tmp
    2015-07-16 14:59 . 2015-07-04 13:22    442264    ----a-w-    c:\windows\system32\drivers\asw324B.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    272248    ----a-w-    c:\windows\system32\drivers\asw345E.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    89944    ----a-w-    c:\windows\system32\drivers\asw2E91.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    65736    ----a-w-    c:\windows\system32\drivers\asw3057.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    93528    ----a-w-    c:\windows\system32\drivers\asw2B45.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    29168    ----a-w-    c:\windows\system32\drivers\asw2C9D.tmp
    2015-07-16 14:59 . 2015-05-17 16:29    1047320    ----a-w-    c:\windows\system32\drivers\asw1370.tmp
    2015-07-16 11:25 . 2015-06-17 17:47    404992    ----a-w-    c:\windows\system32\gdi32(147).dll
    2015-07-16 11:25 . 2015-06-17 17:37    312320    ----a-w-    c:\windows\SysWow64\gdi32(186).dll
    2015-07-16 11:25 . 2015-07-02 19:55    1310720    ----a-w-    c:\windows\SysWow64\urlmon(196).dll
    2015-07-16 11:25 . 2015-07-02 18:59    1545728    ----a-w-    c:\windows\system32\urlmon(169).dll
    2015-07-16 11:25 . 2015-07-02 20:50    2279424    ----a-w-    c:\windows\SysWow64\iertutil(187).dll
    2015-07-16 11:25 . 2015-07-02 20:23    2885632    ----a-w-    c:\windows\system32\iertutil(148).dll
    2015-07-16 11:25 . 2015-06-20 17:58    743424    ----a-w-    c:\program files\Internet Explorer\ieproxy(135).dll
    2015-07-16 11:25 . 2015-06-19 17:15    1951232    ----a-w-    c:\windows\SysWow64\wininet(197).dll
    2015-07-16 11:25 . 2015-06-20 18:26    2427392    ----a-w-    c:\windows\system32\wininet(172).dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-08-04 02:07 . 2014-05-01 13:13    113880    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-07-31 17:31 . 2014-08-01 13:20    150672    ----a-w-    c:\windows\system32\drivers\aswStm.sys
    2015-07-31 17:31 . 2014-08-01 13:20    28656    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
    2015-07-31 17:31 . 2013-11-18 22:53    274808    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
    2015-07-31 17:31 . 2013-11-18 22:53    65224    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
    2015-07-31 17:31 . 2013-11-18 22:53    447944    ----a-w-    c:\windows\system32\drivers\aswSP.sys
    2015-07-31 17:31 . 2013-11-18 22:53    90968    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
    2015-07-31 17:31 . 2013-11-18 22:53    93528    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
    2015-07-31 17:31 . 2013-11-18 22:53    1048856    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
    2015-07-19 14:44 . 2014-08-08 17:16    97888    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2015-07-16 16:48 . 2012-06-20 05:03    778416    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2015-07-16 16:48 . 2012-06-20 05:03    142512    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-07-03 12:43 . 2012-06-28 15:54    130333168    ----a-w-    c:\windows\system32\MRT.exe
    2015-06-23 17:30 . 2010-11-21 03:27    300704    ------w-    c:\windows\system32\MpSigStub.exe
    2015-06-18 12:41 . 2014-05-01 13:12    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
    2015-06-18 12:41 . 2014-05-01 13:12    109272    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2015-06-18 12:41 . 2012-06-28 15:07    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2015-05-25 18:01 . 2015-07-18 23:41    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2015-05-23 03:10 . 2015-06-20 23:13    2278912    ----a-w-    c:\windows\SysWow64\iertutil(127).dll
    2015-05-23 02:20 . 2015-06-20 23:13    1950720    ----a-w-    c:\windows\SysWow64\wininet(135).dll
    2015-05-23 02:16 . 2015-06-20 23:13    1309696    ----a-w-    c:\windows\SysWow64\urlmon(134).dll
    2015-05-22 19:00 . 2015-06-20 23:13    2885632    ----a-w-    c:\windows\system32\iertutil(96).dll
    2015-05-22 17:50 . 2015-06-20 23:13    2426880    ----a-w-    c:\windows\system32\wininet(116).dll
    2015-05-22 17:38 . 2015-06-20 23:13    1545728    ----a-w-    c:\windows\system32\urlmon(113).dll
    2015-05-09 03:27 . 2015-07-04 13:30    362496    ----a-w-    c:\windows\system32\wow64win(179).dll
    2015-05-09 03:27 . 2015-07-04 13:30    243712    ----a-w-    c:\windows\system32\wow64(177).dll
    2015-05-09 03:27 . 2015-07-04 13:30    215040    ----a-w-    c:\windows\system32\winsrv(173).dll
    2015-05-09 03:27 . 2015-07-04 13:30    13312    ----a-w-    c:\windows\system32\wow64cpu(178).dll
    2015-05-09 03:27 . 2015-06-20 23:14    362496    ----a-w-    c:\windows\system32\wow64win(122).dll
    2015-05-09 03:27 . 2015-06-20 23:14    243712    ----a-w-    c:\windows\system32\wow64(120).dll
    2015-05-09 03:27 . 2015-06-20 23:14    215040    ----a-w-    c:\windows\system32\winsrv(117).dll
    2015-05-09 03:27 . 2015-06-20 23:14    13312    ----a-w-    c:\windows\system32\wow64cpu(121).dll
    2015-05-09 03:26 . 2015-07-04 13:30    424960    ----a-w-    c:\windows\system32\KernelBase(151).dll
    2015-05-09 03:26 . 2015-07-04 13:30    1162752    ----a-w-    c:\windows\system32\kernel32(150).dll
    2015-05-09 03:26 . 2015-06-20 23:14    424960    ----a-w-    c:\windows\system32\KernelBase(99).dll
    2015-05-09 03:26 . 2015-06-20 23:14    1162752    ----a-w-    c:\windows\system32\kernel32(98).dll
    2015-05-09 03:12 . 2015-07-04 13:30    1114112    ----a-w-    c:\windows\SysWow64\kernel32(188).dll
    2015-05-09 03:12 . 2015-06-20 23:14    274944    ----a-w-    c:\windows\SysWow64\KernelBase(189).dll
    2015-05-09 03:12 . 2015-06-20 23:14    274944    ----a-w-    c:\windows\SysWow64\KernelBase(129).dll
    2015-05-09 03:12 . 2015-06-20 23:14    1114112    ----a-w-    c:\windows\SysWow64\kernel32(128).dll
    2013-11-12 00:53 . 2013-11-12 00:53    1044992    ----a-w-    c:\program files (x86)\WinFile.v1.1.msi
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
    "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2015-01-28 688984]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-05-16 3642312]
    "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-07-17 8418584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2011-07-13 293360]
    "ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
    "CPMonitor"="c:\program files (x86)\Roxio 2012\5.0\CPMonitor.exe" [2011-07-08 84464]
    "Desktop Disc Tool"="c:\program files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" [2011-06-13 506352]
    "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-31 6109776]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    officejet 6100.lnk - c:\program files (x86)\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2003-4-6 147456]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "SoftwareSASGeneration"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    .
    R0 AFS;AFS; [x]
    R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [x]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 AceecaUSBDx64;AceecaUSBDx64;c:\windows\system32\DRIVERS\AceecaUSBDx64.sys;c:\windows\SYSNATIVE\DRIVERS\AceecaUSBDx64.sys [x]
    R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys;c:\windows\SYSNATIVE\DRIVERS\rcmirror.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys;c:\windows\SYSNATIVE\Drivers\Sahdad64.sys [x]
    S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys;c:\windows\SYSNATIVE\Drivers\Saibad64.sys [x]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
    S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys;c:\windows\SYSNATIVE\Drivers\SaibVdAd64.sys [x]
    S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
    S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [x]
    S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
    S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    S3 StnSport;PCIe to High Speed Serial Port;c:\windows\system32\DRIVERS\StnSport.sys;c:\windows\SYSNATIVE\DRIVERS\StnSport.sys [x]
    S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
    S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2015-08-05 22:54    995144    ----a-w-    c:\program files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 16:48]
    .
    2015-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 17:45]
    .
    2015-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14 17:45]
    .
    2015-07-16 c:\windows\Tasks\HPCeeScheduleForBS-HP$.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
    .
    2015-08-06 c:\windows\Tasks\HPCeeScheduleForBS.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
    .
    2015-08-06 c:\windows\Tasks\HPCeeScheduleForCarole.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2015-07-31 17:31    778056    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
    "HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-25 1425408]
    "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-26 1793736]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    TCP: DhcpNameServer = 192.168.1.1 68.237.161.12
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
    FF - ProfilePath - c:\users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    AddRemove-{714dc1e5-69a4-4ecd-9552-93397e084298} - c:\programdata\Package Cache\{714dc1e5-69a4-4ecd-9552-93397e084298}\GarminExpressInstaller.exe
    AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
    AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
       d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,af,47,11,61,15,b4,45,a6,f2,33,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
       d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,af,47,11,61,15,b4,45,a6,f2,33,\
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
    @="131473"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.18"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2015-08-06  15:48:53
    ComboFix-quarantined-files.txt  2015-08-06 19:48
    .
    Pre-Run: 610,594,648,064 bytes free
    Post-Run: 610,273,898,496 bytes free
    .
    - - End Of File - - E73B9B65F4BA4665D956C4E47408845C
    5FB38429D5D77768867C76DCBDB35194
     



