Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow Windows 8 and B.S.O.D [Closed]


  • This topic is locked This topic is locked

#1
noel77

noel77

    Member

  • Member
  • PipPip
  • 17 posts

First Log:

 

OTL logfile created on: 1/31/2015 8:03:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lizel\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.89 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 37.66% Memory free
7.89 Gb Paging File | 5.29 Gb Available in Paging File | 67.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.45 Gb Total Space | 437.28 Gb Free Space | 74.82% Space Free | Partition Type: NTFS
 
Computer Name: SNOEKIES | User Name: Lizel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/31 19:56:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lizel\Downloads\OTL (1).exe
PRC - [2015/01/26 15:09:56 | 001,205,944 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2015/01/25 01:08:45 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/01/09 17:03:08 | 000,389,160 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
PRC - [2014/12/24 17:53:25 | 000,195,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/25 11:08:24 | 000,130,232 | ---- | M] (ShopAtHome.com) -- C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
PRC - [2014/11/25 11:08:22 | 000,199,864 | ---- | M] (ShopAtHome.com) -- C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
PRC - [2014/11/16 05:13:02 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014/05/14 14:07:08 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe
PRC - [2014/04/30 10:07:00 | 000,126,056 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2014/04/30 10:02:42 | 000,157,264 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
PRC - [2014/04/30 10:00:40 | 000,343,632 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
PRC - [2014/04/30 10:00:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2014/04/30 10:00:26 | 001,519,176 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2014/04/25 08:42:28 | 000,055,368 | ---- | M] (Mindspark) -- C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe
PRC - [2014/04/25 08:42:26 | 000,061,512 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
PRC - [2014/04/25 08:42:23 | 000,088,648 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
PRC - [2013/08/21 21:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2013/06/20 02:58:03 | 000,391,040 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2013/06/18 07:42:02 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe
PRC - [2012/08/04 18:02:22 | 001,548,952 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
PRC - [2012/07/17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/27 15:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/06/25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/01/25 01:08:43 | 014,913,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
MOD - [2015/01/25 01:08:41 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
MOD - [2015/01/25 01:08:37 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
MOD - [2015/01/25 01:08:35 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
MOD - [2014/12/24 17:28:43 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014/10/11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/09 01:01:34 | 009,849,200 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
MOD - [2013/06/20 02:58:03 | 000,391,040 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
MOD - [2010/11/11 04:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
MOD - [2010/07/13 08:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
MOD - [2010/07/05 04:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
MOD - [2010/06/23 20:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
MOD - [2010/06/02 00:05:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
MOD - [2010/06/02 00:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
MOD - [2010/06/01 21:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
MOD - [2010/06/01 21:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
MOD - [2010/06/01 21:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
MOD - [2010/06/01 21:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/12/05 20:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/12/03 12:32:48 | 000,601,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2014/11/21 10:17:58 | 000,422,632 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe -- (mccspsvc)
SRV:64bit: - [2014/11/12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/11/06 06:34:38 | 001,050,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2014/10/31 20:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2014/10/30 23:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/06 03:27:52 | 000,562,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/10/01 12:18:08 | 000,189,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/10/01 12:15:18 | 000,221,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/09/21 22:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/21 22:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 02:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/14 01:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 00:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 02:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 10:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 04:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 04:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 04:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 04:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 02:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/31 12:15:06 | 000,053,864 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2012/08/24 20:33:20 | 000,291,240 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2012/08/10 16:56:26 | 000,214,488 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe -- (THAccelSvc)
SRV:64bit: - [2012/07/28 12:20:44 | 000,458,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\Toshiba\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2012/04/20 17:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2015/01/26 15:14:52 | 000,155,368 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/14 09:16:46 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/26 11:40:37 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/08/08 14:26:16 | 000,851,136 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0155671422706526mcinst.exe -- (0155671422706526mcinstcleanup)
SRV - [2014/05/14 14:07:08 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2014/05/06 20:12:18 | 000,184,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2014/04/30 10:02:42 | 000,157,264 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe -- (Seagate MobileBackup Service)
SRV - [2014/04/30 10:00:38 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2014/04/25 08:42:23 | 000,088,648 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe -- (TotalRecipeSearch_14Service)
SRV - [2014/03/14 01:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/21 08:44:34 | 000,037,176 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2013/11/04 18:22:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/06/18 07:42:02 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service)
SRV - [2012/07/17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/27 15:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/06/25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/12/11 19:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/10/12 21:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/12 21:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/12 21:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/09 20:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/01 12:20:58 | 000,072,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/10/01 12:18:18 | 000,348,560 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/10/01 12:16:28 | 000,786,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/10/01 12:15:28 | 000,526,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/10/01 12:14:48 | 000,313,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/10/01 12:14:26 | 000,181,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/10/01 11:16:10 | 000,070,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/09/21 22:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/21 22:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/21 21:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/19 02:44:18 | 000,096,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/09/19 02:43:24 | 000,447,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/09/11 14:33:56 | 000,076,064 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 10:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 10:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 06:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/06 20:11:46 | 000,067,808 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2014/05/01 08:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/24 17:22:11 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/19 22:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 07:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 15:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 10:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 10:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 10:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 10:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 07:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/11/21 08:44:34 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/11/14 02:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 02:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 02:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/04 18:22:32 | 004,195,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/10/17 17:41:31 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/10/17 17:41:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/08/28 05:32:28 | 000,524,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/28 05:32:16 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/21 11:42:32 | 002,944,216 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 09:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/09/10 09:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/08/10 13:56:56 | 000,131,520 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\THAccel.sys -- (THAccel)
DRV:64bit: - [2012/07/31 15:28:54 | 000,028,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2012/07/31 14:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/25 19:34:42 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2012/07/25 04:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (TDCMDPST)
DRV:64bit: - [2012/07/21 18:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012/07/10 19:35:44 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 10:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/18 13:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2012/06/15 16:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/05/18 07:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2009/01/09 14:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0845EB3D-1B14-4F03-B079-870CB72D54E2}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{0845EB3D-1B14-4F03-B079-870CB72D54E2}: "URL" = http://www.bing.com/...E10TR&pc=MATBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0845EB3D-1B14-4F03-B079-870CB72D54E2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0845EB3D-1B14-4F03-B079-870CB72D54E2}: "URL" = http://www.bing.com/...E10TR&pc=MATBJS
IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKLM\..\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}: "URL" = http://search.mywebs...r={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...9AAE9BBB4&si=a3
IE - HKCU\..\URLSearchHook: {8a7d2060-824d-4b17-b00a-759b1b5f30d9} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0845EB3D-1B14-4F03-B079-870CB72D54E2}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin: C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_69.com: C:\Program Files (x86)\PackageTracer_69\bar\1.bin [2013/06/18 07:42:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2015/01/30 06:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2015/01/06 10:09:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/09/06 08:53:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lizel\AppData\Roaming\mozilla\Extensions
[2014/12/23 21:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lizel\AppData\Roaming\mozilla\Firefox\Profiles\ol4ybaur.default\extensions
[2014/12/23 21:18:38 | 000,000,000 | ---D | M] (McAfee SafeKey) -- C:\Users\Lizel\AppData\Roaming\mozilla\Firefox\Profiles\ol4ybaur.default\extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B}
[2014/12/23 21:41:11 | 000,000,000 | ---D | M] (TotalRecipeSearch) -- C:\Users\Lizel\AppData\Roaming\mozilla\Firefox\Profiles\ol4ybaur.default\extensions\[email protected]ecipeSearch_14.com
[2014/12/07 08:15:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/12/07 08:15:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/01/30 06:35:34 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn\2.2.3_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/12/02 19:57:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll File not found
O2 - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll File not found
O2 - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O2 - BHO: (Toolbar BHO) - {ab56dfde-0c14-45b3-9df6-7b0eba617870} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Search Assistant BHO) - {df22384f-cf68-4d19-969f-10423715528b} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll File not found
O3 - HKLM\..\Toolbar: (TotalRecipeSearch) - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
O3 - HKLM\..\Toolbar: (no name) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PackageTracer Home Page Guard 64 bit] C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\Toshiba\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\Toshiba\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TotalRecipeSearch Home Page Guard 64 bit] C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe ( )
O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShopAtHomeUpdater] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe (ShopAtHome.com)
O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe (ShopAtHome.com)
O4 - HKLM..\Run: [TotalRecipeSearch EPM Support] C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe (Mindspark Interactive Network, Inc.)
O4 - HKLM..\Run: [TotalRecipeSearch Search Scope Monitor] C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe (Mindspark)
O4 - HKLM..\Run: [TotalRecipeSearch_14 Browser Plugin Loader] C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" File not found
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_E9ED7E5718A67C9E5BDC4EA87A324851] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [ShopAtHomeUpdater] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe (ShopAtHome.com)
O4 - HKCU..\Run: [ShopAtHomeWatcher] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe (ShopAtHome.com)
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - Startup: C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8:64bit: - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Lizel\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: SafeKey - file://C:\Users\Lizel\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O8 - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Lizel\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8 - Extra context menu item: SafeKey - file://C:\Users\Lizel\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O9 - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4E30D2C-AE95-4092-AA43-5140C89F8E91}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\vipresg - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vipresg {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll File not found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b4af06fc-b382-11e3-824f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b4af06fc-b382-11e3-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\Setup.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/01/30 11:21:43 | 000,000,000 | -HSD | C] -- C:\found.002
[2015/01/23 15:28:37 | 000,000,000 | -HSD | C] -- C:\found.001
[2015/01/21 16:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Course Player
[2015/01/21 16:39:04 | 000,000,000 | ---D | C] -- C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Course Player
[2015/01/21 16:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Course Player
[2015/01/13 17:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/01/13 17:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/01/13 17:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/01/13 17:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/01/13 17:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/01/06 10:06:48 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys
[2015/01/02 14:58:09 | 000,000,000 | ---D | C] -- C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
[2015/01/02 14:58:06 | 000,000,000 | ---D | C] -- C:\Users\Lizel\AppData\Roaming\ShopAtHome
[2014/12/23 21:18:34 | 032,371,688 | ---- | C] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[12 C:\Users\Lizel\Documents\*.tmp files -> C:\Users\Lizel\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/01/31 20:18:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/31 19:57:10 | 000,001,482 | ---- | M] () -- C:\Users\Lizel\Desktop\OTL (1).exe - Shortcut.lnk
[2015/01/31 19:32:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/01/31 19:20:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/01/30 12:36:47 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/30 12:33:55 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/01/30 12:33:46 | 3338,846,208 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/30 11:23:01 | 869,354,990 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2015/01/26 21:19:27 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/13 17:33:27 | 000,001,766 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[12 C:\Users\Lizel\Documents\*.tmp files -> C:\Users\Lizel\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/31 19:57:10 | 000,001,482 | ---- | C] () -- C:\Users\Lizel\Desktop\OTL (1).exe - Shortcut.lnk
[2015/01/13 17:33:27 | 000,001,766 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/26 08:01:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/24 17:23:15 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/12/02 19:49:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/12/02 19:49:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/12/02 19:49:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/12/02 19:49:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/12/02 19:49:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/11/04 18:22:32 | 000,317,440 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/11/04 18:22:28 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/11/04 18:22:28 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:32:41 | 000,000,256 | ---- | C] () -- C:\WINDOWS\SysWow64\pool.bin
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/24 19:35:13 | 000,000,678 | ---- | C] () -- C:\Users\Lizel\AppData\Local\cookies.ini
[2013/04/13 21:55:04 | 000,762,622 | ---- | C] () -- C:\Users\Lizel\Jefferson Point Lease Contract.pdf
[2013/04/02 12:44:58 | 000,616,690 | ---- | C] () -- C:\Users\Lizel\dl-901-signed- ID Card.pdf
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 19:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 17:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/08/14 17:43:36 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\Book Place
[2013/11/09 02:59:44 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\Canon
[2013/12/14 18:19:02 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2014/08/15 09:21:58 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\Leadertech
[2014/05/31 10:42:11 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\OpenOffice
[2013/05/08 22:19:56 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\OpenOffice.org
[2013/08/22 08:32:34 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\Research In Motion
[2014/08/15 10:16:17 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\Seagate
[2015/01/02 14:58:06 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\ShopAtHome
[2013/12/01 20:25:04 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\supportdotcom
[2013/04/09 07:38:23 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\TuneUp Software
[2013/04/02 12:49:25 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\WildTangent
[2013/03/28 18:00:56 | 000,000,000 | ---D | M] -- C:\Users\Lizel\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Lizel\SkyDrive:ms-properties
 
< End of report >
 

  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, as you are using Win 8 we'll need to use a different tool to get a look at your system and see what's going on. :) Are the BSOD's random, did they perhaps start after installing a program?


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press the Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Step 2: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

TDSSKiller Log

  • 0

#3
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi, thanks for the help.

 

To answer your questions:

 

I think the slowness etc. was gradual, and BSOD started in the last week or so.  Nothing specifically sets it off.

 

First, the FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Lizel (administrator) on SNOEKIES on 01-02-2015 17:22:09
Running from C:\Users\Lizel\Desktop
Loaded Profiles: Lizel (Available profiles: Lizel)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Mindspark) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-03] (CANON INC.)
HKLM\...\Run: [PackageTracer Home Page Guard 64 bit] => C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe [548936 2013-06-18] ()
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-04-25] ( )
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-04-25] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-04-25] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-04-25] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-04-25] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1519176 2014-04-30] (Seagate Technology LLC)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [126056 2014-04-30] (Seagate Technology LLC)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [GoogleChromeAutoLaunch_E9ED7E5718A67C9E5BDC4EA87A324851] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-25] (Google Inc.)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\MountPoints2: {b4af06fc-b382-11e3-824f-806e6f6e6963} - "D:\Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...9AAE9BBB4&si=a3
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
URLSearchHook: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 - (No Name) - {8a7d2060-824d-4b17-b00a-759b1b5f30d9} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
SearchScopes: HKLM-x32 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...or={searchTerms}
SearchScopes: HKLM-x32 -> {f5827716-9540-492e-9e9a-9f18bb2e7912} URL = http://search.mywebs...or={searchTerms}
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> DefaultScope {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...or={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Toolbar BHO -> {87011c4e-fcde-4476-9348-ecf16134fc1f} -> C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
BHO-x32: Search Assistant BHO -> {87eab57c-d0b7-4ca9-8e26-191bfc989e26} -> C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSGN.dll No File
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @PackageTracer_69.com/Plugin -> C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: TotalRecipeSearch - C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\Extensions\[email protected]_14.com [2014-12-23]
FF Extension: McAfee SafeKey - C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]_69.com] - C:\Program Files (x86)\PackageTracer_69\bar\1.bin
FF Extension: PackageTracer - C:\Program Files (x86)\PackageTracer_69\bar\1.bin [2013-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-12-23]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://myte.tycoelectronics.com/portal/server.pt?PageID=0&parentname=Login&parentid=1&CommunityID=256&space=CommunityPage&control=SetCommunity&cached=false&in_hi_userid=170666
CHR Profile: C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16]
CHR Extension: (McAfee SafeKey) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2014-12-27]
CHR Extension: (Google Docs) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-16]
CHR Extension: (Google Drive) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-16]
CHR Extension: (YouTube) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-16]
CHR Extension: (Google Search) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-16]
CHR Extension: (Google Sheets) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16]
CHR Extension: (SiteAdvisor) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-12-27]
CHR Extension: (Google Wallet) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16]
CHR Extension: (Gmail) - C:\Users\Lizel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-28]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2014-12-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-01-26] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [184168 2014-05-06] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2013-11-21] (The OpenVPN Project)
R2 PackageTracer_69Service; C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe [42504 2013-06-18] (COMPANYVERS_NAME)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-04-30] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-04-30] (Seagate Technology LLC)
R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214488 2012-08-10] (TOSHIBA CORPORATION)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-04-25] (COMPANYVERS_NAME)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-09-11] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [67808 2014-05-06] (Mozy, Inc.)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [22528 2012-09-10] (Apple Inc.) [File not signed]
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [131520 2012-08-10] (TOSHIBA CORPORATION)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 17:22 - 2015-02-01 17:23 - 00030854 _____ () C:\Users\Lizel\Desktop\FRST.txt
2015-02-01 17:19 - 2015-02-01 17:19 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Lizel\Desktop\tdsskiller.exe
2015-02-01 17:18 - 2015-02-01 17:18 - 02131456 _____ (Farbar) C:\Users\Lizel\Desktop\FRST64.exe
2015-02-01 06:38 - 2015-02-01 06:39 - 00284888 _____ () C:\WINDOWS\Minidump\020115-58750-01.dmp
2015-02-01 05:34 - 2015-02-01 05:34 - 00284888 _____ () C:\WINDOWS\Minidump\020115-110015-01.dmp
2015-01-31 20:41 - 2015-01-31 20:41 - 00071490 _____ () C:\Users\Lizel\Downloads\Extras.Txt
2015-01-31 20:39 - 2015-01-31 20:39 - 00151364 _____ () C:\Users\Lizel\Downloads\OTL.Txt
2015-01-31 19:57 - 2015-01-31 19:57 - 00001482 _____ () C:\Users\Lizel\Desktop\OTL (1).exe - Shortcut.lnk
2015-01-31 19:56 - 2015-01-31 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\Lizel\Downloads\OTL.exe
2015-01-31 19:56 - 2015-01-31 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\Lizel\Downloads\OTL (1).exe
2015-01-30 11:24 - 2015-01-30 11:26 - 01299632 _____ () C:\WINDOWS\Minidump\013015-164250-01.dmp
2015-01-30 11:21 - 2015-01-30 11:21 - 00000000 __SHD () C:\found.002
2015-01-30 09:40 - 2015-01-30 09:40 - 00284888 _____ () C:\WINDOWS\Minidump\013015-50890-01.dmp
2015-01-30 07:13 - 2015-01-30 07:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2015-01-30 07:05 - 2015-01-30 13:28 - 00003616 _____ () C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3809426249-1239727763-2388386071-1001
2015-01-30 06:58 - 2015-01-30 06:59 - 00284888 _____ () C:\WINDOWS\Minidump\013015-68281-01.dmp
2015-01-30 06:36 - 2015-01-30 06:36 - 00284888 _____ () C:\WINDOWS\Minidump\013015-56859-01.dmp
2015-01-23 15:28 - 2015-01-23 15:28 - 00000000 __SHD () C:\found.001
2015-01-23 13:58 - 2015-01-23 13:58 - 00284888 _____ () C:\WINDOWS\Minidump\012315-56625-01.dmp
2015-01-23 12:30 - 2015-01-23 12:31 - 00279520 _____ () C:\WINDOWS\Minidump\012315-97578-01.dmp
2015-01-21 16:39 - 2015-01-21 16:39 - 00000000 ____D () C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Course Player
2015-01-21 16:39 - 2015-01-21 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Course Player
2015-01-21 16:38 - 2015-01-21 16:39 - 00000000 ____D () C:\Program Files (x86)\Course Player
2015-01-16 10:55 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-16 10:55 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-16 10:55 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-16 10:55 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-16 10:55 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-16 10:55 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-16 10:55 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-16 10:55 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-16 10:55 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-16 10:55 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-16 10:55 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-16 10:55 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-16 10:55 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-16 10:55 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-16 10:55 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-16 10:55 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-16 10:55 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-16 10:55 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-16 10:55 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-16 10:55 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-16 10:55 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-16 10:55 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-16 10:55 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-16 10:55 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-16 10:55 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-16 10:35 - 2015-01-16 10:36 - 00284888 _____ () C:\WINDOWS\Minidump\011615-61625-01.dmp
2015-01-13 17:33 - 2015-01-13 17:33 - 00001766 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-13 17:33 - 2015-01-13 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-13 17:32 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2015-01-13 17:31 - 2015-01-13 17:32 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 17:31 - 2015-01-13 17:32 - 00000000 ____D () C:\Program Files\iTunes
2015-01-13 17:31 - 2015-01-13 17:32 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-13 17:31 - 2015-01-13 17:31 - 00000000 ____D () C:\Program Files\iPod
2015-01-09 08:30 - 2015-01-09 08:31 - 00284888 _____ () C:\WINDOWS\Minidump\010915-55125-01.dmp
2015-01-07 09:25 - 2015-01-07 09:26 - 00284888 _____ () C:\WINDOWS\Minidump\010715-34671-01.dmp
2015-01-06 10:06 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-01-02 14:58 - 2015-01-02 14:58 - 00000000 ____D () C:\Users\Lizel\AppData\Roaming\ShopAtHome
2015-01-02 14:58 - 2015-01-02 14:58 - 00000000 ____D () C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
2015-01-02 14:00 - 2015-01-02 14:00 - 00284888 _____ () C:\WINDOWS\Minidump\010215-26406-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 17:22 - 2013-12-05 00:53 - 00000000 ____D () C:\FRST
2015-02-01 17:21 - 2014-03-24 13:58 - 01955944 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-01 17:21 - 2013-03-28 18:08 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809426249-1239727763-2388386071-1001
2015-02-01 17:18 - 2014-11-16 05:13 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 17:16 - 2014-12-23 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-02-01 17:14 - 2014-12-23 22:21 - 00000000 __RSD () C:\Users\Lizel\Documents\McAfee Vaults
2015-02-01 17:14 - 2014-03-25 08:09 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B56A588-569E-4D75-BF9E-837AC625AB9A}
2015-02-01 17:12 - 2014-11-16 05:13 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 17:11 - 2014-03-25 08:08 - 00000000 __RDO () C:\Users\Lizel\SkyDrive
2015-02-01 17:10 - 2014-03-24 13:42 - 00000000 ____D () C:\Users\Lizel
2015-02-01 17:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-01 07:32 - 2014-03-26 20:44 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-01 06:39 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-01 06:38 - 2014-07-16 07:29 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-01 06:38 - 2014-03-24 08:35 - 756566382 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-01 06:38 - 2013-08-22 09:46 - 00299646 _____ () C:\WINDOWS\setupact.log
2015-02-01 06:38 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-01 05:34 - 2014-12-23 22:16 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-31 16:58 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-30 12:33 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-30 12:14 - 2014-12-23 21:42 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-30 06:35 - 2013-11-14 02:20 - 00025940 _____ () C:\WINDOWS\PFRO.log
2015-01-28 10:05 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-26 21:19 - 2014-11-16 05:16 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-24 15:20 - 2014-12-12 09:09 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 15:20 - 2014-12-12 09:09 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 09:48 - 2013-08-14 02:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 09:43 - 2013-04-01 07:40 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 17:31 - 2013-05-05 17:43 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-13 17:28 - 2013-05-05 17:43 - 00000000 ____D () C:\ProgramData\Apple
2015-01-06 10:07 - 2014-12-23 21:42 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-06 10:05 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2014-12-23 21:18 - 2014-12-23 21:18 - 32371688 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-05-24 19:35 - 2013-12-26 21:49 - 0000678 _____ () C:\Users\Lizel\AppData\Local\cookies.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-01 06:50

==================== End Of Log ============================

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Lizel at 2015-02-01 17:25:09
Running from C:\Users\Lizel\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
BlackBerry Desktop Software 5.0.1 (HKLM-x32\...\BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}) (Version: 5.0.1.28 - Research In Motion Ltd.)
BlackBerry Desktop Software 5.0.1 (x32 Version: 5.0.1.28 - Research In Motion Ltd.) Hidden
BlackBerry® Media Sync (HKLM-x32\...\{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}) (Version: 2.0.28 - Research In Motion)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MX310 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series) (Version:  - )
Canon MX310 series User Registration (HKLM-x32\...\Canon MX310 series User Registration) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HMA! Pro VPN 2.8.3.7 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.3.7 - Privax Ltd)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Learning Lodge™ (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.)
McAfee Online Backup (Version: 2.26.1.386 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.182 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
PackageTracer Toolbar (HKLM-x32\...\PackageTracer_69bar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.1.3.0 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
ShopAtHome.com Helper (HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\ShopAtHome.com Helper) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
ShopAtHome.com Toolbar (HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\ShopAtHome.com Toolbar) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425.01 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0014 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
TotalRecipeSearch Internet Explorer Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lizel\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lizel\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lizel\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lizel\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2013-12-02 19:57 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {132F1E54-9341-4523-877D-87FCA1BC3575} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)
Task: {2D8FE1AA-AA2D-4D52-B601-CB7E768B9096} - System32\Tasks\Lizel Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-04-30] (Seagate Technology LLC)
Task: {43421419-64C3-40CE-8C9E-6B449146EF19} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {50A7D89B-20A0-41A6-AB87-D835CFF796C2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {59B9006B-FAFA-4AB1-B630-39686A64B113} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-23] (Microsoft Corporation)
Task: {5A1E7CCF-DC15-471D-8BF3-BBFD818BDF05} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-04-30] (Seagate Technology LLC)
Task: {67E35E0B-8B93-41CF-8759-B1ADD33DA0F9} - System32\Tasks\Lizel => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-04-30] (Seagate Technology LLC)
Task: {78ADE357-9A43-49B5-9201-401AFE79F1A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {8577CF2A-2BA2-4EE3-AB64-23C5E16F27CF} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3809426249-1239727763-2388386071-1001
Task: {9538BDF7-CBF0-4791-89D5-B2E7C72A7A7C} - System32\Tasks\Lizel DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-04-30] (Seagate Technology LLC)
Task: {97194B0E-58E1-4920-B79A-DB3845777ECB} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {993ECD12-9D81-4B8A-8924-4A455501794C} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {9FDB201C-843E-469C-81D2-19F5243F57CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {AC64A849-0BCC-45B0-BAEE-5076E0367BD1} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {B75269FF-55F7-4317-8F39-121AA48BEB72} - System32\Tasks\{61BDE66A-3531-4B77-A1D7-7364A29A1A12} => pcalua.exe -a C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeUninstall.exe
Task: {B96DF796-F345-4E61-83E9-AC09754290D2} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [2013-07-11] (LionSea)
Task: {BE0A7228-D8CB-4D2E-8E49-D5CE1916117B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4F95ED0-B0E9-4F7F-A75E-E5C2E45CE537} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DCBEDD20-131C-45ED-BD90-D02AF2470483} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-24] (Microsoft Corporation)
Task: {DDD9722D-CF68-4CDE-9026-230D38CFC262} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3809426249-1239727763-2388386071-1001
Task: {F20D61D4-4521-4F45-B47F-AEAC6CA0D557} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {F59941E1-7B3A-4A93-97A8-B4686708A0C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-22 11:00 - 2014-03-08 01:48 - 00252928 _____ () C:\Windows\System32\AppXDeploymentClient.dll
2014-12-24 17:25 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-17 09:16 - 2014-12-24 18:25 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-06-18 07:42 - 2013-06-18 07:42 - 00292424 _____ () C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegratorStub64.dll
2013-11-04 18:22 - 2013-11-04 18:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-18 21:38 - 2012-07-18 21:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 21:38 - 2012-07-18 21:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 22:13 - 2012-08-13 22:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll
2013-06-18 07:42 - 2013-06-18 07:42 - 00548936 _____ () C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe
2013-06-18 07:42 - 2013-06-18 07:42 - 00442952 _____ () C:\Program Files (x86)\PackageTracer_69\bar\1.bin\HPG64.DLL
2013-08-11 21:37 - 2013-06-20 02:58 - 00391040 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2015-02-01 05:47 - 2015-02-01 05:47 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2015-02-01 05:48 - 2015-02-01 05:48 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2015-02-01 05:48 - 2015-02-01 05:48 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2013-01-22 10:19 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-04-14 14:50 - 2014-12-24 17:28 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-08-11 21:37 - 2010-06-23 20:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-08-11 21:37 - 2010-07-13 08:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-08-11 21:37 - 2010-06-01 21:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-08-11 21:37 - 2010-06-01 21:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-08-11 21:37 - 2013-08-09 01:01 - 09849200 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-08-11 21:37 - 2010-07-05 04:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-08-11 21:37 - 2010-11-11 04:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-08-11 21:37 - 2010-06-01 21:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-08-11 21:37 - 2010-06-01 21:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-08-11 21:37 - 2010-06-02 00:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-08-11 21:37 - 2010-06-02 00:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-01-26 21:19 - 2015-01-25 01:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-26 21:19 - 2015-01-25 01:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-26 21:19 - 2015-01-25 01:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lizel\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "ShopAtHomeUpdater"
HKLM\...\StartupApproved\Run32: => "ShopAtHomeWatcher"

========================= Accounts: ==========================

Administrator (S-1-5-21-3809426249-1239727763-2388386071-500 - Administrator - Disabled)
Guest (S-1-5-21-3809426249-1239727763-2388386071-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3809426249-1239727763-2388386071-1003 - Limited - Enabled)
Lizel (S-1-5-21-3809426249-1239727763-2388386071-1001 - Administrator - Enabled) => C:\Users\Lizel

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2015 05:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ToshibaServiceStation.exe, version: 2.6.3.0, time stamp: 0x51f95861
Faulting module name: clr.dll, version: 4.0.30319.34014, time stamp: 0x52e0b86c
Exception code: 0xc0000005
Fault offset: 0x00000000005c3d50
Faulting process id: 0x1af4
Faulting application start time: 0xToshibaServiceStation.exe0
Faulting application path: ToshibaServiceStation.exe1
Faulting module path: ToshibaServiceStation.exe2
Report Id: ToshibaServiceStation.exe3
Faulting package full name: ToshibaServiceStation.exe4
Faulting package-relative application ID: ToshibaServiceStation.exe5

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Seagate.Dashboard.DASWindowsService.exe, version: 3.1.2.0, time stamp: 0x53589672
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x504
Faulting application start time: 0xSeagate.Dashboard.DASWindowsService.exe0
Faulting application path: Seagate.Dashboard.DASWindowsService.exe1
Faulting module path: Seagate.Dashboard.DASWindowsService.exe2
Report Id: Seagate.Dashboard.DASWindowsService.exe3
Faulting package full name: Seagate.Dashboard.DASWindowsService.exe4
Faulting package-relative application ID: Seagate.Dashboard.DASWindowsService.exe5

Error: (02/01/2015 05:24:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Seagate.Dashboard.DASWindowsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.CallbackException
Stack:
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
 - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
 - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000003F
Disk type: 0

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.17031, time stamp: 0x530863b5
Faulting module name: TQUERY.DLL, version: 7.0.9600.17031, time stamp: 0x53086c59
Exception code: 0xc0000006
Fault offset: 0x000000000001772d
Faulting process id: 0x994
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5

Error: (02/01/2015 05:24:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DeviceAgent.exe, version: 3.1.3.0, time stamp: 0x53605655
Faulting module name: clr.dll, version: 4.0.30319.34014, time stamp: 0x52e0b784
Exception code: 0xc0000005
Fault offset: 0x0001b7bb
Faulting process id: 0x17d0
Faulting application start time: 0xDeviceAgent.exe0
Faulting application path: DeviceAgent.exe1
Faulting module path: DeviceAgent.exe2
Report Id: DeviceAgent.exe3
Faulting package full name: DeviceAgent.exe4
Faulting package-relative application ID: DeviceAgent.exe5

Error: (02/01/2015 05:24:30 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program McAfee Service Host because of this error.

Program: McAfee Service Host
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
 - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
 - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000003F
Disk type: 0

Error: (02/01/2015 05:24:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 4.6.360.0, time stamp: 0x5453e679
Faulting module name: vsann.dll, version: 17.6.481.0, time stamp: 0x54242036
Exception code: 0xc0000006
Fault offset: 0x00000000000532ea
Faulting process id: 0x954
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5

Error: (02/01/2015 05:24:27 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: DeviceAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 7177B7BB (71760000) with exit code 80131506.

Error: (02/01/2015 05:13:37 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

System errors:
=============
Error: (02/01/2015 05:26:07 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (02/01/2015 05:25:59 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (02/01/2015 05:25:14 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (02/01/2015 05:25:00 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (02/01/2015 05:24:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Seagate Dashboard Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/01/2015 05:24:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/01/2015 05:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/01/2015 05:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/01/2015 05:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/01/2015 05:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (02/01/2015 05:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ToshibaServiceStation.exe2.6.3.051f95861clr.dll4.0.30319.3401452e0b86cc000000500000000005c3d501af401d03e6c5a319631C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll295ca9ff-aa61-11e4-bf2a-008cfa387ed2

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Seagate.Dashboard.DASWindowsService.exe3.1.2.053589672KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f7150401d03e13afbf6c61C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll1f0365f6-aa61-11e4-bf2a-008cfa387ed2

Error: (02/01/2015 05:24:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Seagate.Dashboard.DASWindowsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.CallbackException
Stack:
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search IndexerC000003F0

Error: (02/01/2015 05:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5TQUERY.DLL7.0.9600.1703153086c59c0000006000000000001772d99401d03e14113a4028C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\TQUERY.DLL1ea566f3-aa61-11e4-bf2a-008cfa387ed2

Error: (02/01/2015 05:24:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DeviceAgent.exe3.1.3.053605655clr.dll4.0.30319.3401452e0b784c00000050001b7bb17d001d03e6c39e18879C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll170d879f-aa61-11e4-bf2a-008cfa387ed2

Error: (02/01/2015 05:24:30 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: McAfee Service HostC000003F0

Error: (02/01/2015 05:24:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe4.6.360.05453e679vsann.dll17.6.481.054242036c000000600000000000532ea95401d03e13b994cd4fC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\VIRUSS~1\vsann.dll16758c87-aa61-11e4-bf2a-008cfa387ed2

Error: (02/01/2015 05:24:27 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: DeviceAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 7177B7BB (71760000) with exit code 80131506.

Error: (02/01/2015 05:13:37 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

CodeIntegrity Errors:
===================================
  Date: 2015-01-30 09:42:02.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\tcpipreg.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-23 09:54:33.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\wow64cpu.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-23 09:52:41.497
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\wow64cpu.dll that did not meet the Windows signing level requirements.

  Date: 2013-12-02 19:56:53.172
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 3980.22 MB
Available physical RAM: 1530.14 MB
Total Pagefile: 8076.22 MB
Available Pagefile: 5382.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (TI10657300D) (Fixed) (Total:584.45 GB) (Free:437.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

TDSSKiller log:

 

17:22:46.0984 0x0434  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:22:46.0984 0x0434  UEFI system
17:22:55.0958 0x0434  ============================================================
17:22:55.0958 0x0434  Current date / time: 2015/02/01 17:22:55.0958
17:22:55.0958 0x0434  SystemInfo:
17:22:55.0958 0x0434 
17:22:55.0958 0x0434  OS Version: 6.3.9600 ServicePack: 0.0
17:22:55.0958 0x0434  Product type: Workstation
17:22:55.0958 0x0434  ComputerName: SNOEKIES
17:22:55.0958 0x0434  UserName: Lizel
17:22:55.0958 0x0434  Windows directory: C:\WINDOWS
17:22:55.0958 0x0434  System windows directory: C:\WINDOWS
17:22:55.0958 0x0434  Running under WOW64
17:22:55.0958 0x0434  Processor architecture: Intel x64
17:22:55.0958 0x0434  Number of processors: 4
17:22:55.0958 0x0434  Page size: 0x1000
17:22:55.0958 0x0434  Boot type: Normal boot
17:22:55.0958 0x0434  ============================================================
17:22:57.0178 0x0434  KLMD registered as C:\WINDOWS\system32\drivers\12864512.sys
17:22:58.0858 0x0434  System UUID: {DC856BF8-86A2-D001-0C3C-8BE9E496566B}
17:23:00.0475 0x0434  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:23:00.0491 0x0434  ============================================================
17:23:00.0491 0x0434  \Device\Harddisk0\DR0:
17:23:00.0491 0x0434  GPT partitions:
17:23:00.0491 0x0434  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C5A44A18-408F-11E2-B822-F3CA26F352EC}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
17:23:00.0491 0x0434  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C5A44A1E-408F-11E2-B822-F3CA26F352EC}, Name: Basic data partition, StartLBA 0xE1800, BlocksNum 0x82000
17:23:00.0494 0x0434  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C5A44A20-408F-11E2-B822-F3CA26F352EC}, Name: Basic data partition, StartLBA 0x163800, BlocksNum 0x40000
17:23:00.0494 0x0434  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C5A44A28-408F-11E2-B822-F3CA26F352EC}, Name: Basic data partition, StartLBA 0x1A3800, BlocksNum 0x490E8800
17:23:00.0494 0x0434  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {94CF02C4-112C-4900-B7B4-CB61B5E316D5}, Name: , StartLBA 0x4928C000, BlocksNum 0xE1000
17:23:00.0494 0x0434  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3486246E-90E2-48D6-B624-336B9097F42A}, Name: Basic data partition, StartLBA 0x4936D000, BlocksNum 0x14EB000
17:23:00.0494 0x0434  MBR partitions:
17:23:00.0494 0x0434  ============================================================
17:23:00.0571 0x0434  C: <-> \Device\Harddisk0\DR0\Partition4
17:23:00.0571 0x0434  ============================================================
17:23:00.0571 0x0434  Initialize success
17:23:00.0571 0x0434  ============================================================
17:27:45.0798 0x10d0  ============================================================
17:27:45.0798 0x10d0  Scan started
17:27:45.0798 0x10d0  Mode: Manual; SigCheck; TDLFS;
17:27:45.0798 0x10d0  ============================================================
17:27:45.0798 0x10d0  KSN ping started
17:27:48.0838 0x10d0  KSN ping finished: true
17:27:50.0095 0x10d0  ================ Scan system memory ========================
17:27:50.0095 0x10d0  System memory - ok
17:27:50.0095 0x10d0  ================ Scan services =============================
17:27:50.0379 0x10d0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:27:50.0443 0x10d0  1394ohci - ok
17:27:50.0467 0x10d0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:27:50.0483 0x10d0  3ware - ok
17:27:50.0531 0x10d0  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:27:50.0563 0x10d0  ACPI - ok
17:27:50.0583 0x10d0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:27:50.0599 0x10d0  acpiex - ok
17:27:50.0611 0x10d0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:27:50.0647 0x10d0  acpipagr - ok
17:27:50.0687 0x10d0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:27:50.0715 0x10d0  AcpiPmi - ok
17:27:50.0719 0x10d0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:27:50.0731 0x10d0  acpitime - ok
17:27:50.0831 0x10d0  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:50.0859 0x10d0  AdobeARMservice - ok
17:27:50.0983 0x10d0  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:51.0019 0x10d0  AdobeFlashPlayerUpdateSvc - ok
17:27:51.0091 0x10d0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:27:51.0163 0x10d0  ADP80XX - ok
17:27:51.0219 0x10d0  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:27:51.0251 0x10d0  AeLookupSvc - ok
17:27:51.0283 0x10d0  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:27:51.0371 0x10d0  AFD - ok
17:27:51.0399 0x10d0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:27:51.0419 0x10d0  agp440 - ok
17:27:51.0467 0x10d0  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:27:51.0527 0x10d0  ahcache - ok
17:27:51.0575 0x10d0  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
17:27:51.0611 0x10d0  ALG - ok
17:27:51.0663 0x10d0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:27:51.0691 0x10d0  AmdK8 - ok
17:27:51.0699 0x10d0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:27:51.0727 0x10d0  AmdPPM - ok
17:27:51.0751 0x10d0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:27:51.0787 0x10d0  amdsata - ok
17:27:51.0815 0x10d0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:27:51.0851 0x10d0  amdsbs - ok
17:27:51.0875 0x10d0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:27:51.0919 0x10d0  amdxata - ok
17:27:51.0959 0x10d0  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:27:52.0011 0x10d0  AppID - ok
17:27:52.0059 0x10d0  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:27:52.0111 0x10d0  AppIDSvc - ok
17:27:52.0143 0x10d0  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:27:52.0191 0x10d0  Appinfo - ok
17:27:52.0255 0x10d0  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:27:52.0271 0x10d0  Apple Mobile Device - ok
17:27:52.0335 0x10d0  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:27:52.0391 0x10d0  AppReadiness - ok
17:27:52.0471 0x10d0  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:27:52.0571 0x10d0  AppXSvc - ok
17:27:52.0615 0x10d0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:27:52.0651 0x10d0  arcsas - ok
17:27:52.0659 0x10d0  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:27:52.0683 0x10d0  AsyncMac - ok
17:27:52.0699 0x10d0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:27:52.0715 0x10d0  atapi - ok
17:27:52.0755 0x10d0  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:27:52.0795 0x10d0  AudioEndpointBuilder - ok
17:27:52.0860 0x10d0  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:27:52.0908 0x10d0  Audiosrv - ok
17:27:52.0952 0x10d0  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:27:53.0012 0x10d0  AxInstSV - ok
17:27:53.0088 0x10d0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:27:53.0144 0x10d0  b06bdrv - ok
17:27:53.0180 0x10d0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:27:53.0212 0x10d0  BasicDisplay - ok
17:27:53.0264 0x10d0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:27:53.0288 0x10d0  BasicRender - ok
17:27:53.0336 0x10d0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:27:53.0372 0x10d0  bcmfn2 - ok
17:27:53.0400 0x10d0  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:27:53.0456 0x10d0  BDESVC - ok
17:27:53.0496 0x10d0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:27:53.0532 0x10d0  Beep - ok
17:27:53.0588 0x10d0  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
17:27:53.0668 0x10d0  BFE - ok
17:27:53.0756 0x10d0  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
17:27:53.0824 0x10d0  BITS - ok
17:27:53.0904 0x10d0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:27:53.0940 0x10d0  Bonjour Service - ok
17:27:53.0996 0x10d0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:27:54.0056 0x10d0  bowser - ok
17:27:54.0112 0x10d0  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:27:54.0176 0x10d0  BrokerInfrastructure - ok
17:27:54.0216 0x10d0  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
17:27:54.0260 0x10d0  Browser - ok
17:27:54.0300 0x10d0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:27:54.0332 0x10d0  BthAvrcpTg - ok
17:27:54.0348 0x10d0  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:27:54.0396 0x10d0  BthHFEnum - ok
17:27:54.0420 0x10d0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:27:54.0468 0x10d0  bthhfhid - ok
17:27:54.0484 0x10d0  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:27:54.0516 0x10d0  BTHMODEM - ok
17:27:54.0560 0x10d0  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:27:54.0584 0x10d0  bthserv - ok
17:27:54.0600 0x10d0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:27:54.0656 0x10d0  cdfs - ok
17:27:54.0712 0x10d0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:27:54.0756 0x10d0  cdrom - ok
17:27:54.0824 0x10d0  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:27:54.0888 0x10d0  CertPropSvc - ok
17:27:54.0928 0x10d0  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
17:27:54.0940 0x10d0  cfwids - ok
17:27:55.0032 0x10d0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:27:55.0124 0x10d0  circlass - ok
17:27:55.0244 0x10d0  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:27:55.0360 0x10d0  CLFS - ok
17:27:55.0512 0x10d0  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
17:27:55.0584 0x10d0  ClickToRunSvc - ok
17:27:55.0636 0x10d0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:27:55.0676 0x10d0  CmBatt - ok
17:27:55.0720 0x10d0  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:27:55.0764 0x10d0  CNG - ok
17:27:55.0784 0x10d0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:27:55.0828 0x10d0  CompositeBus - ok
17:27:55.0832 0x10d0  COMSysApp - ok
17:27:55.0861 0x10d0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:27:55.0897 0x10d0  condrv - ok
17:27:55.0989 0x10d0  [ 10CA7F8EF882104CFBA8D0871DB06AF3, A0C1A7F7C3DCF0BD0F6979F2AE632007FEC767ACF1065C371C9075E54D14FCE4 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:27:56.0029 0x10d0  cphs - ok
17:27:56.0077 0x10d0  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:27:56.0109 0x10d0  CryptSvc - ok
17:27:56.0153 0x10d0  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:27:56.0185 0x10d0  dam - ok
17:27:56.0213 0x10d0  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
17:27:56.0269 0x10d0  dc3d - ok
17:27:56.0365 0x10d0  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:27:56.0413 0x10d0  DcomLaunch - ok
17:27:56.0457 0x10d0  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:27:56.0525 0x10d0  defragsvc - ok
17:27:56.0585 0x10d0  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:27:56.0633 0x10d0  DeviceAssociationService - ok
17:27:56.0681 0x10d0  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:27:56.0741 0x10d0  DeviceInstall - ok
17:27:56.0761 0x10d0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:27:56.0805 0x10d0  Dfsc - ok
17:27:56.0849 0x10d0  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:27:56.0897 0x10d0  Dhcp - ok
17:27:56.0937 0x10d0  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:27:56.0965 0x10d0  disk - ok
17:27:56.0981 0x10d0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:27:57.0037 0x10d0  dmvsc - ok
17:27:57.0085 0x10d0  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:27:57.0145 0x10d0  Dnscache - ok
17:27:57.0197 0x10d0  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:27:57.0253 0x10d0  dot3svc - ok
17:27:57.0313 0x10d0  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:27:57.0341 0x10d0  dot4 - ok
17:27:57.0357 0x10d0  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
17:27:57.0373 0x10d0  Dot4Print - ok
17:27:57.0389 0x10d0  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:27:57.0409 0x10d0  dot4usb - ok
17:27:57.0461 0x10d0  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
17:27:57.0517 0x10d0  DPS - ok
17:27:57.0553 0x10d0  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:27:57.0577 0x10d0  drmkaud - ok
17:27:57.0637 0x10d0  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:27:57.0725 0x10d0  DsmSvc - ok
17:27:57.0805 0x10d0  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:27:57.0881 0x10d0  DXGKrnl - ok
17:27:57.0921 0x10d0  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:27:57.0957 0x10d0  Eaphost - ok
17:27:58.0097 0x10d0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:27:58.0273 0x10d0  ebdrv - ok
17:27:58.0305 0x10d0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
17:27:58.0321 0x10d0  EFS - ok
17:27:58.0361 0x10d0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:27:58.0389 0x10d0  EhStorClass - ok
17:27:58.0413 0x10d0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:27:58.0445 0x10d0  EhStorTcgDrv - ok
17:27:58.0469 0x10d0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:27:58.0513 0x10d0  ErrDev - ok
17:27:58.0585 0x10d0  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
17:27:58.0625 0x10d0  EventSystem - ok
17:27:58.0677 0x10d0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:27:58.0713 0x10d0  exfat - ok
17:27:58.0737 0x10d0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:27:58.0765 0x10d0  fastfat - ok
17:27:58.0849 0x10d0  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:27:58.0913 0x10d0  Fax - ok
17:27:58.0933 0x10d0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:27:58.0949 0x10d0  fdc - ok
17:27:58.0989 0x10d0  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:27:59.0017 0x10d0  fdPHost - ok
17:27:59.0033 0x10d0  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:27:59.0081 0x10d0  FDResPub - ok
17:27:59.0101 0x10d0  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:27:59.0141 0x10d0  fhsvc - ok
17:27:59.0189 0x10d0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:27:59.0217 0x10d0  FileInfo - ok
17:27:59.0261 0x10d0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:27:59.0301 0x10d0  Filetrace - ok
17:27:59.0321 0x10d0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:27:59.0337 0x10d0  flpydisk - ok
17:27:59.0373 0x10d0  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:27:59.0409 0x10d0  FltMgr - ok
17:27:59.0513 0x10d0  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:27:59.0621 0x10d0  FontCache - ok
17:27:59.0757 0x10d0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:59.0781 0x10d0  FontCache3.0.0.0 - ok
17:27:59.0829 0x10d0  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:27:59.0858 0x10d0  FsDepends - ok
17:27:59.0886 0x10d0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:27:59.0930 0x10d0  Fs_Rec - ok
17:27:59.0982 0x10d0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:28:00.0050 0x10d0  fvevol - ok
17:28:00.0086 0x10d0  [ 40A5690A50D003429E6AF655D765AAF4, FAE92750AC7F3E8507D9AAA492253E386F807F254E03F412F035CC46412C0FA5 ] FwLnk           C:\WINDOWS\System32\drivers\FwLnk.sys
17:28:00.0146 0x10d0  FwLnk - ok
17:28:00.0190 0x10d0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:28:00.0214 0x10d0  FxPPM - ok
17:28:00.0238 0x10d0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:28:00.0266 0x10d0  gagp30kx - ok
17:28:00.0306 0x10d0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:28:00.0318 0x10d0  GEARAspiWDM - ok
17:28:00.0358 0x10d0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:28:00.0410 0x10d0  gencounter - ok
17:28:00.0454 0x10d0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:28:00.0482 0x10d0  GPIOClx0101 - ok
17:28:00.0574 0x10d0  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:28:00.0650 0x10d0  gpsvc - ok
17:28:00.0718 0x10d0  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:00.0762 0x10d0  gupdate - ok
17:28:00.0774 0x10d0  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:28:00.0794 0x10d0  gupdatem - ok
17:28:00.0830 0x10d0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:28:00.0906 0x10d0  HDAudBus - ok
17:28:00.0950 0x10d0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:28:00.0978 0x10d0  HidBatt - ok
17:28:01.0034 0x10d0  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:28:01.0074 0x10d0  HidBth - ok
17:28:01.0102 0x10d0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:28:01.0150 0x10d0  hidi2c - ok
17:28:01.0178 0x10d0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:28:01.0198 0x10d0  HidIr - ok
17:28:01.0246 0x10d0  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:28:01.0274 0x10d0  hidserv - ok
17:28:01.0326 0x10d0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:28:01.0366 0x10d0  HidUsb - ok
17:28:01.0458 0x10d0  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
17:28:01.0502 0x10d0  HipShieldK - ok
17:28:01.0582 0x10d0  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:28:01.0614 0x10d0  hkmsvc - ok
17:28:01.0642 0x10d0  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:28:01.0754 0x10d0  HomeGroupListener - ok
17:28:01.0862 0x10d0  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:28:01.0982 0x10d0  HomeGroupProvider - ok
17:28:02.0202 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:02.0230 0x10d0  HomeNetSvc - ok
17:28:02.0270 0x10d0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:28:02.0290 0x10d0  HpSAMD - ok
17:28:02.0382 0x10d0  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:28:02.0438 0x10d0  HTTP - ok
17:28:02.0458 0x10d0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:28:02.0498 0x10d0  hwpolicy - ok
17:28:02.0526 0x10d0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:28:02.0542 0x10d0  hyperkbd - ok
17:28:02.0554 0x10d0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:28:02.0574 0x10d0  HyperVideo - ok
17:28:02.0590 0x10d0  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:28:02.0610 0x10d0  i8042prt - ok
17:28:02.0634 0x10d0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:28:02.0646 0x10d0  iaLPSSi_GPIO - ok
17:28:02.0666 0x10d0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:28:02.0698 0x10d0  iaLPSSi_I2C - ok
17:28:02.0746 0x10d0  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:28:02.0778 0x10d0  iaStorA - ok
17:28:02.0842 0x10d0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:28:02.0878 0x10d0  iaStorAV - ok
17:28:02.0910 0x10d0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:28:02.0946 0x10d0  iaStorV - ok
17:28:02.0950 0x10d0  IEEtwCollectorService - ok
17:28:03.0198 0x10d0  [ 4EB6ABBF5D78E65A418BA71EF3ACE251, 261586815680E666F61FCE3CCB5D485A1D200C42FF52D451AE31D80740EA5BDB ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:28:03.0382 0x10d0  igfx - ok
17:28:03.0454 0x10d0  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:28:03.0534 0x10d0  IKEEXT - ok
17:28:03.0578 0x10d0  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:28:03.0590 0x10d0  intaud_WaveExtensible - ok
17:28:03.0802 0x10d0  [ 6BDCC85422817FA53CD705ADE312CE6A, 2EBEDF34493B4AE34442A89ACBCDB2C39447F21FBB015BDD7935DE95DD217CD0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:28:04.0066 0x10d0  IntcAzAudAddService - ok
17:28:04.0106 0x10d0  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:28:04.0150 0x10d0  IntcDAud - ok
17:28:04.0242 0x10d0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:28:04.0294 0x10d0  Intel® Capability Licensing Service Interface - ok
17:28:04.0418 0x10d0  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
17:28:04.0458 0x10d0  Intel® ME Service - ok
17:28:04.0502 0x10d0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:28:04.0562 0x10d0  intelide - ok
17:28:04.0586 0x10d0  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:28:04.0614 0x10d0  intelpep - ok
17:28:04.0638 0x10d0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:28:04.0658 0x10d0  intelppm - ok
17:28:04.0706 0x10d0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:28:04.0746 0x10d0  IpFilterDriver - ok
17:28:04.0842 0x10d0  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:28:04.0918 0x10d0  iphlpsvc - ok
17:28:04.0950 0x10d0  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:28:04.0978 0x10d0  IPMIDRV - ok
17:28:05.0022 0x10d0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:28:05.0054 0x10d0  IPNAT - ok
17:28:05.0106 0x10d0  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:28:05.0166 0x10d0  iPod Service - ok
17:28:05.0214 0x10d0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:28:05.0238 0x10d0  IRENUM - ok
17:28:05.0318 0x10d0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:28:05.0346 0x10d0  isapnp - ok
17:28:05.0426 0x10d0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:28:05.0478 0x10d0  iScsiPrt - ok
17:28:05.0534 0x10d0  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:28:05.0558 0x10d0  iwdbus - ok
17:28:05.0630 0x10d0  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:28:05.0674 0x10d0  jhi_service - ok
17:28:05.0718 0x10d0  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:28:05.0746 0x10d0  kbdclass - ok
17:28:05.0762 0x10d0  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:28:05.0790 0x10d0  kbdhid - ok
17:28:05.0810 0x10d0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:28:05.0874 0x10d0  kdnic - ok
17:28:05.0898 0x10d0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:28:05.0926 0x10d0  KeyIso - ok
17:28:05.0978 0x10d0  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:28:06.0026 0x10d0  KSecDD - ok
17:28:06.0086 0x10d0  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:28:06.0138 0x10d0  KSecPkg - ok
17:28:06.0190 0x10d0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:28:06.0262 0x10d0  ksthunk - ok
17:28:06.0314 0x10d0  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:28:06.0354 0x10d0  KtmRm - ok
17:28:06.0370 0x10d0  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
17:28:06.0414 0x10d0  L1C - ok
17:28:06.0494 0x10d0  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:28:06.0598 0x10d0  LanmanServer - ok
17:28:06.0726 0x10d0  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:28:06.0818 0x10d0  LanmanWorkstation - ok
17:28:06.0898 0x10d0  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:28:06.0966 0x10d0  lfsvc - ok
17:28:06.0986 0x10d0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:28:07.0054 0x10d0  lltdio - ok
17:28:07.0182 0x10d0  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:28:07.0246 0x10d0  lltdsvc - ok
17:28:07.0290 0x10d0  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:28:07.0354 0x10d0  lmhosts - ok
17:28:07.0462 0x10d0  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:28:07.0494 0x10d0  LMS - ok
17:28:07.0534 0x10d0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:28:07.0590 0x10d0  LSI_SAS - ok
17:28:07.0606 0x10d0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:28:07.0654 0x10d0  LSI_SAS2 - ok
17:28:07.0674 0x10d0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:28:07.0702 0x10d0  LSI_SAS3 - ok
17:28:07.0718 0x10d0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:28:07.0770 0x10d0  LSI_SSS - ok
17:28:07.0898 0x10d0  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
17:28:07.0982 0x10d0  LSM - ok
17:28:08.0018 0x10d0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:28:08.0038 0x10d0  luafv - ok
17:28:08.0194 0x10d0  [ 199A31C67C8EB9E081C853BCD77459BD, 53C7AD447EB5EE1EC2E27FBD91C106F3E85F604185B5AE5B9164BBEFE39CF406 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
17:28:08.0222 0x10d0  McAfee SiteAdvisor Service - ok
17:28:08.0382 0x10d0  [ 51700D4BD678B2B13167CB0BB4477F4C, 44BCF7BFE2F78AB2B62BEFF08133922A678A8491B8213EF27B94757D1BB56ACC ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
17:28:08.0414 0x10d0  McAPExe - ok
17:28:08.0602 0x10d0  [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
17:28:08.0666 0x10d0  mccspsvc - ok
17:28:08.0694 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:08.0714 0x10d0  McMPFSvc - ok
17:28:08.0726 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:08.0750 0x10d0  McNaiAnn - ok
17:28:08.0838 0x10d0  [ C8D80E7C98951B38717BB0E70C425200, 0324598F6A11DC26AAB6787DF0B51F46447E235DBD2E174AD42FFEDAE3F4FDD8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
17:28:08.0914 0x10d0  McODS - ok
17:28:08.0958 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:08.0978 0x10d0  mcpltsvc - ok
17:28:08.0998 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:09.0018 0x10d0  McProxy - ok
17:28:09.0066 0x10d0  [ 3DA891A743F714CA07CA769AE6441424, C7C731333D4E9C012EA383D4B4B8B5D2475132ED7A72913E66E897BFC7DB3A88 ] McPvDrv         C:\WINDOWS\system32\drivers\McPvDrv.sys
17:28:09.0118 0x10d0  McPvDrv - ok
17:28:09.0190 0x10d0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:28:09.0218 0x10d0  megasas - ok
17:28:09.0258 0x10d0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:28:09.0334 0x10d0  megasr - ok
17:28:09.0378 0x10d0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:28:09.0394 0x10d0  MEIx64 - ok
17:28:09.0426 0x10d0  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
17:28:09.0442 0x10d0  mfeapfk - ok
17:28:09.0510 0x10d0  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
17:28:09.0562 0x10d0  mfeavfk - ok
17:28:09.0911 0x10d0  [ 862CCECA53B237BDF3AA52EDD681FCE1, 752850CE18FD2ED747EDB4A2DE4D9B7730A704A992FDC2C99C84A7E48F1CCDA4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
17:28:09.0971 0x10d0  mfecore - ok
17:28:10.0007 0x10d0  [ B330B4A4F5E41462AB334A26897856BD, 2ECD4B2F1DF54EFF8FF8EA0FC4529ECD18F70BD14CE8C8680F08D9AE3950575F ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
17:28:10.0027 0x10d0  mfeelamk - ok
17:28:10.0051 0x10d0  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:28:10.0071 0x10d0  mfefire - ok
17:28:10.0179 0x10d0  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
17:28:10.0235 0x10d0  mfefirek - ok
17:28:10.0371 0x10d0  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
17:28:10.0447 0x10d0  mfehidk - ok
17:28:10.0491 0x10d0  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
17:28:10.0527 0x10d0  mfencbdc - ok
17:28:10.0567 0x10d0  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
17:28:10.0603 0x10d0  mfencrk - ok
17:28:10.0631 0x10d0  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
17:28:10.0667 0x10d0  mfevtp - ok
17:28:10.0731 0x10d0  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
17:28:10.0787 0x10d0  mfewfpk - ok
17:28:10.0851 0x10d0  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:28:10.0891 0x10d0  MMCSS - ok
17:28:10.0931 0x10d0  [ 934754A47266AC4C1EEDF1A477CCFEB8, A36599D8739CD9F7D2397BDFE9C38D8D0D21F8B21A87C3AB3D64217E1449DFC6 ] MOBKbackup      C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
17:28:10.0975 0x10d0  MOBKbackup - ok
17:28:10.0999 0x10d0  [ B0DCCC8BE52C95DB8255763C52061104, DE542300C331325FEDE9418975E29BFA367FFED0EE0707CB02DB38FB5A76A07F ] MOBKFilter      C:\WINDOWS\system32\DRIVERS\MOBK.sys
17:28:11.0015 0x10d0  MOBKFilter - ok
17:28:11.0047 0x10d0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:28:11.0087 0x10d0  Modem - ok
17:28:11.0107 0x10d0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:28:11.0139 0x10d0  monitor - ok
17:28:11.0155 0x10d0  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:28:11.0195 0x10d0  mouclass - ok
17:28:11.0239 0x10d0  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:28:11.0259 0x10d0  mouhid - ok
17:28:11.0279 0x10d0  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:28:11.0319 0x10d0  mountmgr - ok
17:28:11.0407 0x10d0  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:28:11.0447 0x10d0  MozillaMaintenance - ok
17:28:11.0475 0x10d0  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:28:11.0511 0x10d0  mpsdrv - ok
17:28:11.0591 0x10d0  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:28:11.0663 0x10d0  MpsSvc - ok
17:28:11.0715 0x10d0  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:28:11.0775 0x10d0  MRxDAV - ok
17:28:11.0819 0x10d0  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:28:11.0903 0x10d0  mrxsmb - ok
17:28:11.0987 0x10d0  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:28:12.0079 0x10d0  mrxsmb10 - ok
17:28:12.0123 0x10d0  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:28:12.0211 0x10d0  mrxsmb20 - ok
17:28:12.0239 0x10d0  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:28:12.0331 0x10d0  MsBridge - ok
17:28:12.0367 0x10d0  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:28:12.0407 0x10d0  MSDTC - ok
17:28:12.0475 0x10d0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:28:12.0503 0x10d0  Msfs - ok
17:28:12.0535 0x10d0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:28:12.0579 0x10d0  msgpiowin32 - ok
17:28:12.0599 0x10d0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:28:12.0651 0x10d0  mshidkmdf - ok
17:28:12.0671 0x10d0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:28:12.0707 0x10d0  mshidumdf - ok
17:28:12.0735 0x10d0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:28:12.0751 0x10d0  msisadrv - ok
17:28:12.0795 0x10d0  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:28:12.0827 0x10d0  MSiSCSI - ok
17:28:12.0839 0x10d0  msiserver - ok
17:28:12.0883 0x10d0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:28:12.0919 0x10d0  MSK80Service - ok
17:28:12.0971 0x10d0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:28:12.0999 0x10d0  MSKSSRV - ok
17:28:13.0027 0x10d0  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:28:13.0071 0x10d0  MsLldp - ok
17:28:13.0091 0x10d0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:28:13.0111 0x10d0  MSPCLOCK - ok
17:28:13.0123 0x10d0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:28:13.0151 0x10d0  MSPQM - ok
17:28:13.0231 0x10d0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:28:13.0267 0x10d0  MsRPC - ok
17:28:13.0291 0x10d0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:28:13.0307 0x10d0  mssmbios - ok
17:28:13.0323 0x10d0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:28:13.0351 0x10d0  MSTEE - ok
17:28:13.0367 0x10d0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:28:13.0387 0x10d0  MTConfig - ok
17:28:13.0427 0x10d0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:28:13.0531 0x10d0  Mup - ok
17:28:13.0555 0x10d0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:28:13.0583 0x10d0  mvumis - ok
17:28:13.0663 0x10d0  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:28:13.0707 0x10d0  napagent - ok
17:28:13.0783 0x10d0  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:28:13.0871 0x10d0  NativeWifiP - ok
17:28:13.0919 0x10d0  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:28:13.0975 0x10d0  NcaSvc - ok
17:28:14.0003 0x10d0  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:28:14.0067 0x10d0  NcbService - ok
17:28:14.0091 0x10d0  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:28:14.0119 0x10d0  NcdAutoSetup - ok
17:28:14.0263 0x10d0  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:28:14.0355 0x10d0  NDIS - ok
17:28:14.0407 0x10d0  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:28:14.0443 0x10d0  NdisCap - ok
17:28:14.0475 0x10d0  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:28:14.0519 0x10d0  NdisImPlatform - ok
17:28:14.0559 0x10d0  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:28:14.0619 0x10d0  NdisTapi - ok
17:28:14.0647 0x10d0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:28:14.0699 0x10d0  Ndisuio - ok
17:28:14.0723 0x10d0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:28:14.0795 0x10d0  NdisVirtualBus - ok
17:28:14.0847 0x10d0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:28:14.0911 0x10d0  NdisWan - ok
17:28:14.0943 0x10d0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:28:14.0999 0x10d0  NdisWanLegacy - ok
17:28:15.0039 0x10d0  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:28:15.0087 0x10d0  NDProxy - ok
17:28:15.0147 0x10d0  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:28:15.0231 0x10d0  Ndu - ok
17:28:15.0295 0x10d0  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
17:28:15.0303 0x10d0  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:28:17.0916 0x10d0  Detect skipped due to KSN trusted
17:28:17.0916 0x10d0  Netaapl - ok
17:28:17.0944 0x10d0  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:28:17.0984 0x10d0  NetBIOS - ok
17:28:18.0040 0x10d0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:28:18.0104 0x10d0  NetBT - ok
17:28:18.0120 0x10d0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:28:18.0148 0x10d0  Netlogon - ok
17:28:18.0252 0x10d0  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
17:28:18.0316 0x10d0  Netman - ok
17:28:18.0432 0x10d0  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:28:18.0484 0x10d0  netprofm - ok
17:28:18.0648 0x10d0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:28:18.0704 0x10d0  NetTcpPortSharing - ok
17:28:18.0756 0x10d0  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:28:18.0812 0x10d0  netvsc - ok
17:28:18.0904 0x10d0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:28:18.0968 0x10d0  NlaSvc - ok
17:28:18.0984 0x10d0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:28:19.0064 0x10d0  Npfs - ok
17:28:19.0120 0x10d0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:28:19.0192 0x10d0  npsvctrig - ok
17:28:19.0240 0x10d0  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:28:19.0268 0x10d0  nsi - ok
17:28:19.0288 0x10d0  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:28:19.0316 0x10d0  nsiproxy - ok
17:28:19.0820 0x10d0  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:28:20.0020 0x10d0  Ntfs - ok
17:28:20.0068 0x10d0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:28:20.0116 0x10d0  Null - ok
17:28:20.0180 0x10d0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:28:20.0220 0x10d0  nvraid - ok
17:28:20.0260 0x10d0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:28:20.0308 0x10d0  nvstor - ok
17:28:20.0324 0x10d0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:28:20.0360 0x10d0  nv_agp - ok
17:28:20.0420 0x10d0  [ 6F722C84CCCEF77A871D0F7E50AB25EB, F81F33DC8C20A6C331B1F7006B124F2FB9B7297E0C37CB7272A4074C2D19856C ] OpenVPNService  C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
17:28:20.0476 0x10d0  OpenVPNService - ok
17:28:20.0620 0x10d0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:28:20.0656 0x10d0  ose - ok
17:28:21.0184 0x10d0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:28:21.0360 0x10d0  osppsvc - ok
17:28:21.0436 0x10d0  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:28:21.0512 0x10d0  p2pimsvc - ok
17:28:21.0576 0x10d0  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:28:21.0636 0x10d0  p2psvc - ok
17:28:21.0704 0x10d0  [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] PackageTracer_69Service C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe
17:28:21.0736 0x10d0  PackageTracer_69Service - ok
17:28:21.0780 0x10d0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:28:21.0984 0x10d0  Parport - ok
17:28:22.0028 0x10d0  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:28:22.0044 0x10d0  partmgr - ok
17:28:22.0112 0x10d0  [ 8AA434597BF8C129209BD9FF4835EAEF, 819F0EA6B7144F03BC0FFCE071B73EB727A0B7584A5DEEC4F7049856516E5E46 ] PasswordBox     C:\Program Files (x86)\PasswordBox\pbbtnService.exe
17:28:22.0120 0x10d0  PasswordBox - detected UnsignedFile.Multi.Generic ( 1 )
17:28:24.0589 0x10d0  Detect skipped due to KSN trusted
17:28:24.0589 0x10d0  PasswordBox - ok
17:28:24.0661 0x10d0  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:28:24.0753 0x10d0  PcaSvc - ok
17:28:24.0797 0x10d0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:28:24.0917 0x10d0  pci - ok
17:28:24.0933 0x10d0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:28:24.0969 0x10d0  pciide - ok
17:28:25.0025 0x10d0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:28:25.0061 0x10d0  pcmcia - ok
17:28:25.0081 0x10d0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:28:25.0109 0x10d0  pcw - ok
17:28:25.0141 0x10d0  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:28:25.0185 0x10d0  pdc - ok
17:28:25.0269 0x10d0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:28:25.0341 0x10d0  PEAUTH - ok
17:28:25.0437 0x10d0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:28:25.0485 0x10d0  PerfHost - ok
17:28:25.0613 0x10d0  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
17:28:25.0725 0x10d0  pla - ok
17:28:25.0757 0x10d0  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:28:25.0785 0x10d0  PlugPlay - ok
17:28:25.0813 0x10d0  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:28:25.0833 0x10d0  PNRPAutoReg - ok
17:28:25.0881 0x10d0  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:28:25.0909 0x10d0  PNRPsvc - ok
17:28:25.0949 0x10d0  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:28:25.0973 0x10d0  PolicyAgent - ok
17:28:26.0013 0x10d0  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
17:28:26.0077 0x10d0  Power - ok
17:28:26.0125 0x10d0  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:28:26.0177 0x10d0  PptpMiniport - ok
17:28:26.0345 0x10d0  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:28:26.0509 0x10d0  PrintNotify - ok
17:28:26.0557 0x10d0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:28:26.0629 0x10d0  Processor - ok
17:28:26.0681 0x10d0  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:28:26.0733 0x10d0  ProfSvc - ok
17:28:26.0773 0x10d0  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:28:26.0821 0x10d0  Psched - ok
17:28:26.0877 0x10d0  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:28:26.0933 0x10d0  QWAVE - ok
17:28:26.0957 0x10d0  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:28:26.0977 0x10d0  QWAVEdrv - ok
17:28:27.0013 0x10d0  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:28:27.0037 0x10d0  RasAcd - ok
17:28:27.0065 0x10d0  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:28:27.0133 0x10d0  RasAgileVpn - ok
17:28:27.0185 0x10d0  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:28:27.0253 0x10d0  RasAuto - ok
17:28:27.0293 0x10d0  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:28:27.0349 0x10d0  Rasl2tp - ok
17:28:27.0413 0x10d0  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:28:27.0489 0x10d0  RasMan - ok
17:28:27.0509 0x10d0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:28:27.0541 0x10d0  RasPppoe - ok
17:28:27.0561 0x10d0  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
17:28:27.0601 0x10d0  RasSstp - ok
17:28:27.0661 0x10d0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:28:27.0729 0x10d0  rdbss - ok
17:28:27.0749 0x10d0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:28:27.0785 0x10d0  rdpbus - ok
17:28:27.0809 0x10d0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:28:27.0849 0x10d0  RDPDR - ok
17:28:27.0889 0x10d0  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:28:27.0913 0x10d0  RdpVideoMiniport - ok
17:28:27.0965 0x10d0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:28:28.0009 0x10d0  rdyboost - ok
17:28:28.0093 0x10d0  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:28:28.0153 0x10d0  ReFS - ok
17:28:28.0221 0x10d0  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:28:28.0273 0x10d0  RemoteAccess - ok
17:28:28.0329 0x10d0  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:28:28.0397 0x10d0  RemoteRegistry - ok
17:28:28.0449 0x10d0  [ C903D49655B4AAE46673F0AAA6BE0F58, 0F861775323CC1792A4A4B43D6375532D982FBC9FCC03184B55101A2A579A832 ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys
17:28:28.0477 0x10d0  RimVSerPort - ok
17:28:28.0517 0x10d0  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:28:28.0549 0x10d0  RpcEptMapper - ok
17:28:28.0589 0x10d0  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:28:28.0641 0x10d0  RpcLocator - ok
17:28:28.0733 0x10d0  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:28:28.0773 0x10d0  RpcSs - ok
17:28:28.0813 0x10d0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:28:28.0829 0x10d0  rspndr - ok
17:28:28.0862 0x10d0  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
17:28:28.0878 0x10d0  RSUSBVSTOR - ok
17:28:29.0014 0x10d0  [ 109B480DC954126DC272AFDB85C00C6C, 1EC9E071B586F758C4F142E3645E50C217CC6366C8D04AA74034FB0EAC8ACD43 ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
17:28:29.0126 0x10d0  RTWlanE - ok
17:28:29.0162 0x10d0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:28:29.0210 0x10d0  s3cap - ok
17:28:29.0262 0x10d0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:28:29.0294 0x10d0  SamSs - ok
17:28:29.0338 0x10d0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:28:29.0406 0x10d0  sbp2port - ok
17:28:29.0470 0x10d0  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:28:29.0526 0x10d0  SCardSvr - ok
17:28:29.0578 0x10d0  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:28:29.0634 0x10d0  ScDeviceEnum - ok
17:28:29.0678 0x10d0  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:28:29.0730 0x10d0  scfilter - ok
17:28:29.0834 0x10d0  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:28:29.0999 0x10d0  Schedule - ok
17:28:30.0055 0x10d0  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:28:30.0079 0x10d0  SCPolicySvc - ok
17:28:30.0107 0x10d0  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:28:30.0127 0x10d0  sdbus - ok
17:28:30.0167 0x10d0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:28:30.0179 0x10d0  sdstor - ok
17:28:30.0259 0x10d0  [ 21427069E4C6D325275CCC1A0F64D4D8, 1A7018DD9988C1CE9D58E5446F63C15F888C8AE6BA8D3A94565A30D6B7DF1563 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
17:28:30.0279 0x10d0  Seagate Dashboard Services - ok
17:28:30.0319 0x10d0  [ DF7A7EDF03187D83B8EE8F769FC3FCBD, D8A020217237E327673223751F5B308661EF09DD4C87A45B4615D731FE1C5852 ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
17:28:30.0339 0x10d0  Seagate MobileBackup Service - ok
17:28:30.0355 0x10d0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:28:30.0387 0x10d0  secdrv - ok
17:28:30.0439 0x10d0  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:28:30.0475 0x10d0  seclogon - ok
17:28:30.0495 0x10d0  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
17:28:30.0523 0x10d0  SENS - ok
17:28:30.0559 0x10d0  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:28:30.0587 0x10d0  SensrSvc - ok
17:28:30.0623 0x10d0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:28:30.0639 0x10d0  SerCx - ok
17:28:30.0679 0x10d0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:28:30.0699 0x10d0  SerCx2 - ok
17:28:30.0711 0x10d0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:28:30.0727 0x10d0  Serenum - ok
17:28:30.0739 0x10d0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:28:30.0759 0x10d0  Serial - ok
17:28:30.0771 0x10d0  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:28:30.0787 0x10d0  sermouse - ok
17:28:30.0851 0x10d0  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:28:30.0915 0x10d0  SessionEnv - ok
17:28:30.0939 0x10d0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:28:30.0983 0x10d0  sfloppy - ok
17:28:31.0047 0x10d0  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:28:31.0099 0x10d0  SharedAccess - ok
17:28:31.0171 0x10d0  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:28:31.0247 0x10d0  ShellHWDetection - ok
17:28:31.0279 0x10d0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:28:31.0291 0x10d0  SiSRaid2 - ok
17:28:31.0307 0x10d0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:28:31.0339 0x10d0  SiSRaid4 - ok
17:28:31.0375 0x10d0  [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
17:28:31.0415 0x10d0  SmbDrvI - ok
17:28:31.0455 0x10d0  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
17:28:31.0495 0x10d0  smphost - ok
17:28:31.0531 0x10d0  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:28:31.0551 0x10d0  SNMPTRAP - ok
17:28:31.0599 0x10d0  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:28:31.0639 0x10d0  spaceport - ok
17:28:31.0687 0x10d0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:28:31.0715 0x10d0  SpbCx - ok
17:28:31.0767 0x10d0  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:28:31.0863 0x10d0  Spooler - ok
17:28:32.0099 0x10d0  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:28:32.0407 0x10d0  sppsvc - ok
17:28:32.0451 0x10d0  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:28:32.0507 0x10d0  srv - ok
17:28:32.0591 0x10d0  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:28:32.0647 0x10d0  srv2 - ok
17:28:32.0703 0x10d0  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:28:32.0731 0x10d0  srvnet - ok
17:28:32.0775 0x10d0  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:28:32.0811 0x10d0  SSDPSRV - ok
17:28:32.0867 0x10d0  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:28:32.0911 0x10d0  SstpSvc - ok
17:28:32.0951 0x10d0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:28:32.0995 0x10d0  stexstor - ok
17:28:33.0203 0x10d0  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:28:33.0335 0x10d0  stisvc - ok
17:28:33.0387 0x10d0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:28:33.0435 0x10d0  storahci - ok
17:28:33.0455 0x10d0  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:28:33.0483 0x10d0  storflt - ok
17:28:33.0527 0x10d0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:28:33.0571 0x10d0  stornvme - ok
17:28:33.0619 0x10d0  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:28:33.0651 0x10d0  StorSvc - ok
17:28:33.0675 0x10d0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:28:33.0719 0x10d0  storvsc - ok
17:28:33.0763 0x10d0  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:28:33.0803 0x10d0  svsvc - ok
17:28:33.0851 0x10d0  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:28:33.0900 0x10d0  swenum - ok
17:28:33.0968 0x10d0  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
17:28:34.0052 0x10d0  swprv - ok
17:28:34.0100 0x10d0  [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:28:34.0152 0x10d0  SynTP - ok
17:28:34.0260 0x10d0  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:28:34.0328 0x10d0  SysMain - ok
17:28:34.0392 0x10d0  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:28:34.0452 0x10d0  SystemEventsBroker - ok
17:28:34.0500 0x10d0  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:28:34.0532 0x10d0  TabletInputService - ok
17:28:34.0576 0x10d0  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
17:28:34.0588 0x10d0  tap0901 - ok
17:28:34.0624 0x10d0  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:28:34.0676 0x10d0  TapiSrv - ok
17:28:34.0796 0x10d0  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:28:34.0944 0x10d0  Tcpip - ok
17:28:35.0048 0x10d0  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:28:35.0124 0x10d0  TCPIP6 - ok
17:28:35.0168 0x10d0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:28:35.0200 0x10d0  tcpipreg - ok
17:28:35.0240 0x10d0  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] TDCMDPST        C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
17:28:35.0276 0x10d0  TDCMDPST - ok
17:28:35.0320 0x10d0  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:28:35.0368 0x10d0  tdx - ok
17:28:35.0400 0x10d0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:28:35.0428 0x10d0  terminpt - ok
17:28:35.0480 0x10d0  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:28:35.0556 0x10d0  TermService - ok
17:28:35.0592 0x10d0  [ C028AE1560FEA74BEAB225D2E27C3E47, 0DBF7A9C1CED4627491F93465AC50BCB6F42298EE5B73C68407790EF6D41FE32 ] THAccel         C:\WINDOWS\system32\DRIVERS\THAccel.sys
17:28:35.0608 0x10d0  THAccel - ok
17:28:35.0724 0x10d0  [ F5FD83FA082E88FE6049B1B9F78AA739, 4576E985FF3BA2D232DA07BC9356C79F8A30DC506CEB40830C25397E5567F84A ] THAccelSvc      C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
17:28:35.0760 0x10d0  THAccelSvc - ok
17:28:35.0804 0x10d0  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:28:35.0844 0x10d0  Themes - ok
17:28:35.0880 0x10d0  [ 16E745743BABAF480B7718442F38B076, 4FF6C7CFB976BF24F2215DCAE4DCCA546A6758B1DE1F36C78251AFFE4D9CE249 ] Thotkey         C:\WINDOWS\System32\drivers\Thotkey.sys
17:28:35.0900 0x10d0  Thotkey - ok
17:28:35.0940 0x10d0  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:28:35.0972 0x10d0  THREADORDER - ok
17:28:36.0012 0x10d0  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:28:36.0060 0x10d0  TimeBroker - ok
17:28:36.0104 0x10d0  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:28:36.0148 0x10d0  TMachInfo - ok
17:28:36.0184 0x10d0  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
17:28:36.0212 0x10d0  TODDSrv - ok
17:28:36.0276 0x10d0  [ 4D7977197C3EC8C65F533E8A84DE229C, 2B91272E015EDB4E489179F791B9B67C9A89CAB2F45030C89FC7F6513F24200F ] TOSHIBA eco Utility Service C:\Program Files\Toshiba\Teco\TecoService.exe
17:28:36.0332 0x10d0  TOSHIBA eco Utility Service - ok
17:28:36.0396 0x10d0  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\WINDOWS\system32\drivers\tos_sps64.sys
17:28:36.0456 0x10d0  tos_sps64 - ok
17:28:36.0528 0x10d0  [ 5D31F1103D9927DCB0E731DDE36DF2E7, F6C45DD7789D258BE87CF6DB123616D9EA98059D6777FF26045EF4ED2887EE62 ] TotalRecipeSearch_14Service C:\PROGRA~2\TOTALR~2\bar\1.bin\14barsvc.exe
17:28:36.0568 0x10d0  TotalRecipeSearch_14Service - ok
17:28:36.0636 0x10d0  [ 8608681DC6E2975815A593209A6432CD, 10DF382AABB97DD70900DD4D6D388A34614A67E762D956861C8D4D036947BFDA ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:28:36.0700 0x10d0  TPCHSrv - ok
17:28:36.0740 0x10d0  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:28:36.0776 0x10d0  TPM - ok
17:28:36.0816 0x10d0  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:28:36.0856 0x10d0  TrkWks - ok
17:28:36.0928 0x10d0  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:28:37.0000 0x10d0  TrustedInstaller - ok
17:28:37.0044 0x10d0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:28:37.0092 0x10d0  TsUsbFlt - ok
17:28:37.0112 0x10d0  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:28:37.0132 0x10d0  TsUsbGD - ok
17:28:37.0156 0x10d0  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:28:37.0184 0x10d0  tunnel - ok
17:28:37.0224 0x10d0  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
17:28:37.0244 0x10d0  TVALZ - ok
17:28:37.0280 0x10d0  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\WINDOWS\system32\DRIVERS\TVALZFL.sys
17:28:37.0328 0x10d0  TVALZFL - ok
17:28:37.0344 0x10d0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:28:37.0376 0x10d0  uagp35 - ok
17:28:37.0424 0x10d0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:28:37.0484 0x10d0  UASPStor - ok
17:28:37.0572 0x10d0  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:28:37.0612 0x10d0  UCX01000 - ok
17:28:37.0736 0x10d0  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:28:37.0808 0x10d0  udfs - ok
17:28:37.0836 0x10d0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:28:37.0852 0x10d0  UEFI - ok
17:28:37.0896 0x10d0  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:28:37.0920 0x10d0  UI0Detect - ok
17:28:37.0960 0x10d0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:28:37.0976 0x10d0  uliagpkx - ok
17:28:37.0996 0x10d0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:28:38.0036 0x10d0  umbus - ok
17:28:38.0052 0x10d0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:28:38.0072 0x10d0  UmPass - ok
17:28:38.0116 0x10d0  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:28:38.0152 0x10d0  UmRdpService - ok
17:28:38.0320 0x10d0  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:28:38.0388 0x10d0  UNS - ok
17:28:38.0444 0x10d0  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:28:38.0516 0x10d0  upnphost - ok
17:28:38.0560 0x10d0  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:28:38.0596 0x10d0  USBAAPL64 - ok
17:28:38.0628 0x10d0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:28:38.0656 0x10d0  usbccgp - ok
17:28:38.0700 0x10d0  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:28:38.0732 0x10d0  usbcir - ok
17:28:38.0768 0x10d0  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:28:38.0796 0x10d0  usbehci - ok
17:28:38.0844 0x10d0  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:28:38.0889 0x10d0  usbhub - ok
17:28:38.0921 0x10d0  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:28:38.0957 0x10d0  USBHUB3 - ok
17:28:39.0013 0x10d0  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:28:39.0045 0x10d0  usbohci - ok
17:28:39.0077 0x10d0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:28:39.0125 0x10d0  usbprint - ok
17:28:39.0169 0x10d0  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:28:39.0197 0x10d0  usbscan - ok
17:28:39.0225 0x10d0  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:28:39.0249 0x10d0  USBSTOR - ok
17:28:39.0269 0x10d0  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:28:39.0301 0x10d0  usbuhci - ok
17:28:39.0353 0x10d0  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:28:39.0381 0x10d0  usbvideo - ok
17:28:39.0421 0x10d0  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:28:39.0457 0x10d0  USBXHCI - ok
17:28:39.0477 0x10d0  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:28:39.0489 0x10d0  VaultSvc - ok
17:28:39.0525 0x10d0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:28:39.0537 0x10d0  vdrvroot - ok
17:28:39.0629 0x10d0  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
17:28:39.0717 0x10d0  vds - ok
17:28:39.0757 0x10d0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:28:39.0777 0x10d0  VerifierExt - ok
17:28:39.0925 0x10d0  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:28:40.0117 0x10d0  vhdmp - ok
17:28:40.0165 0x10d0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:28:40.0189 0x10d0  viaide - ok
17:28:40.0213 0x10d0  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:28:40.0261 0x10d0  vmbus - ok
17:28:40.0289 0x10d0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:28:40.0337 0x10d0  VMBusHID - ok
17:28:40.0393 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:28:40.0457 0x10d0  vmicguestinterface - ok
17:28:40.0497 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:28:40.0545 0x10d0  vmicheartbeat - ok
17:28:40.0585 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:28:40.0625 0x10d0  vmickvpexchange - ok
17:28:40.0653 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:28:40.0681 0x10d0  vmicrdv - ok
17:28:40.0709 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:28:40.0741 0x10d0  vmicshutdown - ok
17:28:40.0773 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:28:40.0797 0x10d0  vmictimesync - ok
17:28:40.0821 0x10d0  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:28:40.0841 0x10d0  vmicvss - ok
17:28:40.0881 0x10d0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:28:40.0897 0x10d0  volmgr - ok
17:28:40.0921 0x10d0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:28:40.0953 0x10d0  volmgrx - ok
17:28:40.0989 0x10d0  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:28:41.0021 0x10d0  volsnap - ok
17:28:41.0053 0x10d0  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:28:41.0069 0x10d0  vpci - ok
17:28:41.0117 0x10d0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:28:41.0153 0x10d0  vsmraid - ok
17:28:41.0245 0x10d0  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
17:28:41.0341 0x10d0  VSS - ok
17:28:41.0377 0x10d0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:28:41.0401 0x10d0  VSTXRAID - ok
17:28:41.0469 0x10d0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:28:41.0501 0x10d0  vwifibus - ok
17:28:41.0533 0x10d0  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:28:41.0573 0x10d0  vwififlt - ok
17:28:41.0589 0x10d0  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:28:41.0637 0x10d0  vwifimp - ok
17:28:41.0701 0x10d0  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
17:28:41.0765 0x10d0  W32Time - ok
17:28:41.0789 0x10d0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:28:41.0809 0x10d0  WacomPen - ok
17:28:41.0881 0x10d0  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:28:41.0909 0x10d0  Wanarp - ok
17:28:41.0917 0x10d0  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:28:41.0937 0x10d0  Wanarpv6 - ok
17:28:42.0025 0x10d0  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:28:42.0109 0x10d0  wbengine - ok
17:28:42.0169 0x10d0  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:28:42.0245 0x10d0  WbioSrvc - ok
17:28:42.0293 0x10d0  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:28:42.0353 0x10d0  Wcmsvc - ok
17:28:42.0409 0x10d0  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:28:42.0481 0x10d0  wcncsvc - ok
17:28:42.0505 0x10d0  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:28:42.0533 0x10d0  WcsPlugInService - ok
17:28:42.0561 0x10d0  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:28:42.0577 0x10d0  WdBoot - ok
17:28:42.0629 0x10d0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:28:42.0685 0x10d0  Wdf01000 - ok
17:28:42.0717 0x10d0  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:28:42.0741 0x10d0  WdFilter - ok
17:28:42.0785 0x10d0  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:28:42.0829 0x10d0  WdiServiceHost - ok
17:28:42.0841 0x10d0  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:28:42.0917 0x10d0  WdiSystemHost - ok
17:28:42.0961 0x10d0  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:28:43.0005 0x10d0  WdNisDrv - ok
17:28:43.0053 0x10d0  WdNisSvc - ok
17:28:43.0081 0x10d0  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:28:43.0137 0x10d0  WebClient - ok
17:28:43.0197 0x10d0  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:28:43.0249 0x10d0  Wecsvc - ok
17:28:43.0269 0x10d0  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:28:43.0325 0x10d0  WEPHOSTSVC - ok
17:28:43.0369 0x10d0  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:28:43.0389 0x10d0  wercplsupport - ok
17:28:43.0405 0x10d0  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:28:43.0445 0x10d0  WerSvc - ok
17:28:43.0493 0x10d0  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:28:43.0521 0x10d0  WFPLWFS - ok
17:28:43.0569 0x10d0  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:28:43.0617 0x10d0  WiaRpc - ok
17:28:43.0665 0x10d0  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:28:43.0689 0x10d0  WIMMount - ok
17:28:43.0693 0x10d0  WinDefend - ok
17:28:43.0789 0x10d0  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:28:43.0829 0x10d0  WinHttpAutoProxySvc - ok
17:28:43.0894 0x10d0  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:28:43.0946 0x10d0  Winmgmt - ok
17:28:44.0094 0x10d0  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:28:44.0250 0x10d0  WinRM - ok
17:28:44.0302 0x10d0  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:28:44.0334 0x10d0  WinUsb - ok
17:28:44.0430 0x10d0  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:28:44.0510 0x10d0  WlanSvc - ok
17:28:44.0606 0x10d0  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:28:44.0714 0x10d0  wlidsvc - ok
17:28:44.0750 0x10d0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:28:44.0766 0x10d0  WmiAcpi - ok
17:28:44.0826 0x10d0  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:28:44.0874 0x10d0  wmiApSrv - ok
17:28:44.0918 0x10d0  WMPNetworkSvc - ok
17:28:44.0966 0x10d0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:28:45.0010 0x10d0  Wof - ok
17:28:45.0106 0x10d0  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:28:45.0202 0x10d0  workfolderssvc - ok
17:28:45.0230 0x10d0  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:28:45.0242 0x10d0  wpcfltr - ok
17:28:45.0326 0x10d0  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:28:45.0382 0x10d0  WPCSvc - ok
17:28:45.0418 0x10d0  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:28:45.0482 0x10d0  WPDBusEnum - ok
17:28:45.0526 0x10d0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:28:45.0538 0x10d0  WpdUpFltr - ok
17:28:45.0598 0x10d0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:28:45.0638 0x10d0  ws2ifsl - ok
17:28:45.0674 0x10d0  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:28:45.0702 0x10d0  wscsvc - ok
17:28:45.0710 0x10d0  WSearch - ok
17:28:45.0886 0x10d0  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
17:28:46.0062 0x10d0  WSService - ok
17:28:46.0442 0x10d0  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:28:46.0766 0x10d0  wuauserv - ok
17:28:46.0802 0x10d0  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:28:46.0830 0x10d0  WudfPf - ok
17:28:46.0854 0x10d0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:28:46.0886 0x10d0  WUDFRd - ok
17:28:46.0894 0x10d0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:28:46.0914 0x10d0  WUDFSensorLP - ok
17:28:46.0946 0x10d0  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:28:46.0994 0x10d0  wudfsvc - ok
17:28:47.0014 0x10d0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:28:47.0038 0x10d0  WUDFWpdFs - ok
17:28:47.0046 0x10d0  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:28:47.0066 0x10d0  WUDFWpdMtp - ok
17:28:47.0126 0x10d0  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:28:47.0198 0x10d0  WwanSvc - ok
17:28:47.0226 0x10d0  ================ Scan global ===============================
17:28:47.0286 0x10d0  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
17:28:47.0330 0x10d0  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
17:28:47.0390 0x10d0  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
17:28:47.0442 0x10d0  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
17:28:47.0458 0x10d0  [ Global ] - ok
17:28:47.0458 0x10d0  ================ Scan MBR ==================================
17:28:47.0470 0x10d0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:28:47.0690 0x10d0  \Device\Harddisk0\DR0 - ok
17:28:47.0690 0x10d0  ================ Scan VBR ==================================
17:28:47.0722 0x10d0  [ DBC6AE4686654B360A10777634864636 ] \Device\Harddisk0\DR0\Partition1
17:28:47.0734 0x10d0  \Device\Harddisk0\DR0\Partition1 - ok
17:28:47.0746 0x10d0  [ 5A8C2B29BCD1198CAB0C650F73D23BD9 ] \Device\Harddisk0\DR0\Partition2
17:28:47.0754 0x10d0  \Device\Harddisk0\DR0\Partition2 - ok
17:28:47.0766 0x10d0  [ 672264676F4FCD29FA20396187C2639C ] \Device\Harddisk0\DR0\Partition3
17:28:47.0778 0x10d0  \Device\Harddisk0\DR0\Partition3 - ok
17:28:47.0786 0x10d0  [ ADE3890A21B7EFBC95EB3B983C930087 ] \Device\Harddisk0\DR0\Partition4
17:28:47.0802 0x10d0  \Device\Harddisk0\DR0\Partition4 - ok
17:28:47.0830 0x10d0  [ 1254CAAF9D44DA1A286A6CAE3BE78028 ] \Device\Harddisk0\DR0\Partition5
17:28:47.0834 0x10d0  \Device\Harddisk0\DR0\Partition5 - ok
17:28:47.0854 0x10d0  [ E4475F74FAE2D13BE2D0535659A53F85 ] \Device\Harddisk0\DR0\Partition6
17:28:47.0854 0x10d0  \Device\Harddisk0\DR0\Partition6 - ok
17:28:47.0858 0x10d0  ================ Scan generic autorun ======================
17:28:47.0914 0x10d0  [ 4017995BBB49ACF43BFE2A0DC8BE0D99, 059CC5D2352A07458C08B6740E87867250B2D4B1BE130D865F0CA6D8E0DC6523 ] C:\WINDOWS\system32\igfxtray.exe
17:28:47.0946 0x10d0  IgfxTray - ok
17:28:47.0978 0x10d0  [ 9E4093CFDC3001359F206E44B82B868C, 765D94DACFBF11A303E15BF96396546F76B04F673B6BB987A5C45104459E82CD ] C:\WINDOWS\system32\hkcmd.exe
17:28:48.0006 0x10d0  HotKeysCmds - ok
17:28:48.0574 0x10d0  [ EA7BAEFEA0D198E92F9BE74D8BFD4546, 080C3671DB119101302D1F119C2E629EC86E8CD99F1BFD05792DE11E67C4BB33 ] C:\WINDOWS\system32\igfxpers.exe
17:28:48.0618 0x10d0  Persistence - ok
17:28:49.0030 0x10d0  [ 9AC062437035B077C0F3B1BD738EC82A, DAC42AA903C3A6F7CB196D3D738FFDDADC8BD2138F0703F1DB035337540D53B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:28:49.0290 0x10d0  RtHDVCpl - ok
17:28:49.0586 0x10d0  [ 4DF11CDE53A5AF536178AEC3D4A053B1, 63CE411CB93F7058B6126FB80D20978AEBD13B0B36CDE7DD5194BC0DACB88CE8 ] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
17:28:49.0638 0x10d0  SRS Premium Sound HD - ok
17:28:49.0670 0x10d0  TCrdMain - ok
17:28:49.0698 0x10d0  [ 57C4B4289DAB34CBAEEB92865C6BC022, A1AD75E8D988FBA512454DA99FCE8F32EC6A80B46B87A517DF5C7B7DF86E3CA8 ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
17:28:49.0722 0x10d0  TecoResident - ok
17:28:49.0722 0x10d0  TosWaitSrv - ok
17:28:49.0842 0x10d0  [ CF74C5BE20CD4DE1299F6C92A738A2DF, A74FBB2E50F9AEB9CA11347EE464D34F234DD837FCDD6A43CFDA4664CB2BF9FB ] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
17:28:49.0890 0x10d0  TSleepSrv - ok
17:28:49.0914 0x10d0  [ 6EF487A46FB615DF717F85D7458BD2CD, 07FBA249818A2542138C0477A86884D7C2DA1A43C17EF4A68B4A4CF97489E71C ] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
17:28:49.0926 0x10d0  TODDMain - ok
17:28:50.0038 0x10d0  [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
17:28:50.0098 0x10d0  CanonSolutionMenu - ok
17:28:50.0206 0x10d0  [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
17:28:50.0302 0x10d0  CanonMyPrinter - ok
17:28:50.0370 0x10d0  [ F6DC4156B10629B1BCB37152D3523326, 468546874C24817222DA03AE6308005A4CE3243B2D0559D88C5466837E8AADDA ] C:\PROGRA~2\PACKAG~2\bar\1.bin\APPINT~1.EXE
17:28:50.0390 0x10d0  PackageTracer Home Page Guard 64 bit - ok
17:28:50.0430 0x10d0  [ 809FA193249441BA3993FBD0DFF33274, B135F53A751889BFF4F043A3631C76C7FA51484A57CDA1B93F85FDA81FCF895D ] C:\PROGRA~2\TOTALR~2\bar\1.bin\AppIntegrator64.exe
17:28:50.0446 0x10d0  TotalRecipeSearch Home Page Guard 64 bit - ok
17:28:50.0446 0x10d0  vProt - ok
17:28:50.0582 0x10d0  [ C134B8455C3E46D5EC598EB48149D084, 8ACD1DD2C72C2762972194A8D256BA1525D3E80BAD7F633BD605E72D52FAD9C4 ] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
17:28:50.0606 0x10d0  ShopAtHomeWatcher - ok
17:28:50.0634 0x10d0  [ 34BA770EDE3145CD052DCC1C49DF6077, 3C7B6DC9042A296E51977DF066EB33FFA95284075A9B0438449EA3D753AD0810 ] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
17:28:50.0650 0x10d0  ShopAtHomeUpdater - ok
17:28:50.0730 0x10d0  [ 0B692C328AF648AD478A967C21DD7936, C06839FC4B748A364A710BCE1DEEB9FEE2F88979A4BEFC40B4EBBB7E0F34CC95 ] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
17:28:50.0766 0x10d0  AgentMonitor - ok
17:28:50.0798 0x10d0  [ AE76C3055F9B771B542E0499C8794EF9, 7EF64F8AAB81ADD18D902E6AEDE069BF2A57E713B74C583EDD9F37D840BF65DD ] C:\PROGRA~2\TOTALR~2\bar\1.bin\14medint.exe
17:28:50.0806 0x10d0  TotalRecipeSearch EPM Support - ok
17:28:50.0818 0x10d0  [ 2B76E26F8314246C2A0F7968F73F00BB, 8679C8E6388FD3F927F7AC8ADCEB2CFECD0CEC3B95EA98F79D54119EFBD68034 ] C:\PROGRA~2\TOTALR~2\bar\1.bin\14srchmn.exe
17:28:50.0830 0x10d0  TotalRecipeSearch Search Scope Monitor - ok
17:28:50.0870 0x10d0  [ 446657099D979ECFC1B930BD6BCBA4C3, AC4F967E68098093E09B39192B1FCE7B36D28F74A616C9ED6B8448B9E39C58AA ] C:\PROGRA~2\TOTALR~2\bar\1.bin\14brmon.exe
17:28:50.0882 0x10d0  TotalRecipeSearch_14 Browser Plugin Loader - ok
17:28:50.0902 0x10d0  [ 04D84D59D341DC861F20C961B5882EAE, 36753E172E7D32C9FBE1A2F3E6CF14C478CFC36482E4C19353B967426DD5641C ] C:\PROGRA~2\TOTALR~2\bar\1.bin\14brmon64.exe
17:28:50.0922 0x10d0  TotalRecipeSearch_14 Browser Plugin Loader 64 - ok
17:28:51.0058 0x10d0  [ AE1DEF51190B3CB36CEAE75683B51DF9, CFD7EE35CEC6BF62C4E6A6C7616C340E34C5B117FAC1E263CB839DE75A6D2347 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
17:28:51.0106 0x10d0  DBAgent - ok
17:28:51.0242 0x10d0  [ DA6DA7B1546E0D26EB2E1A015E24757C, 8DD459ECA7C72C900BDB70079D6861EC352EE2E4F0722EBD4FEB694885660462 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
17:28:51.0290 0x10d0  mcpltui_exe - ok
17:28:51.0362 0x10d0  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:28:51.0386 0x10d0  iTunesHelper - ok
17:28:51.0414 0x10d0  [ 832E3C7587AC4723856F51DD28D1E295, AC7A6DBDA90EB8864D754E1F730FD6E3D1FE9659D37BEBA5E04DED27EBB0F539 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
17:28:51.0438 0x10d0  Uploader - ok
17:28:51.0458 0x10d0  [ C134B8455C3E46D5EC598EB48149D084, 8ACD1DD2C72C2762972194A8D256BA1525D3E80BAD7F633BD605E72D52FAD9C4 ] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
17:28:51.0470 0x10d0  ShopAtHomeWatcher - ok
17:28:51.0502 0x10d0  [ 34BA770EDE3145CD052DCC1C49DF6077, 3C7B6DC9042A296E51977DF066EB33FFA95284075A9B0438449EA3D753AD0810 ] C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
17:28:51.0522 0x10d0  ShopAtHomeUpdater - ok
17:28:51.0626 0x10d0  [ 6F442AB16C346018AC5A67727A3633E5, 70922EF0EEE44625DCE71C6AE1F424B48117962A2E3AEFCF483D3EB19CAA067C ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
17:28:51.0658 0x10d0  GoogleChromeAutoLaunch_E9ED7E5718A67C9E5BDC4EA87A324851 - ok
17:28:51.0658 0x10d0  Waiting for KSN requests completion. In queue: 242
17:28:52.0663 0x10d0  Waiting for KSN requests completion. In queue: 242
17:28:53.0667 0x10d0  Waiting for KSN requests completion. In queue: 242
17:28:54.0223 0x06d8  Object required for P2P: [ 2B0F1677CDD08967005F34488559BC6F ] RasSstp
17:28:54.0671 0x10d0  Waiting for KSN requests completion. In queue: 217
17:28:55.0675 0x10d0  Waiting for KSN requests completion. In queue: 217
17:28:56.0675 0x10d0  Waiting for KSN requests completion. In queue: 217
17:28:56.0887 0x06d8  Object send P2P result: true
17:28:56.0891 0x06d8  Object required for P2P: [ D5C3776CBD8BC307DCCA3FD4CE667A37 ] SessionEnv
17:28:57.0675 0x10d0  Waiting for KSN requests completion. In queue: 183
17:28:58.0676 0x10d0  Waiting for KSN requests completion. In queue: 183
17:28:59.0680 0x10d0  Waiting for KSN requests completion. In queue: 183
17:29:00.0680 0x10d0  Waiting for KSN requests completion. In queue: 183
17:29:01.0340 0x06d8  Object send P2P result: true
17:29:01.0352 0x06d8  Object required for P2P: [ 3D748E5558FD9A9F03182CB2330698DC ] TermService
17:29:01.0684 0x10d0  Waiting for KSN requests completion. In queue: 143
17:29:02.0688 0x10d0  Waiting for KSN requests completion. In queue: 143
17:29:03.0693 0x10d0  Waiting for KSN requests completion. In queue: 143
17:29:04.0697 0x10d0  Waiting for KSN requests completion. In queue: 143
17:29:05.0697 0x10d0  Waiting for KSN requests completion. In queue: 143
17:29:05.0749 0x06d8  Object send P2P result: true
17:29:06.0809 0x10d0  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )
17:29:06.0813 0x10d0  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )
17:29:09.0325 0x10d0  ============================================================
17:29:09.0325 0x10d0  Scan finished
17:29:09.0325 0x10d0  ============================================================
17:29:09.0345 0x1bec  Detected object count: 0
17:29:09.0345 0x1bec  Actual detected object count: 0
 


  • 0

#4
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Hi, thanks for the help.


You're quite welcome. :)

 

I think the slowness etc. was gradual, and BSOD started in the last week or so. Nothing specifically sets it off.


Ok, thank you. Let's get started clearing away the rubbish. :thumbsup:


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Program Uninstalls

Please uninstall the following programs from your machine as they are adware/malware related:
  • Download Updater
  • PackageTracer Toolbar
  • ShopAtHome.com Helper
  • ShopAtHome.com Toolbar
  • TotalRecipeSearch Internet Explorer Toolbar
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
CreateRestorePoint:
CloseProcesses:
(COMPANYVERS_NAME) C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe
C:\Program Files (x86)\PackageTracer_69
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
C:\Program Files (x86)\TotalRecipeSearch_14
() C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
C:\Users\Lizel\AppData\Roaming\ShopAtHome
(Mindspark) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe
HKLM\...\Run: [PackageTracer Home Page Guard 64 bit] => C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe [548936 2013-06-18] ()
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-04-25] ( )
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
C:\Program Files (x86)\AVG SafeGuard toolbar
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-04-25] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-04-25] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-04-25] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-04-25] (VER_COMPANY_NAME)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\MountPoints2: {b4af06fc-b382-11e3-824f-806e6f6e6963} - "D:\Setup.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...9AAE9BBB4&si=a3
SearchScopes: HKLM-x32 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...r={searchTerms}
SearchScopes: HKLM-x32 -> {f5827716-9540-492e-9e9a-9f18bb2e7912} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> DefaultScope {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...r={searchTerms}
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSGN.dll No File
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll No File
FF Plugin-x32: @PackageTracer_69.com/Plugin -> C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Extension: TotalRecipeSearch - C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\Extensions\[email protected]_14.com [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]_69.com] - C:\Program Files (x86)\PackageTracer_69\bar\1.bin
FF Extension: PackageTracer - C:\Program Files (x86)\PackageTracer_69\bar\1.bin [2013-06-18]
R2 PackageTracer_69Service; C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe [42504 2013-06-18] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-04-25] (COMPANYVERS_NAME)
2015-01-02 14:58 - 2015-01-02 14:58 - 00000000 ____D () C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
Task: {B75269FF-55F7-4317-8F39-121AA48BEB72} - System32\Tasks\{61BDE66A-3531-4B77-A1D7-7364A29A1A12} => pcalua.exe -a C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeUninstall.exe
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: AdwCleaner

Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

We still have further steps, but how is the machine running at this time?

  • 0

#5
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

FIXLOG.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Lizel at 2015-02-01 21:55:52 Run:1
Running from C:\Users\Lizel\Desktop
Loaded Profiles: Lizel (Available profiles: Lizel)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
(COMPANYVERS_NAME) C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe
C:\Program Files (x86)\PackageTracer_69
(COMPANYVERS_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
C:\Program Files (x86)\TotalRecipeSearch_14
() C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
C:\Users\Lizel\AppData\Roaming\ShopAtHome
(Mindspark) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
(ShopAtHome.com) C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe
HKLM\...\Run: [PackageTracer Home Page Guard 64 bit] => C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe [548936 2013-06-18] ()
HKLM\...\Run: [TotalRecipeSearch Home Page Guard 64 bit] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe [485960 2014-04-25] ( )
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
C:\Program Files (x86)\AVG SafeGuard toolbar
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKLM-x32\...\Run: [TotalRecipeSearch EPM Support] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe [12872 2014-04-25] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [55368 2014-04-25] (Mindspark)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe [61512 2014-04-25] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TotalRecipeSearch_14 Browser Plugin Loader 64] => C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe [71752 2014-04-25] (VER_COMPANY_NAME)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeWatcher] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\Run: [ShopAtHomeUpdater] => C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\...\MountPoints2: {b4af06fc-b382-11e3-824f-806e6f6e6963} - "D:\Setup.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.c...9AAE9BBB4&si=a3
SearchScopes: HKLM-x32 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...r={searchTerms}
SearchScopes: HKLM-x32 -> {f5827716-9540-492e-9e9a-9f18bb2e7912} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> DefaultScope {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {0845EB3D-1B14-4F03-B079-870CB72D54E2} URL =
SearchScopes: HKU\S-1-5-21-3809426249-1239727763-2388386071-1001 -> {cca2e567-1987-4100-a3c6-5b4267084510} URL = http://search.tb.ask...r={searchTerms}
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSGN.dll No File
BHO-x32: Toolbar BHO -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {df22384f-cf68-4d19-969f-10423715528b} -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (Mindspark)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll No File
Toolbar: HKLM-x32 - PackageTracer - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark)
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (Mindspark)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll No File
FF Plugin-x32: @PackageTracer_69.com/Plugin -> C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark)
FF Plugin-x32: @TotalRecipeSearch_14.com/Plugin -> C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll (Mindspark)
FF Extension: TotalRecipeSearch - C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\Extensions\[email protected]_14.com [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]_69.com] - C:\Program Files (x86)\PackageTracer_69\bar\1.bin
FF Extension: PackageTracer - C:\Program Files (x86)\PackageTracer_69\bar\1.bin [2013-06-18]
R2 PackageTracer_69Service; C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe [42504 2013-06-18] (COMPANYVERS_NAME)
R2 TotalRecipeSearch_14Service; C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe [88648 2014-04-25] (COMPANYVERS_NAME)
2015-01-02 14:58 - 2015-01-02 14:58 - 00000000 ____D () C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
Task: {B75269FF-55F7-4317-8F39-121AA48BEB72} - System32\Tasks\{61BDE66A-3531-4B77-A1D7-7364A29A1A12} => pcalua.exe -a C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeUninstall.exe
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69barsvc.exe => No running process found
"C:\Program Files (x86)\PackageTracer_69" => File/Directory not found.
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe => No running process found
C:\Program Files (x86)\TotalRecipeSearch_14 => Moved successfully.
C:\Program Files (x86)\PackageTracer_69\bar\1.bin\AppIntegrator64.exe => No running process found
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe => No running process found
C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe => No running process found
C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe => No running process found
"C:\Users\Lizel\AppData\Roaming\ShopAtHome" => File/Directory not found.
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe => No running process found
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon.exe => No running process found
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe => No running process found
C:\Users\Lizel\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PackageTracer Home Page Guard 64 bit => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TotalRecipeSearch Home Page Guard 64 bit => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value deleted successfully.
"C:\Program Files (x86)\AVG SafeGuard toolbar" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeUpdater => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TotalRecipeSearch EPM Support => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TotalRecipeSearch Search Scope Monitor => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TotalRecipeSearch_14 Browser Plugin Loader => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TotalRecipeSearch_14 Browser Plugin Loader 64 => value deleted successfully.
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher => Value not found.
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeUpdater => Value not found.
"HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4af06fc-b382-11e3-824f-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{b4af06fc-b382-11e3-824f-806e6f6e6963} => Key not found. 
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{f5827716-9540-492e-9e9a-9f18bb2e7912} => Key not found. 
HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0845EB3D-1B14-4F03-B079-870CB72D54E2}" => Key deleted successfully.
HKCR\CLSID\{0845EB3D-1B14-4F03-B079-870CB72D54E2} => Key not found. 
"HKU\S-1-5-21-3809426249-1239727763-2388386071-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}" => Key deleted successfully.
HKCR\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab56dfde-0c14-45b3-9df6-7b0eba617870} => Key not found. 
HKCR\Wow6432Node\CLSID\{ab56dfde-0c14-45b3-9df6-7b0eba617870} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df22384f-cf68-4d19-969f-10423715528b} => Key not found. 
HKCR\Wow6432Node\CLSID\{df22384f-cf68-4d19-969f-10423715528b} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ff343558-d5a5-454a-bdd8-c5c81e179fed} => Value not found.
HKCR\Wow6432Node\CLSID\{ff343558-d5a5-454a-bdd8-c5c81e179fed} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{a0154e07-2b48-475c-a82a-80efd84ea33e} => Value not found.
"HKCR\Wow6432Node\CLSID\{a0154e07-2b48-475c-a82a-80efd84ea33e}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\vipresg" => Key deleted successfully.
HKCR\CLSID\{47BE2E5B-703B-444F-ABD3-05717D2191C6} => Key not found. 
"HKCR\PROTOCOLS\Handler\viprotocol" => Key deleted successfully.
HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found. 
HKLM\Software\Wow6432Node\MozillaPlugins\@PackageTracer_69.com/Plugin => Key not found. 
C:\Program Files (x86)\PackageTracer_69\bar\1.bin\NP69Stub.dll not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin" => Key deleted successfully.
C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll not found.
C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\Extensions\[email protected]_14.com => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]_69.com => Value not found.
C:\Program Files (x86)\PackageTracer_69\bar\1.bin not found.
PackageTracer_69Service => Service not found.
TotalRecipeSearch_14Service => Service deleted successfully.
"C:\Users\Lizel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B75269FF-55F7-4317-8F39-121AA48BEB72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B75269FF-55F7-4317-8F39-121AA48BEB72}" => Key deleted successfully.
C:\Windows\System32\Tasks\{61BDE66A-3531-4B77-A1D7-7364A29A1A12} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61BDE66A-3531-4B77-A1D7-7364A29A1A12}" => Key deleted successfully.
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 5.6 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 22:02:06 ====
 
JRT.txt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Lizel on Sun 02/01/2015 at 22:09:58.99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.Radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.Radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.RadioSettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.RadioSettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ToolbarProtector.1
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\ustechsupport"
Successfully deleted: [Folder] "C:\Users\Lizel\appdata\local\totalrecipesearch_14"
Successfully deleted: [Folder] "C:\Users\Lizel\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Lizel\appdata\locallow\totalrecipesearch_14"
Successfully deleted: [Folder] "C:\Users\Lizel\appdata\locallow\totalrecipesearch_14ei"
Successfully deleted: [Folder] "C:\Program Files (x86)\ustechsupport"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\ustechsupport"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/01/2015 at 22:14:05.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
RWD cleaner:
 
# AdwCleaner v3.014 - Report created 01/12/2013 at 21:53:41
# Updated 01/12/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Lizel - SNOEKIES
# Running from : C:\Users\Lizel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FR0IU56B\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\windows\System32\roboot64.exe
Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Lizel\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Lizel\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Lizel\AppData\LocalLow\iac
Folder Found C:\Users\Lizel\AppData\Roaming\pccustubinstaller
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PackageTracer Search Scope Monitor]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PackageTracer_69 Browser Plugin Loader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^AFW^xdm003^YY^us&ptb=BA38660A-16D1-4425-9D14-588D524E72D5&si=COq-vLjQ7bcCFVSe4AodZnUAfA
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Lizel\AppData\Roaming\Mozilla\Firefox\Profiles\ol4ybaur.default\prefs.js ]
 
 
*************************
 
AdwCleaner[R0].txt - [13614 octets] - [01/12/2013 21:53:41]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13675 octets] ##########
# AdwCleaner v4.109 - Report created 01/02/2015 at 22:26:15
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Lizel - SNOEKIES
# Running from : C:\Users\Lizel\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Public\Desktop\Live PC Help.lnk
Folder Found : C:\Users\Lizel\Favorites\StumbleUpon
Folder Found : C:\Users\Lizel\Favorites\StumbleUpon
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\car.trovit.co.za
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\home.tb.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homes.trovit.co.za
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.tb.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\timeshareadvisor.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\timesharemarketplace.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovit.co.za
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.about.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.delta.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.timesharemarketplace.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.93
 
 
*************************
 
AdwCleaner[R0].txt - [21532 octets] - [01/12/2013 21:53:41]
AdwCleaner[S0].txt - [13800 octets] - [01/12/2013 21:54:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21654 octets] ##########
 

  • 0

#6
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi :)

Please re-run Adwcleaner and when the scan finishes, please press the Clean button. Once it has finished cleaning, it will produce a log, please post that log in your next reply. :thumbsup:
  • 0

#7
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

No BSOD so far, seems faster.


  • 0

#8
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

ADW does not return anything to unmark for removal.

 

latest log:

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 22:53:42
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Lizel - SNOEKIES
# Running from : C:\Users\Lizel\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.93
 
 
*************************
 
AdwCleaner[R0].txt - [21783 octets] - [01/12/2013 21:53:41]
AdwCleaner[R1].txt - [886 octets] - [01/02/2015 22:45:06]
AdwCleaner[R2].txt - [746 octets] - [01/02/2015 22:53:42]
AdwCleaner[S0].txt - [21755 octets] - [01/12/2013 21:54:56]
AdwCleaner[S1].txt - [946 octets] - [01/02/2015 22:47:59]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [925 octets] ##########

  • 0

#9
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Ok, that's good. How is the machine running? I'm about to go offline for the night, but I will have further instructions first thing in the morning. :thumbsup:
  • 0

#10
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Not Bad!

 

Standing by for further instructions.  Will continue tomorrow evening, it's the wife's machine.  I need to go to work!


  • 0

Advertisements


#11
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#12
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Oh dear, the machine gave BSOD and now won't boot p. Stuck on initial screen. Then starts making repetitive noise as if HD tries to read.

Advice?
  • 0

#13
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Try rebooting the machine again, and if no luck, let's try entering Safe Mode.

If the machine doesn't boot normally, reboot, and being pressing the F8 button repeatedly. If you get to the menu, choose Safe Mode with Networking and let's see if we can get to the desktop.

If you can get to the desktop, let's try and get a FRST log and see if it's showing anything. If not, we'll refer you over to the Hardware Forum and see if there is a hardware issue that needs clearing up before we continue cleaning your machine. :thumbsup:
  • Start Farbar's Recovery Scan Tool, place a check mark in the Addition box and press the Scan button.
  • FRST will scan your system and produce 2 logs, FRST.txt and Addition.txt Please post them in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST.txt Log

Addition.txt Log

  • 0

#14
noel77

noel77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Machine sweared at me, and said no bootable device.

Edited by noel77, 02 February 2015 - 06:16 PM.

  • 0

#15
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Ok, let's let the tech guys have a look at your machine and see what's causing this. I'll leave this thread open, and once they're finished, we'll finish up here. :thumbsup:

Please click the link below, start a new topic, and explain what happened. They'll run some tests on the machine to check the hard drive.

http://www.geekstogo...nd-peripherals/
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP