Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Popups in Windows 8.1

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Popups in Windows 8.1

Unread postby DougSr » May 21st, 2014, 11:18 pm

The pup was PUP.Optional.Conduit.A Mbam has found this a few times and I always chose the Quarantine option
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am
Advertisement
Register to Remove

Re: Popups in Windows 8.1

Unread postby DougSr » May 21st, 2014, 11:20 pm

This may be a repeat post, I cannot see it all right now.
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/21/2014
Scan Time: 11:15:54 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.21.10
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: DougWendy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 275745
Time Elapsed: 2 hr, 0 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.Conduit.A, C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.air1.com/", "http://www.google.com", "http://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP56641997-1825-47B8-B06F-13601646BDED&SSPV=" ],), ,[709e5df7f08b92a4f961d9a740c4d828]

Physical Sectors: 0
(No malicious items detected)


(end)
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby wannabeageek » May 22nd, 2014, 10:37 am

DougSr,

DougSr wrote:I am assuming that you mean remove them in regedit? I looked for the first one and could not find it.
No, I don't believe I ever made any reference to using regedit, ever. Normally, people use the "Programs and Features" page of the "Control Panel" to uninstall or change a program or programs.

DougSr wrote:... but for MBAM finding an interesting tidbit, a pup I think it was. Let me find the latest log and copy it here.
I do not believe I asked for a scan using MBAM.


http://www.malwareremoval.com/forum/viewtopic.php?f=11&t=62811#p634080 #3 of my opening post states:
#3 DO NOT run any other fix or removal tools unless instructed to do so!

I am so sorry to say that since you have modified your registry using regedit on your own, I can now only recommend a complete factory reset.
Regedit has no safegards and does not make any backup of any type or kind. Using regedit to remove entries on your own, eliminates any possiblilty of finding malware or remanants of malware. Any additional scans will be inconclusive because of the modifications made to your registry using regedit.


Please be sure to back up all of your data files prior to resetting your Operating System to Factory Settings.


This thread will be closed.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 11:33 am

MBAM, by the default setting, has been running a scan daily. MBAM runs a daily scan on other machines I have it installed on. It has never reported this PUP which is why I asked about it. I noticed the PUP under the results of the scan. I am aware of the dangers of running regedit which is why I asked you about it, I did not remove anything in it. I looked for the entry and could not find it. I have not modified the registry since I could not find it.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby wannabeageek » May 22nd, 2014, 3:14 pm

Hi DougSr,

Again forgive me for misunderstanding. It appeared to me that you were editing with regedit.

Please run this scan and post back the results:


Step 1.
RSIT (Random's System Information Tool)
Please download RSITx64 by random/random... save it to your desktop.
  1. Right click on RSIT.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
  2. Please read the disclaimer... click on Continue.
  3. RSIT will start running. When done... 2 logs files...will be produced.
    The first one, "log.txt", <<will be maximized... the second one, "info.txt", <<will be minimized.
  4. Please post both... "log.txt" and "info.txt", file contents in your next reply.
(These logs can be lengthy, so a seperate post may be needed.)


Step 2.
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Bandoo*
    *Community*
    *Conduit*
    *datamngr*
    *Fun4IM*
    *iLivid*
    *IObit*
    *Iminent*
    *openoffice*
    *open office*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *Bandoo*
    *Community*
    *Conduit*
    *datamngr*
    *Fun4IM*
    *iLivid*
    *IObit*
    *Iminent*
    *openoffice*
    *open office*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    Bandoo
    Community
    Conduit
    datamngr
    Fun4IM
    iLivid
    IObit
    Iminent
    Searchqu
    Searchnu
    Tarma
    trolltech
    vshare
    whitesmoke
    Yontoo
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt



Please include in your next reply:
  1. Contents of log.txt
  2. Contents of info.txt
  3. Contents of SystemLook.txt
  4. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 6:05 pm

Logfile of random's system information tool 1.09 (written by random/random)
Run by DougWendy at 2014-05-22 15:53:45
Microsoft Windows 8.1
System drive C: has 60 GB (39%) free of 153 GB
Total RAM: 16291 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:53:56 PM, on 5/22/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\DougWendy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F84817E67206CD0024432F96C2BC89C0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: Backblaze Service (bzserv) - Unknown owner - C:\Program Files (x86)\Backblaze\bzserv.exe (file missing)
O23 - Service: CrashPlan Backup Service (CrashPlanService) - Code 42 Software - C:\Program Files\CrashPlan\CrashPlanService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10219 bytes

======Listing Processes======

wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\CrashPlan\CrashPlanService.exe"
dashost.exe {26cc1865-e803-41c3-bbdeced6b6a14ec8}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-44d7ef88-7655-4243-99cd-1e3605596033 -SystemEventPortName:HostProcess-c7128fd6-531a-4ca3-8dd3-53eb1ed42833 -IoCancelEventPortName:HostProcess-71444814-6b62-4d36-8601-4be37d27ca55 -NonStateChangingEventPortName:HostProcess-edefd9f8-4153-45b0-921b-63462f7281e2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cd1963be-704c-4362-8984-9240998bdb90 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe" -noshow
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -nonOpenAIS2
taskhostex.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\CrashPlan\CrashPlanTray.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5756.0.175350929\2039523875" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x1049 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/NavSuggestUnification_A2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5756.1.17749637\1361709675" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4448.0.1006143115\861274910" /prefetch:3
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe141_ Global\UsGthrCtrlFltPipeMssGthrPipe141 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\DougWendy\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default

prefs.js - "browser.startup.homepage" - "http://www.mercercountysports.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default\extensions\
{e001c731-5e37-4538-a5cb-8168736a2360}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-18 7158344]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-03-08 1278024]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"GoogleChromeAutoLaunch_F84817E67206CD0024432F96C2BC89C0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-05-07 841032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"ASUS Ai Charger"=C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [2012-08-13 547984]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-08-29 3187360]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-03-21 2691480]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-08-23 206240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CrashPlan Tray.lnk - C:\Program Files\CrashPlan\CrashPlanTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 6:06 pm

======List of files/folders created in the last 1 month======

2014-05-22 15:53:45 ----D---- C:\rsit
2014-05-22 15:53:45 ----D---- C:\Program Files\trend micro
2014-05-18 23:07:43 ----SHD---- C:\Config.Msi
2014-05-18 22:14:40 ----D---- C:\Program Files (x86)\Microsoft Office Communicator
2014-05-18 21:59:46 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-18 21:59:46 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-18 21:59:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-18 21:59:45 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-18 21:59:45 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-18 21:59:44 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-18 21:59:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-18 21:59:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-18 21:59:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-18 21:59:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-18 21:59:42 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-18 21:59:42 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-18 21:59:42 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-18 21:59:41 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-18 21:59:40 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-18 21:59:40 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-18 21:59:40 ----AC---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\services.exe
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-18 21:59:40 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-18 21:59:39 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-18 21:59:39 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-18 21:59:38 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-18 21:58:39 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-16 20:18:04 ----D---- C:\FRST
2014-05-15 10:49:42 ----D---- C:\Program Files\HitmanPro
2014-05-15 10:42:59 ----D---- C:\ProgramData\HitmanPro
2014-05-15 09:50:31 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-05-15 09:50:22 ----D---- C:\ProgramData\Malwarebytes
2014-05-15 09:50:22 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-15 09:50:22 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-05-15 09:50:22 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-05-15 09:50:22 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-05-15 09:41:56 ----D---- C:\WINDOWS\ERUNT
2014-05-15 09:34:41 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-15 09:34:00 ----D---- C:\AdwCleaner
2014-05-14 14:38:26 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 14:38:26 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 14:38:24 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 14:38:24 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 14:38:24 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 14:38:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 14:38:15 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 14:38:15 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 14:38:15 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 14:38:14 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 14:38:05 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 14:38:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 14:38:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 14:38:04 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 14:37:51 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 14:37:51 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 14:37:51 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 14:37:51 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-13 11:44:10 ----D---- C:\Users\DougWendy\AppData\Roaming\OpenOffice
2014-05-10 04:50:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-24 05:55:51 ----D---- C:\ProgramData\GZ

