lpcjr

I followed the instructions, and it seems to have resolved the issue. However, I am somewhat confused as to what changing that setting actually does. Malwarebytes blocked a threat, correct? So, what has this done to remove the threat? It's great that I'm not getting the message anymore, but am I missing something? I'm not a techie at all, so I don't really understand what changing that setting did.

Over the last week I've started getting repeated block alerts for 92.242.140.21. So far, this has only happened on facebook.com and amazon.com. Examples: Detection, 9/17/2015 2:25 PM, SYSTEM, OFFICE-DELL, Protection, Malicious Website Protection, IP, 92.242.140.21, fls-devo.vipinteg.amazon.com, 62544, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe Detection, 9/17/2015 3:58 PM, SYSTEM, OFFICE-DELL, Protection, Malicious Website Protection, IP, 92.242.140.21, 1-undefined.facebook.com, 50074, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe I have run a full Malwarebytes scan and it comes up clean. Below is the log output from running FRST, followed by the Addition log. Any help would be appreciated: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 Ran by Leo (administrator) on OFFICE-DELL (17-09-2015 15:52:17) Running from C:\Users\Leo\AppData\Local\Microsoft\Windows\INetCache\IE\OIUG8OCI Loaded Profiles: Leo (Available Profiles: Leo & Kerry & Administrator) Platform: Windows 8.1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (LastPass) C:\Users\Leo\AppData\LocalLow\LastPass\LastPassBroker.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [igfxTray] => C:\WINDOWS\system32\igfxtray.exe [457616 2014-10-03] () HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM\...\Run: [CrashPlanTray] => C:\Program Files\CrashPlan\CrashPlanTray.exe [414208 2015-07-06] (Code 42 Software, Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation) HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [468112 2011-07-25] (CANON INC.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Qualcomm Atheros Commnucations) HKU\S-1-5-21-418257114-134277906-586513349-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-01-07] (Google Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-01-07] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-01-07] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A8332B12-F5E8-4C51-BE91-A8E1CC3CF712}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-418257114-134277906-586513349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com SearchScopes: HKU\S-1-5-21-418257114-134277906-586513349-1001 -> {ADF86FEB-E4B3-41A9-8E81-6A777542053F} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-01-07] (LastPass) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-11] (Microsoft Corporation) BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll [2013-06-07] (Amazon Inc.) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-01-07] (LastPass) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-01-07] (LastPass) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-01-07] (LastPass) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKU\S-1-5-21-418257114-134277906-586513349-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\lj2albsc.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-01-07] (LastPass) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-02] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-02] (Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-01-07] (LastPass) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: LastPass - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\lj2albsc.default\Extensions\support@lastpass.com [2015-09-08] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation) R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [223232 2014-10-13] (Code 42 Software) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation) R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-02] (Intel Corporation) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-07-14] (Microsoft) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-02] (Intel Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 15:52 - 2015-09-17 15:52 - 00000000 ____D C:\FRST 2015-09-13 23:21 - 2015-09-13 23:21 - 00000000 ___RD C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-09-13 20:23 - 2015-09-13 20:23 - 00001767 _____ C:\Users\Leo\Downloads\MeanStreak9781455581139.acsm 2015-09-09 06:28 - 2015-08-26 22:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-09 06:28 - 2015-08-26 14:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-09-09 06:28 - 2015-08-26 14:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-09-09 06:28 - 2015-08-26 14:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-09-09 06:28 - 2015-08-26 14:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-09-09 06:28 - 2015-08-26 10:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-09 06:28 - 2015-08-26 10:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-09 06:28 - 2015-08-26 10:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-09-09 06:28 - 2015-08-26 10:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-09 06:28 - 2015-08-26 10:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-09-09 06:28 - 2015-08-26 10:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-09-09 06:28 - 2015-08-26 10:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-09-09 06:27 - 2015-09-02 22:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-09-09 06:27 - 2015-09-02 22:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-09-09 06:27 - 2015-09-02 14:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-09 06:27 - 2015-09-02 13:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-09 06:27 - 2015-08-22 14:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 06:27 - 2015-08-22 13:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 06:27 - 2015-08-22 13:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 06:27 - 2015-08-22 13:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 06:27 - 2015-08-22 13:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 06:27 - 2015-08-22 13:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-09 06:27 - 2015-08-22 12:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 06:27 - 2015-08-22 12:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 06:27 - 2015-08-22 12:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-09-09 06:27 - 2015-08-22 12:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 06:27 - 2015-08-22 12:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-09-09 06:27 - 2015-08-22 12:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 06:27 - 2015-08-22 12:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-09-09 06:27 - 2015-08-22 12:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-09 06:27 - 2015-08-22 12:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-09-09 06:27 - 2015-08-22 12:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-09 06:27 - 2015-08-22 12:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-09 06:27 - 2015-08-22 12:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-09 06:27 - 2015-08-22 12:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-09-09 06:27 - 2015-08-22 12:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 06:27 - 2015-08-22 12:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-09-09 06:27 - 2015-08-22 12:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-09 06:27 - 2015-08-22 12:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-09-09 06:27 - 2015-08-22 12:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-09-09 06:27 - 2015-08-22 12:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-09 06:27 - 2015-08-22 12:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-09-09 06:27 - 2015-08-22 12:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-09 06:27 - 2015-08-22 11:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-09 06:27 - 2015-08-22 11:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-09-09 06:27 - 2015-07-30 13:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-09-09 06:27 - 2015-07-30 12:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2015-09-09 06:27 - 2015-07-22 10:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-09-09 06:27 - 2015-07-22 09:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-09-09 06:27 - 2015-07-17 10:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-09-09 06:27 - 2015-07-17 10:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-09-09 06:27 - 2015-07-03 17:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-09 06:27 - 2015-07-03 10:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-09 06:27 - 2015-06-27 07:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-09-09 06:26 - 2015-09-01 22:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-09 06:26 - 2015-09-01 22:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 06:26 - 2015-09-01 22:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 06:26 - 2015-09-01 22:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 06:26 - 2015-09-01 22:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-09 06:26 - 2015-08-03 17:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-09-09 06:26 - 2015-08-03 17:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2015-09-09 06:26 - 2015-08-01 10:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-09-09 06:26 - 2015-07-31 23:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-09-09 06:26 - 2015-07-31 23:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2015-09-09 06:26 - 2015-07-31 23:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 06:26 - 2015-07-31 23:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-09-09 06:26 - 2015-07-31 23:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2015-09-09 06:26 - 2015-07-22 10:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 06:26 - 2015-07-22 10:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 06:26 - 2015-07-22 10:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 06:26 - 2015-07-22 10:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 06:26 - 2015-07-18 14:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 06:26 - 2015-07-18 14:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 06:26 - 2015-07-18 14:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 06:26 - 2015-07-18 14:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 06:26 - 2015-07-13 23:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-09-09 06:26 - 2015-07-13 15:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-09 06:26 - 2015-07-10 15:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2015-09-09 06:26 - 2015-07-09 12:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-09 06:26 - 2015-06-19 13:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-08-30 10:47 - 2015-08-30 10:47 - 00005013 _____ C:\Users\Leo\Desktop\Unbilled Data.txt 2015-08-29 23:08 - 2015-09-06 22:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-17 15:33 - 2015-01-09 21:14 - 01568266 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-17 15:09 - 2015-01-09 00:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-17 15:03 - 2015-01-07 22:32 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-17 15:02 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-17 14:31 - 2015-01-07 22:32 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-17 13:12 - 2015-01-09 22:35 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{55359B3E-4978-4D9E-9F25-F20D53190D4F} 2015-09-16 19:03 - 2015-01-07 22:32 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-16 18:58 - 2015-01-07 22:32 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-16 18:58 - 2015-01-07 22:32 - 00003666 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-15 21:22 - 2015-01-07 23:18 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-14 00:33 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache 2015-09-13 23:24 - 2014-09-24 03:15 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-13 23:21 - 2015-01-07 23:50 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-09-13 23:21 - 2013-07-20 00:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2015-09-13 23:20 - 2015-01-09 21:44 - 00000000 ___DO C:\Users\Leo\OneDrive 2015-09-13 23:17 - 2013-08-22 10:46 - 00376901 _____ C:\WINDOWS\setupact.log 2015-09-13 23:17 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-13 23:17 - 2013-08-22 10:44 - 00500872 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-13 23:14 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-09-13 23:12 - 2014-09-24 02:53 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-13 23:12 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-09-13 20:34 - 2015-08-15 23:50 - 00000000 ____D C:\Users\Leo\Documents\My Digital Editions 2015-09-12 00:05 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-10 22:26 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-10 22:18 - 2015-01-07 10:25 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-07 00:31 - 2015-01-07 08:58 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-418257114-134277906-586513349-1001 2015-09-06 22:59 - 2015-01-07 22:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-06 22:59 - 2014-09-24 03:03 - 00032962 _____ C:\WINDOWS\PFRO.log 2015-08-26 23:06 - 2015-01-07 08:43 - 00000000 ____D C:\Users\Leo\AppData\Local\Packages 2015-08-26 18:37 - 2015-01-07 10:25 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-24 20:33 - 2013-09-04 21:32 - 00000000 ____D C:\Users\Leo\Documents\Bluetooth Folder ==================== Files in the root of some directories ======= 2015-01-07 23:15 - 2015-01-07 23:15 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe 2015-03-17 10:04 - 2015-03-17 10:04 - 0000093 _____ () C:\Users\Leo\AppData\Roaming\ARCompanion.log 2015-01-07 23:35 - 2015-03-29 10:22 - 0000220 _____ () C:\Users\Leo\AppData\Roaming\I 2015-01-08 23:54 - 2015-01-14 07:42 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2013-07-20 00:51 - 2013-07-20 00:51 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2013-07-20 00:47 - 2013-07-20 00:48 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2013-07-20 00:48 - 2013-07-20 00:50 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2013-07-20 00:47 - 2013-07-20 00:47 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2013-07-20 00:50 - 2013-07-20 00:51 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log Some files in TEMP: ==================== C:\Users\Leo\AppData\Local\Temp\ARCompanionForSession1.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-13 10:59 Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015 Ran by Leo (2015-09-17 15:53:22) Running from C:\Users\Leo\AppData\Local\Microsoft\Windows\INetCache\IE\OIUG8OCI Windows 8.1 (X64) (2015-01-10 01:40:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-418257114-134277906-586513349-500 - Administrator - Disabled) => C:\Users\Administrator Guest (S-1-5-21-418257114-134277906-586513349-501 - Limited - Disabled) Kerry (S-1-5-21-418257114-134277906-586513349-1003 - Administrator - Enabled) => C:\Users\Kerry Leo (S-1-5-21-418257114-134277906-586513349-1001 - Administrator - Enabled) => C:\Users\Leo ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon) Amazon Cloud Drive (HKU\S-1-5-21-418257114-134277906-586513349-1001\...\Amazon Cloud Drive) (Version: 1.0.2014.3460 - Amazon Digital Services, LLC.) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - ) Canon MX890 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series) (Version: - Canon Inc.) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.) CrashPlan (HKLM\...\{89993433-1D66-4138-8E97-C72CD850CD2B}) (Version: 3.6.4 - Code 42 Software) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{4B3230C5-F069-416B-9169-1B84A216ED6A}) (Version: 2.5.1400.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) doPDF (Version: 8.3.934 - Softland) Hidden doPDF 8 (HKLM-x32\...\{0ebed438-cc81-46f7-914b-a4c93d5780f2}) (Version: 8.3.934 - Softland) DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.2.1489 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1002 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-418257114-134277906-586513349-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{0A1F1D6B-9780-4316-9902-437E9449FC7C}) (Version: 8.3.934 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{6E283717-7B3F-4E26-9D0A-917933ACF199}) (Version: 8.3.934 - Softland) novaPDF 8 Printer Driver (HKLM\...\{1CC99933-93FC-40BA-A3DD-286FB87CBF2F}) (Version: 8.3.934 - Softland) novaPDF 8 SDK COM (x64) (HKLM\...\{A8A71610-DE04-4C9E-AE89-60BCA8E20453}) (Version: 8.3.934 - Softland) novaPDF 8 SDK COM (x86) (HKLM-x32\...\{0FD5EC80-F729-442E-8745-F60315842D9B}) (Version: 8.3.934 - Softland) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications) Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.8.1 - Intuit) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.) Self-service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.7 - startisback.com) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-418257114-134277906-586513349-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 27-08-2015 07:33:32 Scheduled Checkpoint 06-09-2015 11:18:17 Scheduled Checkpoint 10-09-2015 22:08:33 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00698B64-6368-4214-B756-04D30CF0CF87} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-06-06] (PC-Doctor, Inc.) Task: {0382F53E-92F8-47D9-9FEF-067787950B54} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {20A79154-F7BE-48F7-9670-6AD9DEFD0C91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation) Task: {339A7297-16EA-44B9-B041-D990CEC5D72B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.) Task: {3E76E8A8-5411-4BA0-ADFC-200853DA4C09} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-07-14] () Task: {6A108BD5-7BA4-462D-BE50-5FB27BA4DC28} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation) Task: {7F000DC8-E3B1-424A-B86F-7A5C66E7779D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {8CB5C334-DFF1-4E75-B52A-1B2F06844025} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A7F64B5D-9E80-4797-A33C-802610532AAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation) Task: {CF3E6C47-FC11-4274-BB12-F57B59033828} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {E0F6369F-2E66-40B0-B6BF-352D432F9307} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-06-06] (PC-Doctor, Inc.) Task: {E2E1E535-DCA9-4849-8AD0-7B8CCBD77DD6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink) Task: {E72D2871-B72C-46D5-8BE4-1504BB833894} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.) Task: {EA4BF424-5913-4F2D-BBCC-12916DC87B30} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {F1B4C990-6074-4B2E-9F83-32BD34CC7C8C} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-05] (Synaptics Incorporated) Task: {F900A29A-9C5F-4BD8-B10F-97341DA42841} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {FC4BD662-ACEB-4926-9559-37A85B4F4CFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-11] (Microsoft Corporation) Task: {FFBAA02D-6097-4507-B992-E21592B267B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-10-13 15:58 - 2014-10-13 15:58 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll 2015-07-06 20:15 - 2015-07-06 20:15 - 00230400 _____ () C:\Program Files\CrashPlan\cpnative64.dll 2015-07-14 12:34 - 2015-07-14 12:34 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2015-07-14 12:34 - 2015-07-14 12:34 - 00052512 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll 2015-07-14 12:34 - 2015-07-14 12:34 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll 2013-07-20 00:50 - 2012-04-24 22:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-09-15 21:21 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-07-20 00:52 - 2013-04-19 18:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll 2013-07-20 00:52 - 2013-04-19 18:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll 2013-07-20 00:52 - 2013-04-19 18:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2013-07-20 00:31 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe 2013-02-28 22:14 - 2013-02-28 22:14 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-02-28 22:11 - 2013-02-28 22:11 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2013-02-28 22:15 - 2013-02-28 22:15 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2015-01-09 00:41 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-07-20 00:48 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2013-07-20 00:39 - 2013-05-02 09:53 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Kerry\OneDrive:ms-properties AlternateDataStreams: C:\Users\Leo\OneDrive:ms-properties AlternateDataStreams: C:\Users\Leo\OneDrive.old:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-418257114-134277906-586513349-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\bluelava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_rgb.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{B11F0E4D-6D43-42AC-BBEA-7A1D3CC21A69}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{6DBB4BCD-2A97-4B12-87E1-D9732896E6A0}] => (Allow) C:\Users\Leo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{28DE8F05-873D-49A8-8262-697168D8C934}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe FirewallRules: [{2412BBE0-3318-445A-9C26-8EDEAAA4C4CB}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe FirewallRules: [{9D0EA15A-1020-4777-AB7E-93D92B99F148}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{105A7186-DC21-49B1-BAB1-31D1263A9047}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{24C84A19-DE5D-47B0-9A91-99F5D3047AB9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{79F47682-BA89-4CC2-9EFC-B42096571975}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{00748C95-942A-4D41-8C77-57D3C5356B8C}] => (Allow) LPort=1900 FirewallRules: [{057F32CA-A658-4074-A4AB-77D0AD40A5C8}] => (Allow) LPort=2869 FirewallRules: [{6787A3FE-3466-4999-9A5E-7DE74ED427D1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C8916768-5A22-49F0-A7EC-88BBB6319152}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{683F4E0A-DAE2-4DF8-93DE-3F604A17A13A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{00CC50F9-7E89-4601-B148-8F4D40991E8B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{FA906297-6DC8-4318-A4C4-75A317B5F7A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{81B8E199-7B8C-432F-8D41-A3E5D0051F2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B37775EA-869A-4961-BCAE-95020B1F4130}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{909C8971-5362-4FAF-98F7-B8D63BD1CFC5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{BF62C8A6-FBF9-4117-8D72-2D83C9DF96D7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{722BAF53-C587-4160-A75C-DB50BCF74D32}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{9BE97308-F677-4A0F-82B6-DCF218D8A547}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{19B5765A-FD1D-44B0-B3BE-69C924446AF4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{7F9FC181-616C-4205-B493-19EEF94490C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{05003F8F-F5C6-4903-83A3-2DF92907D82F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{91E3604C-6F24-4E5A-86FF-23BABDDF85DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{3DA78167-C500-466D-BD67-847203230DF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{44BA7B73-321D-47C8-A161-571C0936456E}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{4EC1482D-44DB-4096-80CC-020D9734260D}] => (Allow) LPort=8501 FirewallRules: [{E77B03DC-0772-4CCF-97F2-C41A43A41B59}] => (Allow) LPort=8501 ==================== Faulty Device Manager Devices ============= Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (09/17/2015 02:11:59 PM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007ECE49AEF0). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 02:09:08 PM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007ECE49AE50). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 12:35:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17840, time stamp: 0x555f657e Faulting module name: IEFRAME.dll, version: 11.0.9600.18036, time stamp: 0x55d8a5b1 Exception code: 0xc0000005 Fault offset: 0x0000000000285c7f Faulting process id: 0x1f88 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Faulting package full name: iexplore.exe4 Faulting package-relative application ID: iexplore.exe5 Error: (09/17/2015 12:09:21 PM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000002E534A2020). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 12:08:00 PM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000002E534A2B60). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 09:59:11 AM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000000869B8AF10). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 09:56:15 AM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000000869B8A790). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 09:55:30 AM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000000869B8AC90). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 07:50:35 AM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000A2B49BC400). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator Error: (09/17/2015 07:45:56 AM) (Source: VSS) (EventID: 12294) (User: ) Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000093C4C626B0). Operation: Get Shadow Copy Properties Context: Execution Context: Coordinator System errors: ============= Error: (09/17/2015 02:25:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/17/2015 02:25:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/17/2015 02:25:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/17/2015 02:25:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 11:31:02 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 11:31:02 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 06:17:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 06:17:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 06:17:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Error: (09/16/2015 06:17:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. CodeIntegrity: =================================== Date: 2015-09-17 15:53:53.153 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-17 15:53:52.966 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-16 10:38:42.280 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-16 10:38:42.139 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 06:41:42.537 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 06:41:42.317 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-14 22:32:23.593 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-14 22:32:23.453 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7-4500U CPU @ 1.80GHz Percentage of memory in use: 48% Total physical RAM: 7908.96 MB Available physical RAM: 4073.91 MB Total Virtual: 14052.96 MB Available Virtual: 8620.38 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:918.2 GB) (Free:717.37 GB) NTFS Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:810.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 3E7DE419) Partition: GPT. ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: F43062CA) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================

Everything is running fine. The only thing I noticed is that I previously had IE set to open with multiple home page tabs, and now it opens with just one. I'm assuming one of the scanners reset something in IE which caused this. No big deal. Thanks for your help!

I have updated and run a quick scan, which came up clean. But I am a little confused. I've been running MBAM this entire time and it never caught anything, so does a clean scan now tell us anything?

Combofix has been run. Log attached. combofix log.txt

10:26:49.0202 9884 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 10:26:49.0532 9884 ============================================================ 10:26:49.0532 9884 Current date / time: 2012/02/20 10:26:49.0532 10:26:49.0532 9884 SystemInfo: 10:26:49.0532 9884 10:26:49.0532 9884 OS Version: 6.1.7600 ServicePack: 0.0 10:26:49.0532 9884 Product type: Workstation 10:26:49.0532 9884 ComputerName: OFFICE-PC 10:26:49.0532 9884 UserName: Leo 10:26:49.0532 9884 Windows directory: C:\Windows 10:26:49.0532 9884 System windows directory: C:\Windows 10:26:49.0532 9884 Processor architecture: Intel x86 10:26:49.0532 9884 Number of processors: 4 10:26:49.0532 9884 Page size: 0x1000 10:26:49.0532 9884 Boot type: Normal boot 10:26:49.0532 9884 ============================================================ 10:26:51.0354 9884 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 10:26:51.0494 9884 \Device\Harddisk0\DR0: 10:26:51.0494 9884 MBR used 10:26:51.0494 9884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000 10:26:51.0494 9884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0 10:26:51.0557 9884 Initialize success 10:26:51.0557 9884 ============================================================ 10:27:11.0876 10664 ============================================================ 10:27:11.0876 10664 Scan started 10:27:11.0876 10664 Mode: Manual; SigCheck; TDLFS; 10:27:11.0876 10664 ============================================================ 10:27:14.0856 10664 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 10:27:15.0074 10664 1394ohci - ok 10:27:15.0106 10664 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 10:27:15.0137 10664 ACPI - ok 10:27:15.0152 10664 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 10:27:15.0277 10664 AcpiPmi - ok 10:27:15.0340 10664 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 10:27:15.0371 10664 adp94xx - ok 10:27:15.0418 10664 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 10:27:15.0449 10664 adpahci - ok 10:27:15.0496 10664 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 10:27:15.0558 10664 adpu320 - ok 10:27:15.0761 10664 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 10:27:15.0917 10664 AFD - ok 10:27:15.0932 10664 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 10:27:15.0964 10664 agp440 - ok 10:27:16.0026 10664 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 10:27:16.0057 10664 aic78xx - ok 10:27:16.0104 10664 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 10:27:16.0135 10664 aliide - ok 10:27:16.0166 10664 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 10:27:16.0198 10664 amdagp - ok 10:27:16.0198 10664 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 10:27:16.0244 10664 amdide - ok 10:27:16.0276 10664 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 10:27:16.0338 10664 AmdK8 - ok 10:27:16.0369 10664 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 10:27:16.0447 10664 AmdPPM - ok 10:27:16.0525 10664 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 10:27:16.0603 10664 amdsata - ok 10:27:16.0666 10664 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 10:27:16.0712 10664 amdsbs - ok 10:27:16.0759 10664 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 10:27:16.0775 10664 amdxata - ok 10:27:16.0806 10664 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 10:27:16.0931 10664 AppID - ok 10:27:16.0978 10664 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 10:27:17.0009 10664 arc - ok 10:27:17.0024 10664 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 10:27:17.0056 10664 arcsas - ok 10:27:17.0087 10664 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 10:27:17.0227 10664 AsyncMac - ok 10:27:17.0274 10664 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 10:27:17.0290 10664 atapi - ok 10:27:17.0539 10664 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys 10:27:17.0804 10664 atikmdag - ok 10:27:17.0976 10664 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 10:27:18.0116 10664 b06bdrv - ok 10:27:18.0179 10664 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 10:27:18.0257 10664 b57nd60x - ok 10:27:18.0366 10664 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys 10:27:18.0460 10664 BCM43XX - ok 10:27:18.0491 10664 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 10:27:18.0553 10664 Beep - ok 10:27:18.0600 10664 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 10:27:18.0709 10664 blbdrive - ok 10:27:18.0803 10664 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 10:27:18.0881 10664 bowser - ok 10:27:18.0896 10664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:27:18.0943 10664 BrFiltLo - ok 10:27:18.0974 10664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:27:19.0037 10664 BrFiltUp - ok 10:27:19.0068 10664 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 10:27:19.0146 10664 Brserid - ok 10:27:19.0162 10664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 10:27:19.0208 10664 BrSerWdm - ok 10:27:19.0240 10664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:27:19.0302 10664 BrUsbMdm - ok 10:27:19.0333 10664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 10:27:19.0396 10664 BrUsbSer - ok 10:27:19.0427 10664 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 10:27:19.0520 10664 BTHMODEM - ok 10:27:19.0614 10664 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 10:27:19.0692 10664 cdfs - ok 10:27:19.0754 10664 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 10:27:19.0786 10664 cdrom - ok 10:27:19.0801 10664 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 10:27:19.0864 10664 circlass - ok 10:27:19.0910 10664 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 10:27:19.0957 10664 CLFS - ok 10:27:19.0988 10664 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 10:27:20.0066 10664 CmBatt - ok 10:27:20.0066 10664 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 10:27:20.0082 10664 cmdide - ok 10:27:20.0129 10664 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys 10:27:20.0176 10664 CNG - ok 10:27:20.0207 10664 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 10:27:20.0222 10664 Compbatt - ok 10:27:20.0285 10664 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 10:27:20.0347 10664 CompositeBus - ok 10:27:20.0456 10664 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 10:27:20.0488 10664 crcdisk - ok 10:27:20.0597 10664 dc3d (62f9a797cd6b65dcecf71fcddf5f607c) C:\Windows\system32\DRIVERS\dc3d.sys 10:27:20.0612 10664 dc3d - ok 10:27:20.0690 10664 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 10:27:20.0831 10664 DfsC - ok 10:27:20.0909 10664 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 10:27:20.0987 10664 discache - ok 10:27:21.0034 10664 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 10:27:21.0080 10664 Disk - ok 10:27:21.0127 10664 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 10:27:21.0174 10664 drmkaud - ok 10:27:21.0221 10664 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 10:27:21.0268 10664 DXGKrnl - ok 10:27:21.0314 10664 e1express (cf0a6015f437161698c5b2a0a12cf052) C:\Windows\system32\DRIVERS\e1e6032.sys 10:27:21.0392 10664 e1express - ok 10:27:21.0580 10664 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 10:27:21.0720 10664 ebdrv - ok 10:27:21.0907 10664 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 10:27:21.0954 10664 elxstor - ok 10:27:22.0001 10664 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 10:27:22.0048 10664 ErrDev - ok 10:27:22.0110 10664 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 10:27:22.0157 10664 exfat - ok 10:27:22.0172 10664 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 10:27:22.0265 10664 fastfat - ok 10:27:22.0315 10664 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 10:27:22.0365 10664 fdc - ok 10:27:22.0405 10664 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 10:27:22.0455 10664 FileInfo - ok 10:27:22.0505 10664 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 10:27:22.0595 10664 Filetrace - ok 10:27:22.0625 10664 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 10:27:22.0675 10664 flpydisk - ok 10:27:22.0735 10664 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 10:27:22.0775 10664 FltMgr - ok 10:27:22.0805 10664 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 10:27:22.0835 10664 FsDepends - ok 10:27:22.0845 10664 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 10:27:22.0865 10664 Fs_Rec - ok 10:27:22.0925 10664 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 10:27:22.0985 10664 fvevol - ok 10:27:23.0025 10664 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 10:27:23.0065 10664 gagp30kx - ok 10:27:23.0115 10664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:27:23.0165 10664 GEARAspiWDM - ok 10:27:23.0265 10664 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 10:27:23.0365 10664 hcw85cir - ok 10:27:23.0415 10664 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 10:27:23.0515 10664 HdAudAddService - ok 10:27:23.0605 10664 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 10:27:23.0675 10664 HDAudBus - ok 10:27:23.0765 10664 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 10:27:23.0835 10664 HidBatt - ok 10:27:23.0865 10664 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 10:27:23.0915 10664 HidBth - ok 10:27:23.0955 10664 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 10:27:24.0005 10664 HidIr - ok 10:27:24.0055 10664 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 10:27:24.0105 10664 HidUsb - ok 10:27:24.0135 10664 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 10:27:24.0175 10664 HpSAMD - ok 10:27:24.0215 10664 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 10:27:24.0315 10664 HTTP - ok 10:27:24.0345 10664 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 10:27:24.0365 10664 hwpolicy - ok 10:27:24.0385 10664 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 10:27:24.0435 10664 i8042prt - ok 10:27:24.0485 10664 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 10:27:24.0525 10664 iaStorV - ok 10:27:24.0565 10664 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 10:27:24.0615 10664 iirsp - ok 10:27:24.0765 10664 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys 10:27:24.0840 10664 IntcAzAudAddService - ok 10:27:24.0872 10664 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 10:27:24.0903 10664 intelide - ok 10:27:24.0918 10664 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 10:27:24.0965 10664 intelppm - ok 10:27:25.0028 10664 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:27:25.0090 10664 IpFilterDriver - ok 10:27:25.0121 10664 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 10:27:25.0168 10664 IPMIDRV - ok 10:27:25.0199 10664 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 10:27:25.0246 10664 IPNAT - ok 10:27:25.0277 10664 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 10:27:25.0340 10664 IRENUM - ok 10:27:25.0371 10664 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 10:27:25.0402 10664 isapnp - ok 10:27:25.0433 10664 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 10:27:25.0449 10664 iScsiPrt - ok 10:27:25.0511 10664 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 10:27:25.0542 10664 kbdclass - ok 10:27:25.0574 10664 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 10:27:25.0620 10664 kbdhid - ok 10:27:25.0683 10664 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys 10:27:25.0714 10664 KSecDD - ok 10:27:25.0761 10664 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys 10:27:25.0808 10664 KSecPkg - ok 10:27:25.0870 10664 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 10:27:25.0932 10664 lltdio - ok 10:27:25.0979 10664 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 10:27:26.0010 10664 LSI_FC - ok 10:27:26.0026 10664 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 10:27:26.0073 10664 LSI_SAS - ok 10:27:26.0088 10664 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:27:26.0120 10664 LSI_SAS2 - ok 10:27:26.0151 10664 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:27:26.0182 10664 LSI_SCSI - ok 10:27:26.0213 10664 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 10:27:26.0291 10664 luafv - ok 10:27:26.0385 10664 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 10:27:26.0447 10664 MBAMProtector - ok 10:27:26.0572 10664 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 10:27:26.0588 10664 megasas - ok 10:27:26.0712 10664 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 10:27:26.0744 10664 MegaSR - ok 10:27:26.0790 10664 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 10:27:26.0884 10664 Modem - ok 10:27:26.0931 10664 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 10:27:26.0978 10664 monitor - ok 10:27:27.0056 10664 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 10:27:27.0107 10664 mouclass - ok 10:27:27.0154 10664 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 10:27:27.0201 10664 mouhid - ok 10:27:27.0357 10664 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 10:27:27.0451 10664 mountmgr - ok 10:27:27.0716 10664 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 10:27:27.0809 10664 MpFilter - ok 10:27:28.0012 10664 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 10:27:28.0075 10664 mpio - ok 10:27:28.0355 10664 MpKslc4e4fb32 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D8DC6D-B32E-4C3A-8543-28AE8C4DE115}\MpKslc4e4fb32.sys 10:27:28.0387 10664 MpKslc4e4fb32 - ok 10:27:28.0621 10664 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 10:27:28.0652 10664 MpNWMon - ok 10:27:28.0699 10664 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 10:27:28.0886 10664 mpsdrv - ok 10:27:28.0901 10664 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 10:27:28.0964 10664 MRxDAV - ok 10:27:29.0026 10664 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:27:29.0089 10664 mrxsmb - ok 10:27:29.0135 10664 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:27:29.0198 10664 mrxsmb10 - ok 10:27:29.0213 10664 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:27:29.0291 10664 mrxsmb20 - ok 10:27:29.0323 10664 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 10:27:29.0354 10664 msahci - ok 10:27:29.0385 10664 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 10:27:29.0401 10664 msdsm - ok 10:27:29.0432 10664 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 10:27:29.0463 10664 Msfs - ok 10:27:29.0494 10664 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 10:27:29.0541 10664 mshidkmdf - ok 10:27:29.0603 10664 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 10:27:29.0635 10664 msisadrv - ok 10:27:29.0791 10664 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 10:27:29.0853 10664 MSKSSRV - ok 10:27:29.0931 10664 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 10:27:29.0993 10664 MSPCLOCK - ok 10:27:30.0009 10664 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 10:27:30.0071 10664 MSPQM - ok 10:27:30.0103 10664 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 10:27:30.0149 10664 MsRPC - ok 10:27:30.0165 10664 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 10:27:30.0196 10664 mssmbios - ok 10:27:30.0227 10664 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 10:27:30.0274 10664 MSTEE - ok 10:27:30.0305 10664 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 10:27:30.0352 10664 MTConfig - ok 10:27:30.0383 10664 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 10:27:30.0425 10664 Mup - ok 10:27:30.0485 10664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 10:27:30.0535 10664 NativeWifiP - ok 10:27:30.0675 10664 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 10:27:30.0765 10664 NDIS - ok 10:27:30.0845 10664 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 10:27:30.0905 10664 NdisCap - ok 10:27:30.0925 10664 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 10:27:30.0995 10664 NdisTapi - ok 10:27:31.0035 10664 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 10:27:31.0105 10664 Ndisuio - ok 10:27:31.0135 10664 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 10:27:31.0175 10664 NdisWan - ok 10:27:31.0195 10664 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 10:27:31.0245 10664 NDProxy - ok 10:27:31.0255 10664 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 10:27:31.0335 10664 NetBIOS - ok 10:27:31.0375 10664 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 10:27:31.0475 10664 NetBT - ok 10:27:31.0805 10664 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 10:27:31.0875 10664 nfrd960 - ok 10:27:31.0955 10664 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 10:27:31.0985 10664 NisDrv - ok 10:27:32.0015 10664 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 10:27:32.0085 10664 Npfs - ok 10:27:32.0445 10664 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 10:27:32.0533 10664 nsiproxy - ok 10:27:32.0923 10664 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 10:27:33.0141 10664 Ntfs - ok 10:27:33.0423 10664 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 10:27:33.0579 10664 Null - ok 10:27:33.0906 10664 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 10:27:33.0953 10664 nvraid - ok 10:27:34.0000 10664 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 10:27:34.0047 10664 nvstor - ok 10:27:34.0094 10664 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 10:27:34.0125 10664 nv_agp - ok 10:27:34.0172 10664 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 10:27:34.0234 10664 ohci1394 - ok 10:27:34.0312 10664 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys 10:27:34.0390 10664 Packet - ok 10:27:34.0421 10664 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 10:27:34.0515 10664 Parport - ok 10:27:34.0546 10664 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 10:27:34.0593 10664 partmgr - ok 10:27:34.0624 10664 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 10:27:34.0702 10664 Parvdm - ok 10:27:34.0811 10664 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 10:27:34.0842 10664 pci - ok 10:27:34.0905 10664 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 10:27:34.0936 10664 pciide - ok 10:27:34.0967 10664 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 10:27:35.0014 10664 pcmcia - ok 10:27:35.0045 10664 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 10:27:35.0076 10664 pcw - ok 10:27:35.0264 10664 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 10:27:35.0373 10664 PEAUTH - ok 10:27:35.0763 10664 Point32 (e56e57cfb75b1ee2bb001ad036c27fbb) C:\Windows\system32\DRIVERS\point32k.sys 10:27:35.0778 10664 Point32 - ok 10:27:35.0966 10664 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 10:27:36.0059 10664 PptpMiniport - ok 10:27:36.0090 10664 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 10:27:36.0137 10664 Processor - ok 10:27:36.0215 10664 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 10:27:36.0340 10664 Psched - ok 10:27:36.0402 10664 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys 10:27:36.0449 10664 PxHelp20 - ok 10:27:36.0683 10664 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 10:27:36.0777 10664 ql2300 - ok 10:27:37.0011 10664 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 10:27:37.0058 10664 ql40xx - ok 10:27:37.0104 10664 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 10:27:37.0182 10664 QWAVEdrv - ok 10:27:37.0214 10664 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 10:27:37.0307 10664 RasAcd - ok 10:27:37.0370 10664 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:27:37.0416 10664 RasAgileVpn - ok 10:27:37.0448 10664 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:27:37.0526 10664 Rasl2tp - ok 10:27:37.0572 10664 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 10:27:37.0635 10664 RasPppoe - ok 10:27:37.0728 10664 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 10:27:37.0853 10664 RasSstp - ok 10:27:37.0916 10664 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 10:27:38.0009 10664 rdbss - ok 10:27:38.0040 10664 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 10:27:38.0072 10664 rdpbus - ok 10:27:38.0087 10664 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:27:38.0150 10664 RDPCDD - ok 10:27:38.0196 10664 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 10:27:38.0228 10664 RDPENCDD - ok 10:27:38.0524 10664 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 10:27:38.0602 10664 RDPREFMP - ok 10:27:38.0883 10664 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 10:27:38.0992 10664 RDPWD - ok 10:27:39.0070 10664 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 10:27:39.0132 10664 rdyboost - ok 10:27:39.0257 10664 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 10:27:39.0320 10664 rspndr - ok 10:27:39.0366 10664 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 10:27:39.0429 10664 sbp2port - ok 10:27:39.0725 10664 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 10:27:39.0819 10664 scfilter - ok 10:27:39.0928 10664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 10:27:39.0990 10664 secdrv - ok 10:27:40.0022 10664 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 10:27:40.0053 10664 Serenum - ok 10:27:40.0084 10664 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 10:27:40.0162 10664 Serial - ok 10:27:40.0209 10664 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 10:27:40.0287 10664 sermouse - ok 10:27:40.0349 10664 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 10:27:40.0396 10664 sffdisk - ok 10:27:40.0458 10664 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 10:27:40.0490 10664 sffp_mmc - ok 10:27:40.0568 10664 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 10:27:40.0614 10664 sffp_sd - ok 10:27:40.0661 10664 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 10:27:40.0692 10664 sfloppy - ok 10:27:40.0755 10664 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 10:27:40.0802 10664 sisagp - ok 10:27:40.0880 10664 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:27:40.0911 10664 SiSRaid2 - ok 10:27:40.0958 10664 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 10:27:40.0989 10664 SiSRaid4 - ok 10:27:41.0020 10664 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 10:27:41.0114 10664 Smb - ok 10:27:41.0238 10664 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 10:27:41.0254 10664 spldr - ok 10:27:41.0348 10664 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 10:27:41.0457 10664 srv - ok 10:27:41.0504 10664 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 10:27:41.0550 10664 srv2 - ok 10:27:41.0628 10664 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 10:27:41.0691 10664 srvnet - ok 10:27:41.0816 10664 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 10:27:41.0831 10664 stexstor - ok 10:27:41.0909 10664 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 10:27:41.0956 10664 swenum - ok 10:27:42.0377 10664 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys 10:27:42.0455 10664 Tcpip - ok 10:27:42.0736 10664 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys 10:27:42.0798 10664 TCPIP6 - ok 10:27:42.0908 10664 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 10:27:42.0970 10664 tcpipreg - ok 10:27:43.0204 10664 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 10:27:43.0266 10664 TDPIPE - ok 10:27:43.0438 10664 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 10:27:43.0500 10664 TDTCP - ok 10:27:43.0547 10664 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 10:27:43.0625 10664 tdx - ok 10:27:43.0656 10664 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 10:27:43.0703 10664 TermDD - ok 10:27:43.0828 10664 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:27:43.0890 10664 tssecsrv - ok 10:27:43.0937 10664 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 10:27:44.0031 10664 tunnel - ok 10:27:44.0062 10664 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 10:27:44.0124 10664 uagp35 - ok 10:27:44.0249 10664 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 10:27:44.0374 10664 udfs - ok 10:27:44.0436 10664 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 10:27:44.0483 10664 uliagpkx - ok 10:27:44.0530 10664 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 10:27:44.0639 10664 umbus - ok 10:27:44.0670 10664 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 10:27:44.0717 10664 UmPass - ok 10:27:44.0858 10664 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 10:27:44.0967 10664 USBAAPL - ok 10:27:45.0029 10664 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys 10:27:45.0123 10664 usbccgp - ok 10:27:45.0638 10664 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 10:27:45.0684 10664 usbcir - ok 10:27:45.0903 10664 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys 10:27:45.0950 10664 usbehci - ok 10:27:46.0012 10664 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys 10:27:46.0059 10664 usbhub - ok 10:27:46.0402 10664 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys 10:27:46.0464 10664 usbohci - ok 10:27:46.0776 10664 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 10:27:46.0839 10664 usbprint - ok 10:27:46.0948 10664 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 10:27:47.0010 10664 usbscan - ok 10:27:47.0057 10664 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS 10:27:47.0166 10664 USBSTOR - ok 10:27:47.0213 10664 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys 10:27:47.0276 10664 usbuhci - ok 10:27:47.0338 10664 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 10:27:47.0369 10664 vdrvroot - ok 10:27:47.0416 10664 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 10:27:47.0463 10664 vga - ok 10:27:47.0634 10664 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 10:27:47.0712 10664 VgaSave - ok 10:27:47.0806 10664 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 10:27:47.0837 10664 vhdmp - ok 10:27:47.0946 10664 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 10:27:47.0978 10664 viaagp - ok 10:27:48.0102 10664 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 10:27:48.0165 10664 ViaC7 - ok 10:27:48.0711 10664 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 10:27:48.0726 10664 viaide - ok 10:27:48.0867 10664 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 10:27:48.0898 10664 volmgr - ok 10:27:48.0992 10664 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 10:27:49.0023 10664 volmgrx - ok 10:27:49.0116 10664 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 10:27:49.0210 10664 volsnap - ok 10:27:49.0257 10664 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 10:27:49.0319 10664 vsmraid - ok 10:27:49.0428 10664 VSTHWBS2 (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS 10:27:49.0491 10664 VSTHWBS2 - ok 10:27:49.0662 10664 VST_DPV (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 10:27:49.0834 10664 VST_DPV - ok 10:27:49.0912 10664 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 10:27:49.0959 10664 vwifibus - ok 10:27:50.0052 10664 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 10:27:50.0115 10664 vwififlt - ok 10:27:50.0286 10664 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 10:27:50.0458 10664 WacomPen - ok 10:27:50.0942 10664 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 10:27:51.0035 10664 WANARP - ok 10:27:51.0066 10664 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 10:27:51.0113 10664 Wanarpv6 - ok 10:27:51.0690 10664 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 10:27:51.0784 10664 Wd - ok 10:27:51.0971 10664 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 10:27:52.0018 10664 Wdf01000 - ok 10:27:52.0096 10664 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 10:27:52.0127 10664 WfpLwf - ok 10:27:52.0221 10664 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 10:27:52.0252 10664 WIMMount - ok 10:27:52.0361 10664 winachsf (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 10:27:52.0424 10664 winachsf - ok 10:27:52.0517 10664 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 10:27:52.0564 10664 WinUsb - ok 10:27:52.0626 10664 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 10:27:52.0689 10664 WmiAcpi - ok 10:27:52.0814 10664 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 10:27:52.0876 10664 ws2ifsl - ok 10:27:52.0938 10664 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 10:27:53.0048 10664 WudfPf - ok 10:27:53.0094 10664 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:27:53.0141 10664 WUDFRd - ok 10:27:53.0188 10664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 10:27:53.0890 10664 \Device\Harddisk0\DR0 - ok 10:27:53.0921 10664 Boot (0x1200) (271e3d45fd3c4a47de31670bcd2b84dc) \Device\Harddisk0\DR0\Partition0 10:27:53.0952 10664 \Device\Harddisk0\DR0\Partition0 - ok 10:27:53.0999 10664 Boot (0x1200) (658d6cc2cfc6cb8557f7512347c59643) \Device\Harddisk0\DR0\Partition1 10:27:53.0999 10664 \Device\Harddisk0\DR0\Partition1 - ok 10:27:53.0999 10664 ============================================================ 10:27:53.0999 10664 Scan finished 10:27:53.0999 10664 ============================================================ 10:27:54.0015 6884 Detected object count: 0 10:27:54.0015 6884 Actual detected object count: 0

Roguekiller scan report attached. RKreport1.txt

I reveive an IP block message every time I start IE for 208.73.210.29. Based on what I have read here, it appears that this is not a false positive. I have attached the two logs from DDS as instructed. thank you! DDS.txt Attach.txt