    #13 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 07 August 2015 - 06:07 AM

    SDCleaner.exe – Entry Point Not Found
    This is from SpyBot and Destroy. Remove it using the Add/Remove Programs applet.
     
    With Avast installed I do not thing you need it.
    ===
     
     
    Runtime error 216 @ 5003A116
    Similar error here.
     
    Signs of AVG are seen in your logs.
     
    Download and run the version of their uninstaller for the version you previously installed.
     
    How is it now?

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #14 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 07 August 2015 - 11:38 AM

    Hi nasdaq,

    Thanks for your patience.  I’m afraid that I may be calling on it some more.

     

    I un-installed SpyBot.  I rebooted the PC and I’m still getting the SDCleaner error message when I log onto my user account.

     

    I wasn’t sure which version of AVG I had.  I switched to Avast just about 2 years ago.  Not knowing which version I ran the AVG remover for both the 64 and 32 bit versions.  I hope that this was OK.  After running each version only the 64 bit required a reboot.

     

    Concerning the Runtime error 216, I’m a bit lost with the website you sent me to.  Do you want me to follow all of the steps that bblumquist did? (The Security Check, MiniToolBox, GMER etc.  I’m guessing I don’t need to re-install the Malwarebytes.)  Naturally, I’m still getting the Runtime error.

     

    Tks

    Bob



    #15 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 07 August 2015 - 01:06 PM

    Just do this for now.
     
    Lets find out where this SDCleaner.exe is comming from.
     
    Please run the Farbar Recovery Scan Tool. Enter SDCleaner.exe in the Search Box.
    Click the Search Registry button, post the content of the Search.txt file in your next reply.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #16 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 08 August 2015 - 02:40 PM

    Hi nasdaq,

    I ran FRST and got 2 txt files.

    TKS

    Bob

     

    FRST.txt

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
    Ran by BS (administrator) on BS-HP (08-08-2015 15:30:55)
    Running from C:\Users\BS\Desktop
    Loaded Profiles: BS (Available Profiles: BS & Carole & Administrator)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
    (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
    () C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
    () C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WinFile\WinFile.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
    HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-03-26] (NVIDIA Corporation)
    HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [293360 2011-07-13] (Rovi Corporation)
    HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
    HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [84464 2011-07-08] ()
    HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe [506352 2011-06-12] ()
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-31] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-16] (Macrovision Corporation)
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\officejet 6100.lnk [2012-07-25]
    ShortcutTarget: officejet 6100.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-31] (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    HKU\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-548385734-4097216683-3063250578-1001 -> Backup.Old.DefaultScope {61265F54-AFA3-4EBB-9CD3-A0304F59D016}
    SearchScopes: HKU\S-1-5-21-548385734-4097216683-3063250578-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31] (AVAST Software)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
    Toolbar: HKU\S-1-5-21-548385734-4097216683-3063250578-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
    DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2....DataManager.CAB
    DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.237.161.12
    Tcpip\..\Interfaces\{05614AE7-17D4-440B-AFB6-62B4EB53F277}: [DhcpNameServer] 192.168.1.1 68.237.161.12

    FireFox:
    ========
    FF ProfilePath: C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default
    FF NewTab: hxxp://www.google.com/firefox
    FF DefaultSearchEngine.US: Google
    FF SearchEngineOrder.1: Google
    FF Homepage: hxxp://www.msn.com/
    FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-10] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Extension: HP Smart Print - C:\Users\BS\AppData\Roaming\Mozilla\Firefox\Profiles\lqhi3w2z.default\Extensions\hpwebprint@hpwebprint.com [2014-09-30]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-21]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-18]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-08-07] <==== ATTENTION

    Chrome:
    =======
    CHR Profile: C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (No Name) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
    CHR Extension: (Google Wallet) - C:\Users\BS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-31] (AVAST Software)
    R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [21488 2011-07-15] ()
    R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
    S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-10] (WildTangent)
    R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
    R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
    S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1095664 2011-07-13] (Rovi Corporation)
    S2 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [340976 2011-07-13] (Rovi Corporation)
    S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
    S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
    S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AceecaUSBDx64; C:\Windows\System32\DRIVERS\AceecaUSBDx64.sys [66552 2011-04-05] (PalmSource, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-31] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-31] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-31] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-31] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-31] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-31] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-31] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-31] (AVAST Software)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
    R3 StnSport; C:\Windows\System32\DRIVERS\StnSport.sys [128000 2010-08-20] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-08 15:30 - 2015-08-08 15:31 - 00018614 _____ C:\Users\BS\Desktop\FRST.txt
    2015-08-07 12:16 - 2015-08-07 12:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-08-07 12:16 - 2015-08-07 12:17 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\BS\Downloads\avg_remover_stf_x86_2015_5501.exe
    2015-08-07 12:11 - 2015-08-08 11:26 - 00000656 _____ C:\windows\PFRO.log
    2015-08-07 12:10 - 2015-08-07 12:19 - 00670786 _____ C:\Users\BS\Downloads\avgremover.log
    2015-08-07 12:09 - 2015-08-07 12:09 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\BS\Downloads\avg_remover_stf_x64_2015_5501.exe
    2015-08-07 11:51 - 2015-08-08 11:28 - 00000168 _____ C:\windows\setupact.log
    2015-08-07 11:51 - 2015-08-07 11:51 - 00000000 _____ C:\windows\setuperr.log
    2015-08-06 15:48 - 2015-08-06 15:48 - 00027910 _____ C:\Users\BS\Desktop\ComboFix.txt
    2015-08-06 15:40 - 2011-06-26 02:45 - 00256000 _____ C:\windows\PEV.exe
    2015-08-06 15:40 - 2010-11-07 13:20 - 00208896 _____ C:\windows\MBR.exe
    2015-08-06 15:40 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
    2015-08-06 15:40 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
    2015-08-06 15:40 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
    2015-08-06 15:40 - 2000-08-30 20:00 - 00098816 _____ C:\windows\sed.exe
    2015-08-06 15:40 - 2000-08-30 20:00 - 00080412 _____ C:\windows\grep.exe
    2015-08-06 15:40 - 2000-08-30 20:00 - 00068096 _____ C:\windows\zip.exe
    2015-08-06 15:39 - 2015-08-06 15:48 - 00000000 ____D C:\Qoobox
    2015-08-06 15:35 - 2015-08-06 15:36 - 05634244 ____R (Swearware) C:\Users\BS\Desktop\ComboFix.exe
    2015-08-05 20:15 - 2015-08-05 20:15 - 00000143 _____ C:\Users\BS\Desktop\MBR.zip
    2015-08-05 20:12 - 2015-08-05 20:12 - 00001983 _____ C:\Users\BS\Desktop\aswMBR.txt
    2015-08-05 20:12 - 2015-08-05 20:12 - 00000512 _____ C:\Users\BS\Desktop\MBR.dat
    2015-08-05 19:57 - 2015-08-05 19:57 - 05198336 _____ (AVAST Software) C:\Users\BS\Desktop\aswMBR.exe
    2015-08-05 19:43 - 2015-08-05 19:43 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\BS\Desktop\tdsskiller.exe
    2015-08-05 17:13 - 2015-08-07 16:07 - 00000000 ____D C:\Users\Carole\AppData\Local\CrashDumps
    2015-08-05 11:49 - 2015-08-08 15:19 - 00000000 ____D C:\Users\BS\AppData\Local\CrashDumps
    2015-08-05 11:43 - 2015-08-05 11:25 - 00024064 _____ C:\windows\zoek-delete.exe
    2015-08-05 11:27 - 2015-08-05 11:48 - 00015153 _____ C:\Users\BS\Desktop\zoek-results.log
    2015-08-05 11:25 - 2015-08-05 11:40 - 00000000 ____D C:\zoek_backup
    2015-08-05 11:24 - 2015-08-05 11:24 - 01308672 _____ C:\Users\BS\Desktop\zoek.exe
    2015-08-04 16:19 - 2015-08-04 16:19 - 00001976 _____ C:\Users\BS\Downloads\fixlist.txt
    2015-08-04 12:20 - 2015-08-04 12:22 - 00047901 _____ C:\Users\BS\Downloads\Addition.txt
    2015-08-04 12:19 - 2015-08-08 15:30 - 00000000 ____D C:\FRST
    2015-08-04 12:19 - 2015-08-04 12:22 - 00071850 _____ C:\Users\BS\Downloads\FRST.txt
    2015-08-04 12:16 - 2015-08-04 12:18 - 02169856 _____ (Farbar) C:\Users\BS\Desktop\FRST64.exe
    2015-08-03 19:28 - 2015-08-03 19:28 - 00028604 _____ C:\Users\BS\Desktop\dds.txt
    2015-08-03 19:28 - 2015-08-03 19:28 - 00014657 _____ C:\Users\BS\Desktop\attach.txt
    2015-08-03 19:13 - 2015-08-03 19:13 - 00001058 _____ C:\Users\BS\Desktop\Malwarebyttes.txt
    2015-08-01 12:07 - 2015-08-01 12:07 - 00000000 ____D C:\Users\BS\Documents\Simply Super Software
    2015-07-31 14:17 - 2015-07-31 14:17 - 02248704 _____ C:\Users\BS\Downloads\AdwCleaner.exe
    2015-07-31 14:15 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-07-31 14:15 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-07-31 14:15 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-07-31 14:15 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-07-31 14:15 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-07-31 14:15 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
    2015-07-31 14:15 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-07-31 13:31 - 2015-08-08 15:23 - 00003168 _____ C:\windows\System32\Tasks\HPCeeScheduleForBS
    2015-07-31 13:31 - 2015-08-08 15:23 - 00000320 _____ C:\windows\Tasks\HPCeeScheduleForBS.job
    2015-07-31 13:31 - 2015-07-31 13:31 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
    2015-07-31 13:31 - 2015-07-31 13:31 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
    2015-07-31 12:30 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
    2015-07-30 09:39 - 2015-07-30 09:39 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-23 12:05 - 2015-07-23 12:05 - 06609608 _____ (Piriform Ltd) C:\Users\BS\Downloads\ccsetup508.exe
    2015-07-23 08:42 - 2015-08-04 16:59 - 00000008 __RSH C:\ProgramData\ntuser.pol
    2015-07-23 08:39 - 2015-07-23 08:39 - 00001081 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
    2015-07-23 08:37 - 2015-07-23 08:37 - 04184064 _____ (BrightFort LLC ) C:\Users\BS\Downloads\spywareblastersetup52.exe
    2015-07-23 08:27 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
    2015-07-23 08:27 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
    2015-07-23 08:27 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
    2015-07-23 08:27 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
    2015-07-23 08:27 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
    2015-07-23 08:27 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
    2015-07-23 08:27 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
    2015-07-23 08:27 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
    2015-07-23 08:27 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
    2015-07-23 08:27 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
    2015-07-20 12:16 - 2015-07-20 12:16 - 00000000 ____D C:\Users\Carole\AppData\Local\GWX
    2015-07-18 19:41 - 2015-07-09 13:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner(78).exe
    2015-07-18 19:41 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2015-07-18 19:41 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
    2015-07-18 19:41 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
    2015-07-18 19:41 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
    2015-07-18 19:41 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
    2015-07-18 19:41 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
    2015-07-18 19:41 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
    2015-07-18 19:41 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
    2015-07-18 19:41 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
    2015-07-18 19:41 - 2015-06-03 16:16 - 00193536 ____N (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-07-18 19:41 - 2015-06-03 16:16 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic(77).dll
    2015-07-18 19:41 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-07-18 19:41 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
    2015-07-18 19:41 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
    2015-07-18 19:41 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
    2015-07-18 19:41 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
    2015-07-18 19:41 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
    2015-07-18 19:41 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
    2015-07-18 19:41 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-07-18 19:41 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-07-18 19:41 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2015-07-18 19:41 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2015-07-18 19:41 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
    2015-07-18 19:41 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
    2015-07-18 19:41 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-07-18 19:41 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
    2015-07-18 19:41 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
    2015-07-18 19:41 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
    2015-07-18 19:41 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
    2015-07-18 19:41 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
    2015-07-18 19:41 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
    2015-07-18 19:41 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
    2015-07-18 19:41 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
    2015-07-18 19:41 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
    2015-07-18 19:41 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
    2015-07-18 19:41 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
    2015-07-18 19:41 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
    2015-07-18 19:41 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-07-18 19:41 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-07-18 19:41 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
    2015-07-18 19:41 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
    2015-07-18 19:41 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
    2015-07-18 19:41 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
    2015-07-18 19:41 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
    2015-07-18 19:41 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-07-18 19:41 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
    2015-07-18 19:41 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
    2015-07-18 19:40 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
    2015-07-18 19:38 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
    2015-07-18 15:42 - 2015-08-08 11:28 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForCarole.job
    2015-07-18 15:42 - 2015-08-07 16:11 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForCarole
    2015-07-18 14:45 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-07-18 14:45 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-07-18 14:45 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-07-18 14:45 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-07-18 14:45 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-07-18 14:45 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-07-18 14:45 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-07-18 14:45 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-07-18 14:45 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-07-18 14:45 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-07-18 14:45 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-07-18 14:45 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-07-18 14:45 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-07-18 14:45 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-07-18 14:45 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-07-18 14:45 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-07-18 14:45 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-07-18 14:45 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-07-18 14:45 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-07-18 14:45 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-07-18 14:45 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-07-18 14:45 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-07-18 14:45 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
    2015-07-18 14:45 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-07-18 14:45 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-07-18 14:45 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-07-18 14:45 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-07-18 14:45 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2015-07-18 14:45 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-07-18 14:45 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-07-18 14:45 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-07-18 14:45 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-07-18 14:45 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-07-18 14:45 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-07-18 14:45 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-07-18 14:45 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-07-18 14:45 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-07-18 14:45 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-07-18 14:45 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-07-18 14:45 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-07-18 14:45 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-07-18 14:45 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-07-18 14:45 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-07-18 14:45 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-07-18 14:45 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
    2015-07-18 14:45 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-07-18 14:45 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-07-18 14:45 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-07-18 14:45 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-07-18 14:45 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2015-07-18 14:45 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-07-18 14:45 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-07-18 14:45 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-07-18 14:45 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-07-18 14:45 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-07-18 14:45 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-07-18 14:45 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-07-18 14:45 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-07-18 14:45 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-07-18 14:45 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-07-18 14:45 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-07-18 14:45 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2015-07-18 14:45 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2015-07-18 14:45 - 2015-06-09 14:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
    2015-07-18 14:45 - 2015-06-09 14:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
    2015-07-18 14:45 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
    2015-07-18 14:45 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
    2015-07-18 14:45 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
    2015-07-18 14:45 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
    2015-07-18 14:45 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
    2015-07-18 14:45 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
    2015-07-18 14:45 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
    2015-07-18 14:45 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
    2015-07-18 14:45 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
    2015-07-18 14:45 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
    2015-07-18 14:45 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
    2015-07-18 14:45 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
    2015-07-18 14:44 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2015-07-18 14:44 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2015-07-18 14:44 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-07-18 14:44 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-07-18 14:44 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-07-18 14:44 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-07-18 14:44 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
    2015-07-18 14:44 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-07-18 14:44 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-07-18 14:44 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-07-18 14:44 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-07-18 14:44 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-07-18 14:44 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-07-18 14:44 - 2015-07-01 16:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-07-18 14:44 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2015-07-18 14:44 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-07-18 14:44 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-07-18 14:44 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-07-18 14:44 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-07-18 14:44 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-07-18 14:44 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
    2015-07-18 14:44 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
    2015-07-18 14:44 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
    2015-07-18 14:44 - 2015-06-11 13:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
    2015-07-18 14:44 - 2015-06-11 13:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
    2015-07-18 14:44 - 2015-06-11 13:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
    2015-07-18 14:44 - 2015-06-11 13:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
    2015-07-18 14:44 - 2015-06-11 13:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
    2015-07-18 14:44 - 2015-06-11 13:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
    2015-07-18 14:44 - 2015-06-11 09:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
    2015-07-18 14:44 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
    2015-07-18 14:44 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
    2015-07-18 14:43 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
    2015-07-18 14:43 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
    2015-07-18 14:43 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
    2015-07-18 14:43 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
    2015-07-18 14:43 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
    2015-07-18 14:43 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
    2015-07-18 14:43 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
    2015-07-18 14:43 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
    2015-07-18 14:43 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
    2015-07-18 14:43 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
    2015-07-18 14:43 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
    2015-07-18 14:43 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
    2015-07-18 14:41 - 2015-07-03 14:05 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk(17).dll
    2015-07-18 14:41 - 2015-07-03 13:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk(19).dll
    2015-07-18 10:38 - 2015-07-18 10:38 - 00000000 ____D C:\Users\BS\AppData\Local\GWX
    2015-07-16 12:48 - 2015-07-16 12:48 - 18524336 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2015-07-16 10:59 - 2015-07-04 09:22 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw324B.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw1370.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00272248 _____ C:\windows\system32\Drivers\asw345E.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw3633.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw2B45.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\asw2E91.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00065736 _____ C:\windows\system32\Drivers\asw3057.tmp
    2015-07-16 10:59 - 2015-05-17 12:29 - 00029168 _____ C:\windows\system32\Drivers\asw2C9D.tmp
    2015-07-16 07:25 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil(187).dll
    2015-07-16 07:25 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil(148).dll
    2015-07-16 07:25 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon(196).dll
    2015-07-16 07:25 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon(169).dll
    2015-07-16 07:25 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet(172).dll
    2015-07-16 07:25 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet(197).dll
    2015-07-16 07:25 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32(147).dll
    2015-07-16 07:25 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32(186).dll
    2015-07-16 07:24 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32(159).dll
    2015-07-16 07:24 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32(192).dll
    2015-07-16 07:24 - 2015-07-03 14:05 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk(152).dll
    2015-07-16 07:24 - 2015-07-03 13:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk(190).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv(153).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4(160).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos(149).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel(161).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0(156).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt(157).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest(170).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli(166).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg(168).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv(167).dll
    2015-07-16 07:24 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32(163).dll
    2015-07-16 07:24 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase(143).dll
    2015-07-16 07:24 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp(141).dll
    2015-07-16 07:24 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass(154).exe
    2015-07-16 07:24 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase(185).dll
    2015-07-16 07:24 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4(193).dll
    2015-07-16 07:24 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli(195).dll
    2015-07-16 07:24 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi(155).dll
    2015-07-16 07:24 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui(139).dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-08 15:20 - 2012-12-22 14:10 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-08-08 15:20 - 2012-07-14 13:45 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-08-08 15:19 - 2012-07-14 13:45 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-08-08 13:20 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-08-08 13:20 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-08-08 11:54 - 2012-07-14 14:06 - 00000202 _____ C:\windows\WINFILE.INI
    2015-08-08 11:46 - 2015-06-07 12:53 - 01842143 _____ C:\windows\WindowsUpdate.log
    2015-08-08 11:3


    #17 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 08 August 2015 - 02:54 PM

    Sorry nasdaq I got it wrong.

    Here is the file that you asked for.  Please disregard the above.

     

    Search.txt

     

    Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
    Ran by BS (2015-08-08 15:51:04)
    Running from C:\Users\BS\Desktop
    Boot Mode: Normal

    ================== Search Registry: "SDCleaner.exe" ===========

    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\116ce15d_0]
    ""="{0.0.0.00000000}.{6e5ce41f-c8d8-417b-b82f-28bb70f3d34e}|\Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe%b{00000000-0000-0000-0000-000000000000}"
    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "Spybot-S&D Cleaning"=""C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean"

    ====== End of Search ======



    #18 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 09 August 2015 - 06:57 AM

    Copy the text IN THE QUOTE BOX below to notepad. Save it as fixme.reg to your desktop.
    Be sure the "Save as" type is set to "all files" Once you have saved Right click the .reg file and allow it to merge with the registry.
     

     

    Windows Registry Editor Version 5.00
     
     
    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\116ce15d_0]
    ""=-
    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "Spybot-S&D Cleaning"=-

     

     
    Restart the when completed.
     
    You can delete the fixme.reg file when done.
     
    Is the error gone.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #19 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 09 August 2015 - 01:37 PM

    Sorry nasdaq.  Am I missing something?  I don't see anyghting in the quote box.

     

    Bob



    #20 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 10 August 2015 - 07:05 AM

    Sorry it was bad formatting.
     
    All of this.in bold.
     
    Windows Registry Editor Version 5.00
     
     
    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\116ce15d_0]
    ""=-
    [HKEY_USERS\S-1-5-21-548385734-4097216683-3063250578-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "Spybot-S&D Cleaning"=-
     
     

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #21 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 10 August 2015 - 11:09 AM

    Hi nasdaq,

    Please, no need to apologize.  It was something that I’d normally do. 

     

    What I did do, after I sent you the last message, was to copy the “Windows Registry Editor Version 5.00” into the fixme.reg file.  I’m just glad that I did not run it.  Who knows what additional damage I would have created.

     

    Everything seemed to have gone OK when I ran the entire bolded formatting.  When I re-booted the “SDCleaner.exe” error message was gone.  The “Runtime error 216…” was still there.

     

    I should also tell you that yesterday evening, as a part of my normal routine, I ran all of my anti-virus and malware programs.  When I ran the Spybot program I got something strange.  I got the normal “Start Center” box but this time there was no icon to “update”.  It also gave me another box saying;

    Start Center

    Your license is expiring soon!

       You are currently using the Unknown Addition of

    Spybot – Search & Destroy.

       Your license is going to expire

    In 0 days, on Sunday, January 1 1899.

     

                >Check license/feature overview

                Inspect your license status or compare

                edition features.

                >Renew License

                You like to use the Unknown

                Edition? We offer a discount for a license

                renewal!

     

    Would it be easier to just un-install the current version of Spybot and then re-install?

     

    Finally, I went into my e-mail to check if the Address Book had reappeared.  I was hoping against hope.  It had not.  Do you think that this problem would rectify itself when we get rid of the “Runtime error”?

     

    Once again thanks for your patience,

    Bob



    #22 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 10 August 2015 - 12:54 PM

    Would it be easier to just un-install the current version of Spybot and then re-install?
     
    I agree. 
     
    Let me know if the problem persists.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #23 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 10 August 2015 - 05:37 PM

    Hi nasdaq,

    I received the following error message while trying to un-install Spybot from the Control Panel, All Control Panel Items, Programs and Features;

    Internal error: Cannot fine utCompiledCode record for this version of the installer.

     

    Do you think it would it be OK to delete the Directory “Spybot - Search & Destroy 2” directly from the “Program Files (x86)” or would that cause other problems?

     

    Also, it looks as if the latest files added to the Spybot Directory are dated 7-30-15.  That was around the time I received a notice that there was an update available.  I downloaded that update and, I think, that’s when my problems began.

     

    Any ideas?

     

    Bob



    #24 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 11 August 2015 - 07:03 AM

    Yes delete it.


    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #25 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 11 August 2015 - 08:46 AM

    Hi nasdaq,

    I managed to delete all but 3 of the Spybot files from the “Program Files (x86)” Directory.  Those files are;

    rtl150.bpl

    SDResourses.dll

    SD Tray.exe

    All three files were created in 2012 or 2013.

     

    When I try to delete them I get the message;

    “The action can’t be completed because the folder or file is open in another program.”

     

    Any suggestions or is it OK to leave the files where they are?  Also, should I try to re-load Spybot again and if so where should I go to get a safe copy to download?

     

    Tks

    Bob



    #26 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 12 August 2015 - 12:18 PM

    “The action can’t be completed because the folder or file is open in another program.”
     
    Boot into Safe mode and try to delete them.
     
     
    ===
     
    Always download programs from the owner's site.
     
     
    Install it.
     
    ===

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #27 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 12 August 2015 - 05:41 PM

    Hi nasdaq,

    Fantastic!  I managed to delete all 3 files through the Safe Mode.  I also re-installed Spybot through the safer-networking website you suggested.  Many Thanks.

     

    After I re-installed Spybot and ran it for the first time, I noticed another icon on the desktop (postWin10 Spybot install.exe).  Since I have no intention of installing Windows 10 at this time I don’t think that I should run this installation.  I think I may have run it back at the end of July and that this may have caused the SDCleaner error message in the first place. What do you think? 

     

    I am also happy to say that it looks like the “Runtime error 216…” may have disappeared.  With my luck I think that I should give it a few days just to be sure.  Any thoughts?

     

    The only problem that still exists is the loss of my Address Book in Outlook Express.  Initially I had thought that everything was connected.  The error message I’ve gotten, and still get, reads “The messaging interface has returned an unknown error.  If the problem persists, restart Outlook”.  What do you think or should I open a new thread?



    #28 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 13 August 2015 - 07:12 AM

    Read the following Microsoft Article.
     
    OL97: Messaging Interface Returns an Unknown Error
     
    You can try the suggested fix.
     
    Note that under the section How to Install a New Set of MAPI Files you will need the Office CD to proceed.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #29 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 15 August 2015 - 05:29 PM

    Hi nasdaq,

    Sorry about taking so long to get back to you but I’ve been trying to follow the instructions in OL97.  I am totally lost!  It has taken my most of yesterday just to fine my copy of Microsoft Office (and that’s an old version, 2003 with updates to the 2007 version). 

     

    I’ve tried to use the Inbox Repair Tool without any success.  I can open the Control Panel and get into the Mail option but that’s where the similarities end.  When the Mail option opens I get no tabs.  All I get are 3 options – E-mail Accounts, Data Files and Show Profiles.  I have tried each of the options.  The Show Profiles is the only one that has an option of Properties.  When I click on that I get the first 2 options again (E-mail Accounts and Data Files).

     

    I have then gone to How to Install a New Set of MAPI Files.  This scares the hell out of me because I know that I’m going to do something stupid.

     

    It starts with the first instruction, On the File menu, click Exit and Log Off.  On what File menu??

     

    Then Step 2 with Click Start.  Click Shut Down, click to select the Restart the computer in MS-DOS mode check box, and then click Yes.  I know the Start button and the down arrow for the type of shut down but nowhere is there an option for Restart the computer in MS-DOS.  Can you help?

     

    TKS

    Bob



    #30 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 16 August 2015 - 06:46 AM

     
    So Outlook came with Office 2007.
     
    Try to repair it.
     
    Have a llook at this video.
     
     
    The video refers to adding a feature. What you want to do is a REPAIR. 
    So instead of using adding a feature select Repair and continue as per the article.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #31 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 16 August 2015 - 06:24 PM

    Hi nasdaq,

    In the words of HAL in “2001, A Space Odyssey” Nothing can go wrong - go wrong- go wrong.  Wanna bet!

     

    When I pulled up the instructions on repair for Office 2007 and could not find it on my computer, I realized that I must still have the 2003 version.  I found and printed the instructions for repair and reinstall of Office 2003 on the internet.  These instructions did not have a video attached.

     

    Under the topic “How to Repair or Reinstall Office Programs” there were 2 methods that looked promising.  I used Method 1 and it looked promising.  It determined that a file, SKU011.CAB was missing and told me to install the Office 2003 program disc.  I did this and the file was loaded.  I did a file search and determined that the file loaded today at C:\MSOCache\ALLUSERS\9000049-6000-11D3-8CFE-015004838C9\sku011.CAB. I then opened Outlook but still got error messages when trying to open my Address Book and trying to print an old e-mail.

     

    Once again those error messages read;

    Address Book

    The messaging interface has returned an unknown error. If the problem persists, restart Outlook.

    Print

    One or more of the items you tried to print does not support printing and was not printed.

     

    Next I tried Method 2 but had no success.  There were 3 Microsoft Office names.  They are Microsoft Office file validation add-in, Microsoft Office Outlook Connector (this looks like it was updated today) and Microsoft Office 2003 Professional Edition.  The Professional Edition was that only selection that had the option of Change.  I selected it and it looks like Microsoft Office 2003 reloaded (but it is still showing the original installation date).  When it finished, I again checked Outlook but still got the same error messages when trying to open the Address Book and trying to print an old e-mail.

     

    Where do I go from here?  I guess, with my luck and how this is going, I should be thankful that the old error messages, SDCleaner and Runtime error have not reappeared.

    Bob



    #32 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 17 August 2015 - 06:33 AM

     
    The Outlook Address book is kept in a .wab file.
     
    Read about it.
     
    Find out if you have such a file. Try to open it as suggrested on the topic.
     
     
    Your version of Microsoft Outlook is no longet supported. It was replaced by Microsoft "Windows Live Mail" I use it.
     
     
     
    If you have a .wab file then you can import it to Windows Live see:
     
    Hope this will help.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #33 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 17 August 2015 - 08:02 PM

    Hi nasdaq,

    Thanks for the info.  I have located the .web file but have not been able to open it.  I think that downloading Windows Live is the way to go.  I’ve just got a few questions first.

     

    In switching over to Windows Live will I be able to keep my e-mail address?  Will I be able to carry over important e-mail that I have saved?  Will folders I have created also be carried over?  It is not clear from what I have read in the links you’ve provided.

     

    Once again thanks for all of your help.

    Bob



    #34 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 18 August 2015 - 06:45 AM

    In switching over to Windows Live will I be able to keep my e-mail address?
    Yes, your Internet Provider should give you the settings information to that you can connect to their server.
     
    ===
     

    Will I be able to carry over important e-mail that I have saved?
    These are saved in the .WAB file (not .web). 
    If the file is corrupted then I do not know how you could recover them.
     
    Your Internet Provider may have some saved copies, check with them.
     

    Will folders I have created also be carried over?  It is not clear from what I have read in the links you’ve provided.
    I do not know unless they are also saved in the .WAB file.
     
    After contacting your Internet Provider you can check with this forum.
     
     
    Someone using this application may be able to help you better than I can at the moment.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #35 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 20 August 2015 - 10:16 AM

    Hi nasdaq,

    Once again, sorry for the delay in following your instructions.  I was trying to get up enough nerve to begin the Windows Live Mail download. 

     

    As I anticipated, something did not go as planned.  When I opened the Microsoft Download Center link and printed out the Install Instructions I clicked on the Download button.  Step 2 or 3 did not happen.  I then checked File Manager to see if anything, indeed, did download.  Apparently, a Windows Live Mail Directory was created.

     

    I then checked Control Panel and there are 2 entries.  One entry reads “Windows Live Essentials 2011”.  Installed November 2013 with 0 size.  The other reads Windows Live Mesh ActiveX Control for Remote Connections.  Installed June 2012 with 5.57 MB in size.

     

    The Directory I found in File Manager does have a sub Directory – Installer with several .exe files.  I haven’t got a clue how to proceed from here.  Since the security message in step 2 of the install instructions did not appear, I haven’t got a clue which, if any, .exe file I should click on.  Any suggestions or do you think I should uninstall one or both of the programs or features in the Controll Panel and start over again.

     

    Thoroughly confused,

    Bob 



    #36 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 21 August 2015 - 07:31 AM

     do you think I should uninstall one or both of the programs or features in the Controll Panel and start over again.
     
    Read this article.
    ===
     
    Yes remove both.
     
    Restart the computer normally.
     
    ===
     
    Then Download and run this Windows Essentials suite.
     
    Look at the botton of the page and decide which application you wish to install/need.
     
    You can learn more about each application on the page.
     
    Keep me posted.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #37 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 28 August 2015 - 05:36 PM

    #37 – 8-28-15

    Hi nasdaq,

    Sorry about the delay getting back to you.

     

    I finally managed to get set up on Windows Live Mail.  My service provider, Verizon, was actually very helpful.  It did take a few calls to finally get the e-mails up and running.  I will have to contact them again to get some clarification on the set up of a few other features.  

     

    I managed to get some of my address book imported but none of my wife’s.  I’m hoping that they will be able to help with that.  Fortunately, I have been able to print out an old copies if our address books so at least we should be able to inter them manually.

     

    One thing that they have not been able to help with was the transfer of old e-mails that I’ve saved over the years.  The Microsoft Help Desk wasn’t much help there because my version of Office is no longer supported.  Any ideas how they can be imported?

     

    I will keep you up to date on any success or failures I encounter.

     

    Once again, thanks for all your help.

    Bob



    #38 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 30 August 2015 - 06:28 AM

    One thing that they have not been able to help with was the transfer of old e-mails that I’ve saved over the years.
     
    Can you see them in the Outlook folder?
     
    The only way you can try is you can, send one or two to your present e-mail account.
    If you can then see/open them in Windows livie you are in luck other wise I cannot see any other methods.
     
    Is printing them an option.
    If you cannot print them in outlook or Windows Live and can open them in Outlook copy the content to Notepad and save the the .txt file.
    Alt lease you will have something to refer to.
    Each email can be copied to notepad and save under an other name. Or you can save one or more in the same file with a given subject name.
     
    Hope that helps.
     
    p.s.
    If you can read them in outlook then possibly just do not remove or delete anything about Outlook.
    Just keep everyghing for reference.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #39 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 01 September 2015 - 04:11 PM

    Hi nasdaq,

     

    To first answer your questions;

    Yes, I can see the old e-mails in the Outlook folders.

    No, I can not print them.  That has been one of the problems all along.

     

    What I have been able to do for many of the Outlook folders, and I’m not sure if this makes the most sense, was to copy them to a new e-mail in Windows Live and sent them to my self.  This way I’ll have them for future reference.  The only problem doing it this way is that I keep getting error boxes that pop up in Outlook.  I guess this could be because Outlook is no longer my e-mail carrier.

     

    Naturally, the largest folder, Woodsmith Tips, would be much to many e-mails to transfer that way.  These e-mails contain links for many helpful woodworking tips.  I do use them on a fairly regular basis.  I’d hate to loose them.

     

    Your suggestion to keep them in Outlook would make the most sense.  The question that I have to doing this is would I keep getting new e-mail in both Windows Live and Outlook?  Is there any way to turn off the receive feature in Outlook?

     

    One of the other problems that seemed to have started since the e-mail problem began, and I thought that it would have gone away once we switched to Windows Live, is a strange screen that appears when logging off or shutting down.  It seems to happen when my wife opens a link from an e-mail although she says that it has occurred when she has gone directly into Internet Explorer or Google Chrome.  It has happened to me but rarely.    The screen looks like;

     

    “1 Program Still Needs to Close”

    “(Waiting for) Task Host Window”

    “Task Host is executing shutdown tasks, and stopping tasks that are already running”

     

    “To close the program that is preventing Windows from logging off, Cancel, and then close the program”

     

    It then shows 2 boxes

     

                                        Force Log Off                         Cancel

    Clicking on the Force Log Off box gives a new window.  Clicking on Cancel does nothing.

    Clicking on the Force Log Off box gives you

     

    “If you Force Log Off you may lose the work that you haven’t saved.

    Do you still want to Force Log Off?”

     

    Then it give the option of Yes or No.  Clicking on Yes allows Log Off or Shut Down.

     

    Do you think that this has been a part of the initial infection problem since it has been happening all along? 

     

    Any thoughts or suggestions?

    Bob

     

    p.s.

    Can I get rid of the programs and files that I’ve got on my desktop?  If I can, can I just drag them into the Recycle Bin or are there any other steps I should follow.



    #40 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 02 September 2015 - 07:51 AM

    The question that I have to doing this is would I keep getting new e-mail in both Windows Live and Outlook?  Is there any way to turn off the receive feature in Outlook?
    It seems to happen when my wife opens a link from an e-mail although she says that it has occurred when she has gone directly into Internet Explorer or Google Chrome.
     
    Is she using Outlook or Windows live.
     
    Try this to disable Outlook at startup.
    ===
     
    Shut down issue. This could be caused by many things.
    Close all running programs, browsers etc...  before shutting down the computer.
     
    Does the problem persists?
     
    If you have any power option enable Hybernate etc... remove it.
    Check if the shut down persists.
     
     
    If that fails try some of the Shutdown switches.
     
    These command must be run from the DOS prompt.
    In the run box type CMD and hit OK
    type or copy and paste shutdown /s at the DOS prompt hit the enter key.
     
     
    Can I get rid of the programs and files that I’ve got on my desktop?  If I can, can I just drag them into the Recycle Bin or are there any other steps I should follow.
     
    Keep the Farbar tool. The Filxlist.txt, and Fixlog.txt can be deteted.
     
    You can remove the following programs and the files associated with them.
     
    Programs.
    Zoek tool 
    Tdsskiller
    aswMBR
    ComboFix
     
    The fixme.reg file
     
    Keep me posted.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #41 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 03 September 2015 - 12:17 PM

    Hi nasdaq,

    On the shut down issue, I should have been more precise.  When either of us are finished with the PC we do shut down all open programs that may have been open before logging off or shutting down. This is when we get the “1 Program Still Needs to Close” message.  If the PC is not going to be used for any length of time we do shut down. 

     

    I have removed the programs and files you have suggested.

     

    I have been working on your other suggestions and links but it is slow going.  I have to play around with it until I can figure out what I’m doing.

     

    I’ll keep you posted as to my progress. Your patience is much appreciated.  

     

    Tks

    Bob



    #42 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 03 September 2015 - 09:40 PM

    Hi nasdaq,

    Thoroughly confused.  Tried to disable Outlook at startup and ran into a problem.  I was able to get as far as step 3 in the links instruction.  When I opened the setup box I did not find anything titled “Microsoft Outlook”.  I then checked my Windows Live to see if I had any new e-mails.  I did, I had 3 new messages.  I then checked Outlook and those new e-mails did not appear.  So far so good. 

     

    I then preformed the same operation on my wife’s account using the link provided.  I had the same results in the setup box.  I then checked Windows Live and Outlook.  There were 2 new e-mails in Windows Live.  When I checked her Outlook there were 5 new e-mails.  I’m confused.  I’m hopping that there is just a delay in receiving those additional e-mails.

     

    On the Shut Down issue, I’ve tried to follow the first link you’ve provided without any luck.  Using that link and going to “Control Panel” I do not have a setting “System and Security”  I only have “System”.  Clicking on that there is no option “Power Options”.  I’ve tried going through all options on the “System” setting but found nothing.

     

    Following the instructions on your second link I did manage to get into DOS as an Administrator.  After the C:\User\BS> I typed “shutdown / s and hit enter.  The instructions in the link showed a space after "shutdown" and after the "/".  I hope that this is correct.  Your example did not look as if there was a space after the /.  Did I use the correct shutdown command?  Also, does this command apply to my wife’s user ID or do I have to repeat the process when she is logged on?

     

    Hopefully, this has solved the “1 Program Still Needs to Close” problem.  I guess I’ll have to give it a couple days to be sure.  I will get back to you and hopefully the problem will be resolved.

     

    TKS

    Bob


    Edited by bschaefer, 03 September 2015 - 09:46 PM.


    #43 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,159 posts

    Posted 04 September 2015 - 07:06 AM

    Your example did not look as if there was a space after the /.  Did I use the correct shutdown command?
     
    Use the command that works, both may be good.
     
     
    Have you tried this command from your wife"s profile?
     
    ===
     
    If you or your wire get the same messages in Windows Live and in Outlook then the later is still running.
    (may be just in your wife"s profile).
     
    Any of you see the Outlook Icon on the taskbar?
     
    outlook.exe is still running on the Processes tab in Task Manager (accessible via CTRL+SHIFT+ESC or by right clicking an empty spot on your Task bar and choosing Task Manager).
    Disable it from the Task Manager.
     
    Hope this helps.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #44 bschaefer

    bschaefer

      Member

    • Full Member
    • Pip
    • 81 posts

    Posted 10 September 2015 - 10:29 AM

    Hi nasdaq,

    I had thought that the “1 Program Still Needs to Close” problem had resolved itself.  Neither of us had seen it in about a week.  I was wrong.  Last night it came back when my wife opened an e-mail link to Dress Barn, a women’s fashion store.  Since then it has appeared numerous times when she had gone into Internet Explorer, not necessarily from an e-mail link.  I will try your solution again and see if that works.  If it does, I guess my wife should not be using that link or similar links from her e-mail.

     

    By the way, your version of the shutdown solution through DOS seemed to work better.  That’s the one the read “shutdown /s” (without the space after the “/”).  I will use it again and see if it stops the shutdown problem.  I’ll let you know.

     

    Concerning the Outlook problem, my wife is still getting e-mail on both Windows Live and Outlook.  I am just getting new e-mails on Windows Live.  I have found Outlook, when it is opened on my wife’s log on, on the Task Manager.  In you last instructions you had said to disable it from Task Manager, Processes tab.  How exactly do I do that?  I’m not sure how it was disabled from my account.

     

    Tks

    Bob






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    Member of

    Support SpywareInfo Forum - click the button
    PayPal - The safer, easier way to pay online!