======List of files/folders modified in the last 1 month======

2014-05-22 15:53:45 ----RD---- C:\Program Files
2014-05-22 15:26:29 ----RD---- C:\WINDOWS\System32
2014-05-22 15:09:41 ----SHD---- C:\System Volume Information
2014-05-22 15:02:01 ----D---- C:\WINDOWS\system32\sru
2014-05-22 13:27:12 ----D---- C:\WINDOWS\Temp
2014-05-22 09:56:23 ----D---- C:\WINDOWS\Prefetch
2014-05-22 09:55:56 ----HD---- C:\Program Files\WindowsApps
2014-05-22 08:36:27 ----D---- C:\WINDOWS\AppReadiness
2014-05-22 06:11:56 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-21 22:42:15 ----SHD---- C:\WINDOWS\Installer
2014-05-21 22:42:10 ----RSD---- C:\WINDOWS\assembly
2014-05-21 22:42:09 ----RD---- C:\Program Files (x86)
2014-05-21 22:41:26 ----RSD---- C:\WINDOWS\Fonts
2014-05-21 14:05:11 ----D---- C:\WINDOWS\Inf
2014-05-21 14:05:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-21 00:24:54 ----D---- C:\ProgramData\NVIDIA
2014-05-20 23:55:26 ----D---- C:\WINDOWS\system32\drivers
2014-05-20 04:17:41 ----D---- C:\WINDOWS\system32\config
2014-05-20 03:51:25 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-20 03:51:23 ----D---- C:\WINDOWS\WinSxS
2014-05-20 03:36:58 ----D---- C:\WINDOWS\system32\catroot2
2014-05-19 04:41:34 ----D---- C:\WINDOWS\rescache
2014-05-18 22:50:25 ----D---- C:\Program Files (x86)\Google
2014-05-18 22:50:01 ----D---- C:\WINDOWS\Tasks
2014-05-18 22:50:01 ----D---- C:\WINDOWS\system32\Tasks
2014-05-18 22:47:57 ----SD---- C:\Users\DougWendy\AppData\Roaming\Microsoft
2014-05-18 22:00:56 ----RD---- C:\WINDOWS\ToastData
2014-05-18 22:00:52 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-18 22:00:52 ----D---- C:\WINDOWS\SysWOW64
2014-05-18 22:00:51 ----D---- C:\WINDOWS\system32\oobe
2014-05-18 22:00:51 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-18 22:00:03 ----D---- C:\WINDOWS\CbsTemp
2014-05-17 20:38:22 ----D---- C:\Users\DougWendy\AppData\Roaming\QuickScan
2014-05-16 20:19:22 ----D---- C:\Windows
2014-05-15 10:42:59 ----HD---- C:\ProgramData
2014-05-15 10:19:36 ----D---- C:\WINDOWS\schemas
2014-05-15 09:36:01 ----A---- C:\WINDOWS\win.ini
2014-05-15 07:26:10 ----D---- C:\Program Files\Windows Defender
2014-05-15 07:26:10 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-15 07:26:09 ----D---- C:\WINDOWS\WinStore
2014-05-15 07:26:09 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-15 07:26:09 ----D---- C:\WINDOWS\system32\en-US
2014-05-15 04:57:13 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 04:56:57 ----D---- C:\WINDOWS\apppatch
2014-05-15 04:56:56 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 04:56:23 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-12 20:30:37 ----D---- C:\Program Files (x86)\Canon
2014-05-12 20:30:34 ----RSD---- C:\WINDOWS\Media
2014-05-10 20:57:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-01 16:30:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\WINDOWS\System32\drivers\ACPI.sys [2014-02-22 539992]
R0 acpiex;Microsoft ACPIEx Driver; C:\WINDOWS\System32\Drivers\acpiex.sys [2013-08-22 79712]
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2013-04-17 718840]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\WINDOWS\System32\drivers\CLFS.sys [2014-03-19 376152]
R0 CNG;CNG; C:\WINDOWS\System32\Drivers\cng.sys [2014-03-08 565536]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\WINDOWS\System32\drivers\disk.sys [2013-08-22 100192]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\WINDOWS\System32\drivers\fileinfo.sys [2014-02-22 79192]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\WINDOWS\system32\drivers\fltmgr.sys [2014-04-06 360792]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\WINDOWS\System32\DRIVERS\fvevol.sys [2014-04-07 589656]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-01-13 652784]
R0 intelpep;@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver; C:\WINDOWS\System32\drivers\intelpep.sys [2014-03-24 39768]
R0 KSecDD;KSecDD; C:\WINDOWS\System32\Drivers\ksecdd.sys [2013-11-14 101208]
R0 KSecPkg;KSecPkg; C:\WINDOWS\System32\Drivers\ksecpkg.sys [2014-03-08 180056]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\WINDOWS\System32\drivers\mountmgr.sys [2013-08-22 101728]
R0 msisadrv;msisadrv; C:\WINDOWS\System32\drivers\msisadrv.sys [2013-08-22 17248]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\WINDOWS\System32\Drivers\mup.sys [2013-08-22 78688]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\WINDOWS\system32\drivers\ndis.sys [2014-02-22 1118552]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\WINDOWS\System32\drivers\partmgr.sys [2013-08-22 88928]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\WINDOWS\System32\drivers\pci.sys [2014-02-22 280920]
R0 pcw;Performance Counters for Windows Driver; C:\WINDOWS\System32\drivers\pcw.sys [2013-08-22 50016]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\WINDOWS\system32\drivers\pdc.sys [2014-03-24 86872]
R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2014-02-22 249688]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\WINDOWS\System32\drivers\spaceport.sys [2014-04-01 384856]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\WINDOWS\System32\drivers\tcpip.sys [2014-03-31 2518360]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2013-05-28 382536]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\WINDOWS\System32\drivers\vdrvroot.sys [2013-08-22 37728]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\WINDOWS\System32\drivers\volmgr.sys [2013-08-22 73568]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\WINDOWS\System32\drivers\volmgrx.sys [2013-08-22 377696]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\WINDOWS\System32\drivers\volsnap.sys [2014-03-06 310616]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\WINDOWS\system32\drivers\Wdf01000.sys [2013-08-22 839488]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\WINDOWS\system32\DRIVERS\wfplwfs.sys [2014-03-08 136024]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\WINDOWS\system32\drivers\afd.sys [2014-04-02 563200]
R1 ahcache;@%systemroot%\system32\drivers\ahcache.sys,-102; C:\WINDOWS\system32\DRIVERS\ahcache.sys [2013-08-22 76800]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 AsUpIO;AsUpIO; C:\WINDOWS\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 BasicDisplay;BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [2013-08-22 50688]
R1 BasicRender;BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [2014-02-22 33280]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-07-02 121928]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2013-08-22 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\WINDOWS\System32\drivers\cdrom.sys [2013-08-22 164352]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\WINDOWS\System32\Drivers\dfsc.sys [2014-03-06 134144]
R1 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2013-04-22 148696]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2013-08-22 30208]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\WINDOWS\System32\drivers\mssmbios.sys [2013-08-22 37728]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2013-08-22 48128]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\WINDOWS\System32\DRIVERS\netbt.sys [2013-08-22 282624]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2013-08-22 58880]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\WINDOWS\System32\drivers\npsvctrig.sys [2013-08-22 23040]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\WINDOWS\system32\drivers\nsiproxy.sys [2013-08-22 39936]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2013-08-22 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\WINDOWS\system32\DRIVERS\pacer.sys [2013-08-22 151552]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2014-03-24 408576]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\WINDOWS\system32\DRIVERS\tdx.sys [2013-08-22 107520]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\WINDOWS\system32\DRIVERS\lltdio.sys [2013-08-22 59392]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\WINDOWS\system32\drivers\luafv.sys [2014-02-22 124416]
R2 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys [2014-03-06 283648]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\WINDOWS\system32\drivers\Ndu.sys [2013-08-22 103424]
R2 PEAUTH;PEAUTH; C:\WINDOWS\system32\drivers\peauth.sys [2014-02-22 663040]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2013-08-22 80384]
R2 secdrv;Security Driver; C:\WINDOWS\system32\drivers\secdrv.sys [2013-08-22 23040]
R2 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\WINDOWS\System32\DRIVERS\srv.sys [2013-11-14 454656]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\WINDOWS\System32\drivers\tcpipreg.sys [2014-03-06 49152]
R3 AiCharger;AiCharger; C:\WINDOWS\SysWow64\drivers\AiCharger.sys [2012-03-22 14848]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-10-25 95744]
R3 AU8168;@oem10.inf,%rtl8168.Service.DispName%;AU 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\au630x64.sys [2013-09-23 792648]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2013-04-17 593144]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\WINDOWS\system32\DRIVERS\bowser.sys [2013-08-22 102912]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\WINDOWS\System32\drivers\CompositeBus.sys [2013-08-22 36352]
R3 condrv;Console Driver; C:\WINDOWS\System32\drivers\condrv.sys [2013-08-22 43008]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\WINDOWS\System32\drivers\dxgkrnl.sys [2014-03-06 1557848]
R3 fastfat;FAT12/16/32 File System Driver; C:\WINDOWS\system32\drivers\fastfat.sys [2013-08-22 217952]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\drivers\HDAudBus.sys [2014-03-18 77312]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\WINDOWS\System32\drivers\hidusb.sys [2014-03-06 33280]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\WINDOWS\system32\drivers\HTTP.sys [2014-01-29 994136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-19 3363016]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\WINDOWS\System32\drivers\intelppm.sys [2013-08-22 98816]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\WINDOWS\System32\drivers\kbdclass.sys [2013-08-22 58208]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\WINDOWS\System32\drivers\kbdhid.sys [2013-08-22 32256]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\WINDOWS\system32\DRIVERS\kdnic.sys [2013-08-22 19456]
R3 ksthunk;Kernel Streaming Thunks; C:\WINDOWS\system32\drivers\ksthunk.sys [2013-08-22 21248]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-04-03 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2014-05-21 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-04-03 63192]
R3 MEIx64;@oem27.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-02-15 64624]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\WINDOWS\System32\drivers\monitor.sys [2013-08-22 30208]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\WINDOWS\System32\drivers\mouclass.sys [2013-08-22 51040]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\WINDOWS\System32\drivers\mouhid.sys [2013-08-22 30208]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\WINDOWS\System32\drivers\mpsdrv.sys [2013-08-22 74240]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2014-04-02 402432]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys [2014-03-24 206848]
R3 NdisVirtualBus;@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-08-22 16384]
R3 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2014-03-19 2013016]
R3 NVHDA;@oem29.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-04 12708128]
R3 nvvad_WaveExtensible;@oem31.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\WINDOWS\System32\drivers\rdpbus.sys [2013-08-22 22528]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\WINDOWS\System32\DRIVERS\srv2.sys [2014-04-02 677376]
R3 srvnet;srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [2014-03-27 246272]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\WINDOWS\System32\drivers\swenum.sys [2013-08-22 14176]
R3 UCX01000;USB Controller Extension; C:\WINDOWS\System32\drivers\ucx01000.sys [2014-02-22 189784]
R3 UEFI;@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver; C:\WINDOWS\System32\drivers\UEFI.sys [2013-08-22 26976]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\WINDOWS\System32\drivers\umbus.sys [2013-08-22 46080]
R3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\WINDOWS\System32\drivers\umpass.sys [2013-08-22 11776]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\drivers\usbccgp.sys [2013-11-14 155480]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbehci.sys [2013-08-22 89952]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\drivers\usbhub.sys [2013-08-22 422240]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\WINDOWS\System32\drivers\UsbHub3.sys [2014-03-08 467800]
R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\WINDOWS\System32\drivers\USBSTOR.SYS [2014-02-22 148824]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\USBXHCI.SYS [2014-02-22 325464]
R3 WDC_SAM;@oem9.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\WINDOWS\System32\drivers\wdcsam64.sys [2008-05-06 14464]
R3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\drivers\wmiacpi.sys [2013-08-22 16384]
R3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\WINDOWS\System32\drivers\WpdUpFltr.sys [2013-08-22 26976]
R4 cdfs;CD/DVD File System Reader; C:\WINDOWS\system32\DRIVERS\cdfs.sys [2013-08-22 88576]
R4 udfs;udfs; C:\WINDOWS\system32\DRIVERS\udfs.sys [2013-08-22 316928]
S0 3ware;3ware; C:\WINDOWS\System32\drivers\3ware.sys [2013-08-22 108896]
S0 ADP80XX;ADP80XX; C:\WINDOWS\System32\drivers\ADP80XX.SYS [2013-08-22 782176]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\WINDOWS\System32\drivers\agp440.sys [2013-08-22 62304]
S0 amdsata;amdsata; C:\WINDOWS\System32\drivers\amdsata.sys [2013-08-22 79200]
S0 amdsbs;amdsbs; C:\WINDOWS\System32\drivers\amdsbs.sys [2013-08-22 259424]
S0 amdxata;amdxata; C:\WINDOWS\System32\drivers\amdxata.sys [2013-08-22 25952]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver; C:\WINDOWS\System32\drivers\arcsas.sys [2013-08-22 114016]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\WINDOWS\System32\drivers\atapi.sys [2013-08-22 26464]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\WINDOWS\System32\drivers\bxvbda.sys [2013-08-22 531296]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\WINDOWS\System32\drivers\evbda.sys [2013-08-22 3357024]
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\WINDOWS\System32\drivers\EhStorClass.sys [2013-08-22 82784]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [2013-08-22 114016]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\System32\drivers\gagp30kx.sys [2013-08-22 65888]
S0 HpSAMD;HpSAMD; C:\WINDOWS\System32\drivers\HpSAMD.sys [2013-08-22 64352]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\WINDOWS\System32\drivers\hwpolicy.sys [2013-08-22 24416]
S0 iaStorAV;@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows; C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-08-09 651248]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\WINDOWS\System32\drivers\iaStorV.sys [2013-08-22 412000]
S0 intelide;intelide; C:\WINDOWS\System32\drivers\intelide.sys [2013-08-22 18272]
S0 isapnp;isapnp; C:\WINDOWS\System32\drivers\isapnp.sys [2013-08-22 21856]
S0 LSI_SAS;LSI_SAS; C:\WINDOWS\System32\drivers\lsi_sas.sys [2013-08-22 109408]
S0 LSI_SAS2;LSI_SAS2; C:\WINDOWS\System32\drivers\lsi_sas2.sys [2013-08-22 93536]
S0 LSI_SAS3;LSI_SAS3; C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-08-22 81760]
S0 LSI_SSS;LSI_SSS; C:\WINDOWS\System32\drivers\lsi_sss.sys [2013-08-22 82784]
S0 megasas;megasas; C:\WINDOWS\System32\drivers\megasas.sys [2013-08-22 56672]
S0 megasr;megasr; C:\WINDOWS\System32\drivers\megasr.sys [2013-08-22 575840]
S0 mvumis;mvumis; C:\WINDOWS\System32\drivers\mvumis.sys [2013-08-22 63840]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\drivers\nv_agp.sys [2013-08-22 124768]
S0 nvraid;nvraid; C:\WINDOWS\System32\drivers\nvraid.sys [2013-08-22 150368]
S0 nvstor;nvstor; C:\WINDOWS\System32\drivers\nvstor.sys [2013-08-22 168288]
S0 pciide;pciide; C:\WINDOWS\System32\drivers\pciide.sys [2013-08-22 14688]
S0 pcmcia;pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [2013-08-22 114528]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\System32\drivers\sbp2port.sys [2013-08-22 107872]
S0 SiSRaid2;SiSRaid2; C:\WINDOWS\System32\drivers\SiSRaid2.sys [2013-08-22 44896]
S0 SiSRaid4;SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [2013-08-22 81760]
S0 stexstor;stexstor; C:\WINDOWS\System32\drivers\stexstor.sys [2013-08-22 31072]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\WINDOWS\System32\drivers\storahci.sys [2013-08-22 107872]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\WINDOWS\system32\DRIVERS\vmstorfl.sys [2013-08-22 49984]
S0 stornvme;@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver; C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-14 57176]
S0 storvsc;storvsc; C:\WINDOWS\System32\drivers\storvsc.sys [2013-08-22 45888]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\WINDOWS\System32\drivers\uagp35.sys [2013-08-22 64864]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\WINDOWS\System32\drivers\uliagpkx.sys [2013-08-22 65888]
S0 viaide;viaide; C:\WINDOWS\System32\drivers\viaide.sys [2013-08-22 19808]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\WINDOWS\System32\drivers\vmbus.sys [2013-08-22 97088]
S0 vsmraid;vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [2013-08-22 168800]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver; C:\WINDOWS\System32\drivers\vstxraid.sys [2013-08-22 305504]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\WINDOWS\system32\drivers\dam.sys [2013-08-22 57696]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\WINDOWS\System32\drivers\1394ohci.sys [2013-08-22 231424]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\WINDOWS\System32\drivers\acpipagr.sys [2013-08-22 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\WINDOWS\System32\drivers\acpipmi.sys [2013-08-22 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\WINDOWS\System32\drivers\acpitime.sys [2013-08-22 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\WINDOWS\System32\drivers\amdk8.sys [2013-08-22 95744]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\WINDOWS\System32\drivers\amdppm.sys [2013-08-22 98816]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\WINDOWS\system32\drivers\appid.sys [2013-11-14 83456]
S3 bcmfn2;@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service; C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-08-12 17624]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\WINDOWS\System32\drivers\bthmodem.sys [2013-08-22 63488]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\WINDOWS\System32\drivers\circlass.sys [2013-08-22 44032]
S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\drivers\CmBatt.sys [2013-08-22 25472]
S3 dmvsc;dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [2013-08-22 29696]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\WINDOWS\system32\drivers\drmkaud.sys [2013-08-22 14560]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\WINDOWS\System32\drivers\errdev.sys [2013-08-22 10240]
S3 exfat;exFAT File System Driver; C:\WINDOWS\system32\drivers\exfat.sys [2013-08-22 200704]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\WINDOWS\System32\drivers\fdc.sys [2013-08-22 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\WINDOWS\system32\drivers\filetrace.sys [2013-08-22 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\WINDOWS\System32\drivers\flpydisk.sys [2013-08-22 25088]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\WINDOWS\System32\drivers\FsDepends.sys [2013-08-22 56672]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\WINDOWS\System32\drivers\fxppm.sys [2013-08-22 27136]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\WINDOWS\System32\drivers\vmgencounter.sys [2013-08-22 11264]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\WINDOWS\System32\Drivers\msgpioclx.sys [2014-02-22 146776]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\WINDOWS\System32\drivers\HidBatt.sys [2013-08-22 26624]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\WINDOWS\System32\drivers\hidbth.sys [2013-08-22 96768]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\WINDOWS\System32\drivers\hidi2c.sys [2013-08-22 41472]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\WINDOWS\System32\drivers\hidir.sys [2013-08-22 45568]
S3 hyperkbd;hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [2013-08-22 13824]
S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2013-08-22 22016]
S3 i8042prt;@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\System32\drivers\i8042prt.sys [2013-08-22 107520]
S3 iaLPSSi_GPIO;@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-07-30 24568]
S3 iaLPSSi_I2C;@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-07-25 99320]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2013-08-22 84992]
S3 IPMIDRV;IPMIDRV; C:\WINDOWS\System32\drivers\IPMIDrv.sys [2014-03-06 79360]
S3 IPNAT;IP Network Address Translator; C:\WINDOWS\System32\drivers\ipnat.sys [2014-03-24 142848]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\WINDOWS\system32\drivers\irenum.sys [2013-08-22 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\WINDOWS\System32\drivers\msiscsi.sys [2014-04-06 275800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\modem.sys [2013-08-22 40960]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\WINDOWS\system32\drivers\mrxdav.sys [2014-03-06 140288]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\WINDOWS\system32\DRIVERS\bridge.sys [2013-08-22 115712]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator; C:\WINDOWS\System32\drivers\msgpiowin32.sys [2013-08-22 41824]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\WINDOWS\System32\drivers\mshidkmdf.sys [2013-08-22 8192]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\WINDOWS\System32\drivers\mshidumdf.sys [2013-08-22 9728]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\WINDOWS\system32\drivers\MSKSSRV.sys [2013-08-22 10624]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\WINDOWS\system32\DRIVERS\mslldp.sys [2013-08-22 66560]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\WINDOWS\system32\drivers\MSPCLOCK.sys [2013-08-22 7040]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\WINDOWS\system32\drivers\MSPQM.sys [2013-08-22 6784]
S3 MsRPC;MsRPC; C:\WINDOWS\system32\drivers\MsRPC.sys [2013-08-22 366432]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2013-08-22 7936]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\WINDOWS\System32\drivers\MTConfig.sys [2013-08-22 13312]
S3 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\WINDOWS\system32\DRIVERS\nwifi.sys [2014-03-19 443904]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\WINDOWS\system32\DRIVERS\ndiscap.sys [2013-08-22 43008]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys [2013-08-22 124928]
S3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2013-08-22 24576]
S3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2013-08-22 60416]
S3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
S3 NdisWanLegacy;@%systemroot%\system32\rascfg.dll,-32014; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2013-08-22 220672]
S3 NDProxy;NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2013-08-22 72192]
S3 netvsc;netvsc; C:\WINDOWS\system32\DRIVERS\netvsc63.sys [2013-08-22 87040]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\WINDOWS\System32\drivers\parport.sys [2013-08-22 94208]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\WINDOWS\System32\drivers\processr.sys [2013-08-22 92160]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\WINDOWS\system32\drivers\qwavedrv.sys [2013-08-22 47104]
S3 RasAcd;Remote Access Auto Connection Driver; C:\WINDOWS\System32\DRIVERS\rasacd.sys [2013-08-22 17408]
S3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2013-08-22 84992]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\WINDOWS\System32\drivers\rdpdr.sys [2013-11-14 195584]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\WINDOWS\System32\drivers\rdpvideominiport.sys [2013-11-14 27488]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2014-02-22 924504]
S3 s3cap;s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [2013-08-22 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\WINDOWS\System32\DRIVERS\scfilter.sys [2013-08-22 40960]
S3 sdbus;sdbus; C:\WINDOWS\System32\drivers\sdbus.sys [2014-02-22 236888]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\WINDOWS\System32\drivers\sdstor.sys [2014-02-22 79192]
S3 SerCx;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx.sys [2013-08-22 69472]
S3 SerCx2;Serial UART Support Library; C:\WINDOWS\system32\drivers\SerCx2.sys [2014-03-24 146776]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\WINDOWS\System32\drivers\serenum.sys [2013-08-22 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\WINDOWS\System32\drivers\serial.sys [2013-08-22 83456]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\WINDOWS\System32\drivers\sermouse.sys [2013-08-22 26112]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\WINDOWS\System32\drivers\sfloppy.sys [2013-08-22 17408]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\WINDOWS\system32\drivers\SpbCx.sys [2013-08-22 72032]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2014-03-31 2518360]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\WINDOWS\System32\drivers\terminpt.sys [2013-11-14 37216]
S3 TPM;@tpm.inf,%TPM%;TPM; C:\WINDOWS\system32\drivers\tpm.sys [2013-08-22 159584]
S3 TsUsbFlt;TsUsbFlt; C:\WINDOWS\system32\drivers\tsusbflt.sys [2013-08-22 56320]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\WINDOWS\System32\drivers\TsUsbGD.sys [2013-08-22 29696]
S3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunnel.sys [2013-08-22 154112]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\WINDOWS\System32\drivers\uaspstor.sys [2013-08-22 74080]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\WINDOWS\System32\drivers\usbcir.sys [2013-08-22 98304]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbohci.sys [2013-08-22 30208]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\WINDOWS\System32\drivers\usbprint.sys [2013-08-22 26112]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\drivers\usbuhci.sys [2013-08-22 34816]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\WINDOWS\system32\drivers\VerifierExt.sys [2013-11-14 175960]
S3 vhdmp;vhdmp; C:\WINDOWS\System32\drivers\vhdmp.sys [2014-01-29 551256]
S3 VMBusHID;VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [2013-08-22 21760]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\WINDOWS\System32\drivers\vpci.sys [2013-08-22 69472]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\WINDOWS\System32\drivers\vwifibus.sys [2013-08-22 24576]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\WINDOWS\System32\drivers\wacompen.sys [2013-08-22 26752]
S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\WINDOWS\system32\drivers\WdBoot.sys [2014-03-23 35856]
S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\WINDOWS\system32\drivers\WdFilter.sys [2014-03-23 257880]
S3 WdNisDrv;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370; C:\WINDOWS\system32\Drivers\WdNisDrv.sys [2014-03-23 123224]
S3 WIMMount;WIMMount; C:\WINDOWS\system32\drivers\wimmount.sys [2013-08-22 33632]
S3 wpcfltr;Family Safety Filter Driver; C:\WINDOWS\system32\DRIVERS\wpcfltr.sys [2014-02-22 54816]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\WINDOWS\system32\drivers\ws2ifsl.sys [2013-08-22 21504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 CrashPlanService;CrashPlan Backup Service; C:\Program Files\CrashPlan\CrashPlanService.exe [2014-02-19 223232]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 DcomLaunch;@combase.dll,-5012; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 EventSystem;@comres.dll,-2450; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 gpsvc;@gpapi.dll,-112; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-10-23 69368]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-05-15 127752]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-15 169432]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-15 366552]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 RpcSs;@combase.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\WINDOWS\System32\spoolsv.exe [2013-08-22 798208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2014-02-22 1403392]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 NcbService;@%SystemRoot%\system32\ncbservice.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
R3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 bzserv;Backblaze Service; C:\Program Files (x86)\Backblaze\bzserv.exe []
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\WINDOWS\system32\sppsvc.exe [2014-03-24 6353960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\WINDOWS\System32\alg.exe [2013-08-22 92672]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 AppReadiness;@%SystemRoot%\System32\AppReadiness.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 AppXSvc;@%SystemRoot%\system32\appxdeploymentserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 COMSysApp;@comres.dll,-947; C:\WINDOWS\system32\dllhost.exe [2013-08-22 19296]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\WINDOWS\System32\lsass.exe [2013-08-22 45008]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\WINDOWS\system32\fxssvc.exe [2013-08-22 655360]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\WINDOWS\system32\IEEtwCollector.exe [2014-04-13 111616]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 KeyIso;@keyiso.dll,-100; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
S3 KtmRm;@comres.dll,-2946; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 lfsvc;@%SystemRoot%\System32\GeofenceMonitorService.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 MSDTC;@comres.dll,-2797; C:\WINDOWS\System32\msdtc.exe [2013-08-22 142848]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\WINDOWS\system32\msiexec.exe [2013-08-22 62464]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\WINDOWS\system32\lsass.exe [2013-08-22 45008]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\WINDOWS\SysWow64\perfhost.exe [2013-08-22 21504]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 PrintNotify;@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\WINDOWS\system32\locator.exe [2013-08-22 10240]
S3 ScDeviceEnum;@%SystemRoot%\System32\ScDeviceEnum.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 smphost;@%SystemRoot%\System32\smphost.dll,-102; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\WINDOWS\System32\snmptrap.exe [2013-08-22 14848]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\WINDOWS\servicing\TrustedInstaller.exe [2014-02-22 99840]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\WINDOWS\system32\UI0Detect.exe [2013-08-22 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\WINDOWS\System32\vds.exe [2014-02-22 1283584]
S3 vmicguestinterface;@%systemroot%\system32\vmicres.dll,-801; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\WINDOWS\system32\vssvc.exe [2014-03-26 1436160]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\WINDOWS\system32\wbengine.exe [2014-02-22 1543680]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 WdNisSvc;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320; C:\Program Files\Windows Defender\NisSrv.exe [2014-03-23 347880]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 WEPHOSTSVC;@%systemroot%\system32\wephostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2014-03-23 23824]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\WINDOWS\system32\wbem\WmiApSrv.exe [2013-08-22 195072]
S3 workfolderssvc;@%systemroot%\system32\workfolderssvc.dll,-102; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-09 139856]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S4 RemoteRegistry;@regsvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]

-----------------EOF-----------------
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 6:07 pm

info.txt logfile of random's system information tool 1.09 2014-05-22 15:53:58

======Uninstall list======

-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5153DBF7-58C5-4C3F-A648-6EA91089F851}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C8C5569-AA0B-4FF2-8C14-AF066E3238FE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F56DD39D-DDE1-4B47-9193-25DC4BE298AA}\setup.exe" -l0x9
Adobe Bridge CC (64 Bit)-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{359F8007-6486-429C-A8C5-D67F6897C88C}"
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Flash Player 13 Plugin-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin
Adobe Photoshop CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}"
Adobe Photoshop Lightroom 5.4 64-bit-->MsiExec.exe /I{558B5965-CC1B-4AF1-BA07-5D6832404050}
Adobe Reader X (10.1.9) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
AI Suite II-->C:\ProgramData\ASUS\AI Suite II\Setup.exe
Alcor Micro USB Card Reader Driver -->C:\Program Files (x86)\InstallShield Installation Information\{5DA7ED45-2322-45AA-99B6-B8F94EBF859F}\Setup.exe
ASUS Ai Charger-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7FB64E72-9B0E-4460-A821-040C341E414A}\setup.exe" -l0x9
ASUS Easy Update 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E7AA854E-6756-424E-84C2-4E47D5729AFF}\Setup.exe" -l0x9
ASUS Music Maker-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{5E00D8DF-905B-41C7-B562-C126DE3A4167}\ASUS_Music_Maker_MX_setup.exe"
ASUS Music Maker-->MsiExec.exe /I{5E00D8DF-905B-41C7-B562-C126DE3A4167}
ASUS MX Suite-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{9204F334-2A46-49F1-89C4-65CEB7AC1974}\MX_Suite_asus_setup.exe"
ASUS MX Suite-->MsiExec.exe /I{9204F334-2A46-49F1-89C4-65CEB7AC1974}
ASUS Video easy-->"C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{7DB84618-76E3-4999-A9A0-D7D756E14129}\ASUS_Video_easy_setup.exe"
ASUS Video easy-->MsiExec.exe /I{7DB84618-76E3-4999-A9A0-D7D756E14129}
ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
Bitdefender Antivirus Free Edition-->C:\Program Files\Bitdefender\Antivirus Free Edition\install\Installer.exe
Canon IJ Network Scan Utility-->"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon MP560 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series /L0x0009
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CrashPlan-->MsiExec.exe /X{056FE336-5B2D-44A8-B013-EBF0343B0DC5}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
eManual-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}\Setup.exe" -l0x9
Firebird SQL Server - MAGIX Edition-->MsiExec.exe /X{6C5F8503-55D2-4398-858C-362B7A7AF51C}
Fotogalerie-->MsiExec.exe /X{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}
Galeria de Fotografias-->MsiExec.exe /X{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}
Galería de fotos-->MsiExec.exe /X{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}
Galerie de photos-->MsiExec.exe /X{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HitmanPro 3.7-->"C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{7629623D-F0D0-4AC6-A763-FBE06ED8288C}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{FA00A3CC-7440-4938-A271-F186F50DD40D}
Malwarebytes Anti-Malware version 2.0.1.1004-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Movie Maker-->MsiExec.exe /X{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}
Movie Maker-->MsiExec.exe /X{268F956D-2FE7-4D10-8070-A4AC3BEF54EF}
Movie Maker-->MsiExec.exe /X{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}
Movie Maker-->MsiExec.exe /X{45898170-E68C-4F02-AA35-C2186BF347A3}
Movie Maker-->MsiExec.exe /X{4FB56489-F34B-42AA-9437-FB9E0B0543F7}
Movie Maker-->MsiExec.exe /X{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}
Movie Maker-->MsiExec.exe /X{7693587D-5D66-4208-ABEA-C370217D1D9B}
Movie Maker-->MsiExec.exe /X{B1865FCC-BE34-4800-AF2F-FB0120821B6A}
Movie Maker-->MsiExec.exe /X{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}
Movie Maker-->MsiExec.exe /X{DE9C585C-8578-4A8A-B92A-BA8DF2540E21}
Movie Maker-->MsiExec.exe /X{E169436E-49D8-419B-A5C0-D245EAF99611}
Movie Maker-->MsiExec.exe /X{F25C8769-16B6-4B19-BB0B-76F213829AC6}
Mozilla Firefox 29.0.1 (x86 en-US)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
NVIDIA 3D Vision Controller Driver 335.21-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision Driver 335.23-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA GeForce Experience 1.8.2.1-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Graphics Driver 335.23-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA HD Audio Driver 1.3.30.1-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA PhysX System Software 9.13.1220-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Virtual Audio 1.2.20-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{323EEF8D-47A9-49F0-A7E6-1B80C97C9914}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
PDF Settings CC-->MsiExec.exe /I{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
Photo Common-->MsiExec.exe /X{0EB158FA-41B3-49CF-8AE5-6C6F470AD29D}
Photo Common-->MsiExec.exe /X{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}
Photo Common-->MsiExec.exe /X{26886AFE-394D-4875-827B-04379487921D}
Photo Common-->MsiExec.exe /X{49DC9658-D26A-4AAB-A83A-2655B8033056}
Photo Common-->MsiExec.exe /X{5A5B6AA4-8849-4038-9A8D-D7F9947EE8FE}
Photo Common-->MsiExec.exe /X{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}
Photo Common-->MsiExec.exe /X{722CD95C-98C7-4E73-925A-68D2D4F651A6}
Photo Common-->MsiExec.exe /X{780291FE-0D39-441E-BE3D-7A820951C3D4}
Photo Common-->MsiExec.exe /X{A52DB080-D445-49EB-90D2-03B9CD794511}
Photo Common-->MsiExec.exe /X{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}
Photo Common-->MsiExec.exe /X{F875E135-31C5-4C4D-929F-D49E6332E7F1}
Photo Gallery-->MsiExec.exe /X{0F929651-F516-4956-90F2-FFBD2CD5D30E}
Photo Gallery-->MsiExec.exe /X{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}
Photo Gallery-->MsiExec.exe /X{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}
Photo Gallery-->MsiExec.exe /X{C0018D63-C33C-4515-9CE8-3BC8830F79A1}
Raccolta foto-->MsiExec.exe /X{FA6BC7A5-85B3-4DC2-825C-D508E386151A}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
Why ASUS PC-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5648F9D9-299E-408C-AC1F-59DC75894A1F}\setup.exe" -l0x9
Windows Live Communications Platform-->MsiExec.exe /I{03D562B5-C4E2-4846-A920-33178788BE00}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{23B93929-FAD4-40E5-96C6-0E977BB87204}
Windows Live Essentials-->MsiExec.exe /I{3C60C40A-934A-4008-B68B-E70F58420AA1}
Windows Live Essentials-->MsiExec.exe /I{4224D19D-2E7D-4E90-97A4-20C654B28AB8}
Windows Live Essentials-->MsiExec.exe /I{5E094C92-6288-4F43-AA9A-D452D0218F3F}
Windows Live Essentials-->MsiExec.exe /I{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}
Windows Live Essentials-->MsiExec.exe /I{AA806DB1-E882-4834-8102-B5F256BE9A2F}
Windows Live Essentials-->MsiExec.exe /I{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}
Windows Live Essentials-->MsiExec.exe /I{FF2DE2F0-A25E-4AE6-A2E0-056665520F1C}
Windows Live Installer-->MsiExec.exe /I{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}
Windows Live Photo Common-->MsiExec.exe /X{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}
Windows Live PIMT Platform-->MsiExec.exe /I{E3445598-4424-4EE2-B71C-C23325F7FB71}
Windows Live SOXE Definitions-->MsiExec.exe /I{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}
Windows Live SOXE-->MsiExec.exe /I{6B6923B9-8719-425B-916C-CD2908F31AAF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{10640F6D-6AB0-401E-9FC6-A94D19C580BC}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{119A44B5-6237-4D56-8424-5DAE70ED3F4E}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{18C928E6-31F0-4DD5-BD4D-55FBCF599712}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2AC01935-3774-4981-98C8-14E93C14372C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3206854C-84DC-4BB0-9CDF-25BC3826810B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6BA68C11-0B63-4192-B880-0B5E3F7949F9}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{8DD7ECD5-FE54-4E15-B5AA-DA3F89CA439A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{ADEB1E6F-1C01-4EEB-A551-8E3F8CD2F35F}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{BDD0222F-D1C2-47DB-ABBE-62EB4F887A56}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}
Windows Live UX Platform-->MsiExec.exe /I{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}
Windows Live 程式集-->MsiExec.exe /I{B524274D-5B48-4DCC-8C1D-3D66A35B3685}
Windows Live 软件包-->MsiExec.exe /I{66500393-97E6-417B-93A7-43A6B7506E7F}
Windows Live-->MsiExec.exe /I{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}
Συλλογή φωτογραφιών-->MsiExec.exe /X{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}
影像中心-->MsiExec.exe /X{7DB15F28-5E38-476A-A773-EA07EAEAB1B3}
照片库-->MsiExec.exe /X{25716F85-7DB7-4CB4-8BD3-1992DBA3F59C}

======System event log======

Computer Name: FamilyPC
Event Code: 11
Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571 for more information.
Record Number: 5910
Source Name: Microsoft-Windows-Wininit
Time Written: 20140515142026.778600-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: FamilyPC
Event Code: 219
Message: The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{5da1dc61-b2d4-11e3-be73-806e6f6e6963}#0000000000100000.
Record Number: 5909
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20140515142023.262921-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: FamilyPC
Event Code: 219
Message: The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{d28fb47b-b308-11e3-be79-d850e6c581e7}#0000000000100000.
Record Number: 5907
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20140515142023.247294-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: FamilyPC
Event Code: 219
Message: The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{522b53c9-b380-11e3-be7b-d850e6c581e7}#0000000000007E00.
Record Number: 5905
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20140515142023.247294-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: FamilyPC
Event Code: 7023
Message: The Superfetch service terminated with the following error:
The service has not been started.
Record Number: 5865
Source Name: Service Control Manager
Time Written: 20140515141912.409276-000
Event Type: Error
User:

=====Application event log=====

Computer Name: FamilyPC
Event Code: 12294
Message: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007494023EF0).

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator
Record Number: 16150
Source Name: VSS
Time Written: 20140515145641.000000-000
Event Type: Error
User:

Computer Name: FamilyPC
Event Code: 12294
Message: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007494023C70).

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator
Record Number: 16149
Source Name: VSS
Time Written: 20140515145641.000000-000
Event Type: Error
User:

Computer Name: FamilyPC
Event Code: 12294
Message: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007494023C70).

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator
Record Number: 16148
Source Name: VSS
Time Written: 20140515145641.000000-000
Event Type: Error
User:

Computer Name: FamilyPC
Event Code: 12294
Message: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG. Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000007494023DB0).

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator
Record Number: 16147
Source Name: VSS
Time Written: 20140515145631.000000-000
Event Type: Error
User:

Computer Name: FamilyPC
Event Code: 1
Message:
Record Number: 16104
Source Name: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Time Written: 20140515141911.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: FamilyPC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 40379
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140515141856.573107-000
Event Type: Audit Success
User:

Computer Name: FamilyPC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: FAMILYPC$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x2fc
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 40378
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140515141856.573107-000
Event Type: Audit Success
User:

Computer Name: FamilyPC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 40377
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140515135029.819247-000
Event Type: Audit Success
User:

Computer Name: FamilyPC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: FAMILYPC$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x2fc
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 40376
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140515135029.819247-000
Event Type: Audit Success
User:

Computer Name: FamilyPC
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1667700695-4105642080-2727116873-1001
Account Name: DougWendy
Domain Name: FAMILYPC
Logon ID: 0x5843B
Record Number: 40375
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140515134703.323493-000
Event Type: Audit Success
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT

-----------------EOF-----------------
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 9:13 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 18:10 on 22/05/2014 by DougWendy
Administrator - Elevation successful

========== filefind ==========

Searching for "*Bandoo*"
No files found.

Searching for "*Community*"
C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialog.ini --a---- 7399 bytes [23:37 29/06/2011] [23:37 29/06/2011] 24093C4F701BFD18CE0A4A336192F078
C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialogDJTunes.ini --a---- 6073 bytes [19:58 20/05/2009] [19:58 20/05/2009] A0CCDC117B54BB95C1254A19A0F5258C
C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialogMySpace.ini --a---- 6111 bytes [21:20 25/05/2009] [21:20 25/05/2009] A17E9ECA2A9FC2ECCC0861E2F1A30F09
C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Video easy\Bitmaps\mxgui.4.0\CCommunityDialog.ini --a---- 7558 bytes [17:55 24/05/2011] [17:55 24/05/2011] EE58DA4494A1D48ACF8DD054869D7EB3

Searching for "*Conduit*"
No files found.

Searching for "*datamngr*"
C:\Users\DougWendy\AppData\Local\Temp\jrt\datamngr_del.reg --a---- 386 bytes [13:41 15/05/2014] [03:41 22/08/2013] 95F42A3D43416D3BB978F174C83F494C

Searching for "*Fun4IM*"
No files found.

Searching for "*iLivid*"
No files found.

Searching for "*IObit*"
No files found.

Searching for "*Iminent*"
No files found.

Searching for "*openoffice*"
C:\Users\DougWendy\AppData\Local\Temp\OpenOffice 4.0.1 (en-US) Installation Files\openoffice1.cab --a---- 133195912 bytes [12:15 20/09/2013] [12:15 20/09/2013] 4F44E3B75721E4AD874842E90A6AEA7A
C:\Users\DougWendy\AppData\Local\Temp\OpenOffice 4.0.1 (en-US) Installation Files\openoffice401.msi --a---- 2260992 bytes [12:13 20/09/2013] [12:13 20/09/2013] A4418B89EFEA2F964715827EB4C35ED5
C:\Users\DougWendy\Desktop\OpenOffice 4.1.0 (en-US) Installation Files\openoffice1.cab --a---- 130633141 bytes [12:10 22/04/2014] [12:10 22/04/2014] 5D1ADD3E03C9FE53C357E12C21AFEE19
C:\Users\DougWendy\Desktop\OpenOffice 4.1.0 (en-US) Installation Files\openoffice410.msi --a---- 2310144 bytes [12:08 22/04/2014] [12:08 22/04/2014] F400FC7E88D52EC14CC3B974C1498536

Searching for "*open office*"
C:\Users\DougWendy\AppData\Local\Temp\is-BFS97.tmp\Open OfficeSetup.tmp --a---- 9603 bytes [15:42 13/05/2014] [15:42 13/05/2014] 84B8C0D22627BF800ECAFF5ED00D8870
C:\Windows\Prefetch\OPEN OFFICESETUP.EXE-E1222B6F.pf --a---- 194298 bytes [15:40 13/05/2014] [15:40 13/05/2014] 2D95C34A914102CD8B3BD57459E05D74

Searching for "*Searchqu*"
C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.258_x64__8wekyb3d8bbwe\AppCode\Data\SearchQueryData.js --a---- 9916 bytes [03:57 24/03/2014] [03:57 24/03/2014] B90DD5422A079D50B5F111C7328D3B65

Searching for "*Searchnu*"
No files found.

Searching for "*Tarma*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*vshare*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*Yontoo*"
No files found.

========== folderfind ==========

Searching for "*Bandoo*"
No folders found.

Searching for "*Community*"
No folders found.

Searching for "*Conduit*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*Fun4IM*"
No folders found.

Searching for "*iLivid*"
No folders found.

Searching for "*IObit*"
No folders found.

Searching for "*Iminent*"
No folders found.

Searching for "*openoffice*"
C:\Users\DougWendy\AppData\Local\Temp\OpenOffice 4.0.1 (en-US) Installation Files d------ [15:41 13/05/2014]
C:\Users\DougWendy\AppData\Roaming\OpenOffice d------ [15:44 13/05/2014]
C:\Users\DougWendy\Desktop\OpenOffice 4.1.0 (en-US) Installation Files d------ [12:23 16/05/2014]

Searching for "*open office*"
C:\AdwCleaner\Quarantine\C\Users\DougWendy\AppData\Roaming\1H1Q\Open Office Packages d------ [13:35 15/05/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Open OfficeSetup_c24fa7b682c953446b422e35b765a756a5c6f6ba_63c4dd0f_171c4043 d----c- [15:42 13/05/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_Open OfficeSetup_c24fa7b682c953446b422e35b765a756a5c6f6ba_63c4dd0f_171c4043 d----c- [15:42 13/05/2014]

Searching for "*Searchqu*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Tarma*"
No folders found.

Searching for "*trolltech*"
No folders found.

Searching for "*vshare*"
No folders found.

Searching for "*whitesmoke*"
No folders found.

Searching for "*Yontoo*"
No folders found.

========== Regfind ==========

Searching for "Bandoo"
No data found.

Searching for "Community"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1372A97E-2034-41ee-A6C1-1B68FAFA75A1}]
@="CLSID_ICommunityTransport"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1372A97E-2034-41ee-A6C1-1B68FAFA75A1}]
@="CLSID_ICommunityTransport"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E4FD851CD068693E894FD4419538D25]
"FD8D00E5B5097C145B261C62EDA31476"="C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialogMySpace.ini"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8A42FB28C00BDB03C9D95627107277D4]
"81648BD73E6799949A0A7D7D651E1492"="C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Video easy\Bitmaps\mxgui.4.0\CCommunityDialog.ini"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9FD56E103B08CEA358AA8A75CDF843E2]
"FD8D00E5B5097C145B261C62EDA31476"="C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialog.ini"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B951ED58FA921D039A5D1B02A7E1A42A]
"FD8D00E5B5097C145B261C62EDA31476"="C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS Music Maker\Bitmaps\mxgui.4.0\CCommunityDialogDJTunes.ini"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{1372A97E-2034-41ee-A6C1-1B68FAFA75A1}]
@="CLSID_ICommunityTransport"

Searching for "Conduit"
No data found.

Searching for "datamngr"
No data found.

Searching for "Fun4IM"
No data found.

Searching for "iLivid"
No data found.

Searching for "IObit"
No data found.

Searching for "Iminent"
No data found.

Searching for "Searchqu"
[HKEY_CURRENT_USER\Software\Classes\ActivatableClasses\CLSID\{DECACE56-2857-59A8-B3BA-79C3DF0F359B}]
"ActivatableClassId"="AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery"
[HKEY_CURRENT_USER\Software\Classes\ActivatableClasses\Package\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\ActivatableClassId\AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9f41624-2083-45cd-ac36-af8119a22a41}]
@="CLocationSearchQuery"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Search.SearchQueryLinguisticDetails]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{1E041E06-E1C5-4B7B-ADD3-20E32D155C2E}]
"ActivatableClassId"="Windows.ApplicationModel.Search.SearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Search.SearchQueryLinguisticDetails]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\CLSID\{1E041E06-E1C5-4B7B-ADD3-20E32D155C2E}]
"ActivatableClassId"="Windows.ApplicationModel.Search.SearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{46A1205B-69C9-4745-B72F-A8A4FC8F24AE}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetails"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{69563521-C154-4B45-B884-035872E3F96A}]
@="ISearchQueryCondition"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{CAC6C3B8-3C64-4DFD-AD9F-479E4D4065A4}]
@="__x_Windows_CApplicationModel_CSearch_CISearchQueryLinguisticDetailsFactory"
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Classes\ActivatableClasses\CLSID\{DECACE56-2857-59A8-B3BA-79C3DF0F359B}]
"ActivatableClassId"="AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery"
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Classes\ActivatableClasses\Package\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\ActivatableClassId\AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery]
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001_Classes\ActivatableClasses\CLSID\{DECACE56-2857-59A8-B3BA-79C3DF0F359B}]
"ActivatableClassId"="AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery"
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001_Classes\ActivatableClasses\Package\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\ActivatableClassId\AppEx.Sports.Services.TypeDefs.Request.AppSearchQuery]

Searching for "Searchnu"
No data found.

Searching for "Tarma"
[HKEY_CURRENT_USER\Software\Classes\ActivatableClasses\CLSID\{153080DD-A137-52D2-9BA5-551FED59F404}]
"ActivatableClassId"="LibWrap.AvatarManager"
[HKEY_CURRENT_USER\Software\Classes\ActivatableClasses\Package\Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c\ActivatableClassId\LibWrap.AvatarManager]
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Classes\ActivatableClasses\CLSID\{153080DD-A137-52D2-9BA5-551FED59F404}]
"ActivatableClassId"="LibWrap.AvatarManager"
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Classes\ActivatableClasses\Package\Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c\ActivatableClassId\LibWrap.AvatarManager]
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001_Classes\ActivatableClasses\CLSID\{153080DD-A137-52D2-9BA5-551FED59F404}]
"ActivatableClassId"="LibWrap.AvatarManager"
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001_Classes\ActivatableClasses\Package\Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c\ActivatableClassId\LibWrap.AvatarManager]

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Trolltech]
[HKEY_USERS\S-1-5-21-1667700695-4105642080-2727116873-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

Searching for "vshare"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "Yontoo"
No data found.

-= EOF =-
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby DougSr » May 22nd, 2014, 9:16 pm

As requested, I will let you know, this will be the last time I have access to this computer until Saturday evening. I will be in Shippensberg Pa for the PIAA State Track Finals. I will respond to your next post as soon as I return home from there. I thank you and apologize for the misunderstanding earlier.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby wannabeageek » May 22nd, 2014, 10:47 pm

Ok DougSr. I should have something for you by then.

I will make sure the thread stays open for you.

Have a safe trip and we will see you back here Saturday.

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Popups in Windows 8.1

Unread postby DougSr » May 24th, 2014, 9:09 pm

Back and ready to work on cleaning this bad boy up. Sorry for the absence. I am sure someone kept you all occupied in my absence
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby wannabeageek » May 25th, 2014, 8:38 pm

Hi DougSr,

This entry that is being displayed by Malwarebytes is a setting in the Preferences file of Google Chrome. The only way to remove the entry would be to either delete the file or open the browser settings and remove the entry from the settings page.
PUP.Optional.Conduit.A, C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.air1.com/", "http://www.google.com", "http://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP56641997-1825-47B8-B06F-13601646BDED&SSPV=" ],), ,[709e5df7f08b92a4f961d9a740c4d828]

It may work in the following fashion:
  1. Open Chrome.
  2. Click on the "3-bar" symbol in the top right corner of the page next to the STAR.
  3. Scroll down to "Settings" and click on Settings. A new tabbed page will open displaying settings
  4. Under the "On startup" paragraph, (2nd from the top), there are 3 radio buttons shown below:

    • Open the New Tab page
    • Continue where you left off
    • Open a specific page or set of pages. Set pages <<< CLICK THIS - A Window will open displaying page links
  5. Scroll down/Mouse over to this entry in the list of URL links listed:
    "http://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP56641997-1825-47B8-B06F-13601646BDED&SSPV="
  6. Click on the "X" at the end of the entry - this should remove the entry.
  7. Click on the "OK" button.
  8. Close completely Chrome and then re-open Chrome. The search.conduit page should no longer appear on start up of Chrome.

    This should also cause Malwarebytes to stop flagging the entry. A quick scan or normal auto-scan will verify this.

The rest of the logs look free of malware.

Post back with a Malwarebytes scan after applying the fix, please.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Popups in Windows 8.1

Unread postby DougSr » May 26th, 2014, 1:17 am

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/26/2014
Scan Time: 1:09:52 AM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.25.08
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: DougWendy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 277306
Time Elapsed: 16 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Looks good to me, any ideas where I can get open office without it being loaded with Malware? Also may I assume that I can now remove all the programs I have downloaded to diagnose this? Thanks for the assistance, you all are great folks.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Popups in Windows 8.1

Unread postby wannabeageek » May 27th, 2014, 11:04 pm

Hi DougSr,

Looks good to me, any ideas where I can get open office without it being loaded with Malware?
You should be able to download it from this site:https://www.openoffice.org/download/index.html

The text you see below is the light green top color bar on the page. I used this link to download and install Open Office without malware. It will take you to the "mirror site":Sourceforge.net.
Download Apache OpenOffice 4.1.0
Click here to download (hosted by Sourceforge.net) for:
Windows (EXE) and English (US) | ~134 MByte | Released: 2014-Apr-29


Also may I assume that I can now remove all the programs I have downloaded to diagnose this?
I apologize for the delay on this one as I need to check up on a windows 8.1 compatible program. It may take a day or two more.

Thanks for the assistance, you all are great folks.
Thank you very much as we aim to please.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 13 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware