1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Malwarebytes Anti-Malware stopped working

Discussion in 'Malware and Virus Removal Archive' started by rwirsig, 2014/04/12.

Page 3 of 4
  1. 2014/04/22
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    I installed 7-zip. Rt clicked on uiclean/7-zip/extract here got uninstall page ---tried to use it on Snap do. Got error message "the feature you are trying to use is on a network resource that is unavailable.
    Repeated the rt click etc got Windows Install error message: Installer.msi cannot be found. Varify that you have access.......
     
    rwirsig,
    #41
  2. 2014/04/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're not following...
    When you extract "uiclean.rar" in the very same location you should see UIClean.exe file.
    You don't go to any uninstall page.

    Double click on UIClean.exe to run the tool.
    Click on leftover entry (you should see Snapdo stuff in the list) and click Delete button.
     
    broni,
    #42


  3. to hide this advert.

  4. 2014/04/25
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    My basic problem in running 7-zip is that I can't find all programs on this windows 8 computer. By going to uninstall I see that I installed 7-zip some days ago but it is not on my desktop and I can't see it in all programs to open it. In googling the problem I find many others have the same problem and the solution is far from clear---from one user see the response below which I fully identify with. Can you help with this?

    I dont get it the MSN business model. I have been using Windows 7 Pro. My laptop broke down and I decided to buy a new one. All computers are offered with Windows 8. I spend a great deal of time just to go to all programs and still unsuccessful. Why would a company as big as microsoft want to punish all their customers for not buying an apple computer. I am so sorry I did not and not sure if I am going to be able to use this software. is there a way to downgrade to windows 7

    all what I wanted to do is go to all programs, accessories and remote desktop connection to connect to my office computer and I feel like i need to take a course. I am sure MSN has a grand plan for punishing the customer in the short term and I am not sure If it makes any business sense
     
    rwirsig,
    #43
  5. 2014/04/25
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'm afraid you're not reading my replies carefully.
    You do NOT open 7-zip. 7-zip option appears under right click menu.

    After downloading "uiclean.rar" right click on that file and...

    [​IMG]

    After extracting the above you'll see UIClean.exe file.
    Double click on UIClean.exe to run the tool.
    Click on leftover entry (you should see Snapdo stuff in the list) and click Delete button.
     
    broni,
    #44
  6. 2014/04/26
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    Yes, I am not following perhaps because I don't seem to see the things you are describing.
    After finding my way to my downloads where I had multiple copies of uiclean.rar and one copy of UIClean Application, I have now completed the following:
    -uiclean.rar/rt cl/confirm file replace box/then what?
    -UIClean appln (578KB)/rt cl/7 zip/extract here/ extract box/then what?
    -UIClean appln (578KB)/double cl/uninstall cleaner box/select Snap.do.delete/success.
    However Snap.do Engine is not in this box but is still in the computer Uninstall Program List. Perhaps I should just forget it.
    But I still need help to find the all programs list. please.
     
    rwirsig,
    #45
  7. 2014/04/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    64-bit users go HERE
    • Double-click SystemLook.exe to run it.
    • Vista users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box and paste it into the main textfield:
    Code:
    :reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /s
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    NOTE. The above log may be fairly long so you may want to attach it.
     
    broni,
    #46
  8. 2014/04/26
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    Click the Look button/system error----script required
     
    rwirsig,
    #47
  9. 2014/04/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You didn't paste my script then.
    Re-read my instructions.

     
    broni,
    #48
  10. 2014/04/26
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    SystemLook 30.07.11 by jpshortstuff
    Log created at 17:27 on 26/04/2014 by KEW
    Administrator - Elevation successful

    No Context: Code:

    ========== reg ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5]
    "DisplayName "= "Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) "
    "DisplayVersion "= "01/10/2013 1.0.0.170 "
    "Publisher "= "ASUS "
    "UninstallString "= "C:\PROGRA~1\DIFX\0AA3FA~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_536dba63d5fddbba\asustp.inf "
    "DisplayIcon "= "C:\PROGRA~1\DIFX\0AA3FA~1\dpinst.exe,0 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager]
    "SystemComponent "= 0x0000000001 (1)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Mouse and Keyboard Center]
    "DisplayIcon "= "C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe "
    "DisplayName "= "Microsoft Mouse and Keyboard Center "
    "DisplayVersion "= "2.2.173.0 "
    "HelpLink "= "http://www.microsoft.com/hardware/redirector/?/support "
    "InstallLocation "= "C:\Program Files\Microsoft Mouse and Keyboard Center\ "
    "NoModify "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "UninstallPath "= "C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe "
    "UninstallString "= "C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe /uninstall "
    "URLUpdateInfo "= "http://www.microsoft.com/hardware/redirector/?/downloads "
    "URLInfoAbout "= "http://support.microsoft.com/ph/7746 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Temp File Cleaner]
    "DisplayName "= "Temp File Cleaner "
    "Publisher "= "Addpcs, LLC "
    "DisplayVersion "= "4.3.0 "
    "URLInfoAbout "= "http://software.addpcs.com/tfc/ "
    "HelpLink "= "http://contact.addpcs.com/ "
    "DisplayIcon "=" "C:\Program Files\Temp File Cleaner\TempFileCleaner.exe" "
    "UninstallString "=" "C:\Program Files\Temp File Cleaner\Uninstall.exe" "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC]
    "NoRemove "= 0x0000000001 (1)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "ASUS "
    "DisplayVersion "= "1.0.1 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20130607 "
    "InstallLocation "=" "
    "InstallSource "= "C:\eSupport\eDriver\Software\ASUS\ASUS_Screen_Saver\Win7_64_Win8_64_1.0.1\ "
    "ModifyPath "= "MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2} "
    "Publisher "= "ASUS "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000000028 (40)
    "UninstallString "= "MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000001 (1)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0001000001 (16777217)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "ASUS Screen Saver "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
    "AuthorizedCDFPrefix "=" "
    "Comments "= "Caution. Removing this product might prevent some applications from running. "
    "Contact "=" "
    "DisplayVersion "= "10.0.40219 "
    "HelpLink "= "http://go.microsoft.com/fwlink/?LinkId=146008 "
    "HelpTelephone "=" "
    "InstallDate "= "20130607 "
    "InstallLocation "=" "
    "InstallSource "= "d:\3a557ac808c9f8379ce60f\ "
    "ModifyPath "= "MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} "
    "NoModify "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000003777 (14199)
    "UninstallString "= "MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x000000000a (10)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x000a009d1b (167812379)
    "Language "= 0x0000000000 (0)
    "DisplayName "= "Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0920-000001000000}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "9.20.00.0 "
    "HelpLink "= "http://www.7-zip.org/support.html "
    "HelpTelephone "=" "
    "InstallDate "= "20140422 "
    "InstallLocation "=" "
    "InstallSource "= "C:\Users\KEW\Downloads\ "
    "ModifyPath "= "MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000} "
    "Publisher "= "Igor Pavlov "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000001221 (4641)
    "UninstallString "= "MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000} "
    "URLInfoAbout "= "http://www.7-zip.org/ "
    "URLUpdateInfo "= "http://www.7-zip.org/download.html "
    "VersionMajor "= 0x0000000009 (9)
    "VersionMinor "= 0x0000000014 (20)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0009140000 (152305664)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "7-Zip 9.20 (x64 edition) "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "9.0.30729.6161 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20130907 "
    "InstallLocation "=" "
    "InstallSource "= "d:\bdc7f0f2b71cc4f582b9562c6431\ "
    "ModifyPath "= "MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} "
    "NoModify "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x00000034dc (13532)
    "UninstallString "= "MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000009 (9)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0009007809 (151025673)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "AppleCare Support "
    "DisplayVersion "= "3.0.0.10 "
    "HelpLink "= "http://www.apple.com/support/ "
    "HelpTelephone "= "1-800-275-2273 "
    "InstallDate "= "20131112 "
    "InstallLocation "= "C:\Program Files (x86)\Bonjour\ "
    "InstallSource "= "C:\Users\KEW\AppData\Local\Temp\IXP921.TMP\ "
    "ModifyPath "= "MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} "
    "NoModify "= 0x0000000001 (1)
    "Publisher "= "Apple Inc. "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000000804 (2052)
    "UninstallString "= "MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} "
    "URLInfoAbout "= "http://www.apple.com "
    "URLUpdateInfo "= "http://www.apple.com/ "
    "VersionMajor "= 0x0000000003 (3)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0003000000 (50331648)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Bonjour "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{787136D2-F0F8-4625-AA3F-72D7795AC842}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "AppleCare Support "
    "DisplayVersion "= "7.1.1.3 "
    "HelpLink "= "http://www.apple.com/support/ "
    "HelpTelephone "= "1-800-275-2273 "
    "InstallDate "= "20140401 "
    "InstallLocation "= "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ "
    "InstallSource "= "C:\Users\KEW\AppData\Local\Apple\Apple Software Update\ "
    "ModifyPath "= "MsiExec.exe /I{787136D2-F0F8-4625-AA3F-72D7795AC842} "
    "Publisher "= "Apple Inc. "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x000000555e (21854)
    "UninstallString "= "MsiExec.exe /I{787136D2-F0F8-4625-AA3F-72D7795AC842} "
    "URLInfoAbout "= "http://www.apple.com "
    "URLUpdateInfo "= "http://www.apple.com/ "
    "VersionMajor "= 0x0000000007 (7)
    "VersionMinor "= 0x0000000001 (1)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0007010001 (117506049)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Apple Mobile Device Support "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81E20D41-C277-4526-934D-F2380AF91B78}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "AppleCare Support "
    "DisplayVersion "= "3.1.0.40 "
    "HelpLink "= "http://www.apple.com/support/ "
    "HelpTelephone "= "1-800-275-2273 "
    "InstallDate "= "20131217 "
    "InstallLocation "= "C:\Program Files (x86)\Common Files\Apple\Internet Services\ "
    "InstallSource "= "C:\Users\KEW\AppData\Local\Apple\Apple Software Update\ "
    "NoRemove "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Apple Inc. "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000027379 (160633)
    "URLInfoAbout "= "http://www.apple.com "
    "URLUpdateInfo "= "http://www.apple.com/ "
    "VersionMajor "= 0x0000000003 (3)
    "VersionMinor "= 0x0000000001 (1)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0003010000 (50397184)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "iCloud "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "9.0.30729 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20131112 "
    "InstallLocation "=" "
    "InstallSource "= "d:\ba76980ef131747385fd44\ "
    "ModifyPath "= "MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} "
    "NoModify "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x00000031d8 (12760)
    "UninstallString "= "MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000009 (9)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0009007809 (151025673)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00B9-0409-1000-0000000FF1CE}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "12.0.6015.5000 "
    "HelpLink "= "http://support.microsoft.com "
    "HelpTelephone "=" "
    "InstallDate "= "20121127 "
    "InstallLocation "=" "
    "InstallSource "= "C:\Program Files (x86)\Common Files\Windows Live\.cache\ce80224c1cdcccc09\ "
    "NoModify "= 0x0000000001 (1)
    "NoRemove "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x00000012d0 (4816)
    "SystemComponent "= 0x0000000001 (1)
    "URLInfoAbout "= "http://support.microsoft.com "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x000000000c (12)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x000c00177f (201332607)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Microsoft Application Error Reporting "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "ASUS "
    "DisplayVersion "= "2.0.4 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20130607 "
    "InstallLocation "=" "
    "InstallSource "= "C:\eSupport\eDriver\Software\ASUS\Power4Gear_Hybrid\Vista32_Vista64_Win8_32_Win8_64_2.0.4\data64\ "
    "ModifyPath "= "MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA} "
    "Publisher "= "ASUS "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000002064 (8292)
    "UninstallString "= "MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000002 (2)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0002000004 (33554436)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "ASUS Power4Gear Hybrid "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "AppleCare Support "
    "DisplayVersion "= "11.1.5.5 "
    "HelpLink "= "http://www.apple.com/support/ "
    "HelpTelephone "= "1-800-275-2273 "
    "InstallDate "= "20140401 "
    "InstallLocation "= "C:\Program Files (x86)\iTunes\ "
    "InstallSource "= "C:\Users\KEW\AppData\Local\Apple\Apple Software Update\ "
    "ModifyPath "= "MsiExec.exe /I{B8BA155B-1E75-405F-9CB4-8A99615D09DC} "
    "Publisher "= "Apple Inc. "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x00000363c4 (222148)
    "UninstallString "= "MsiExec.exe /I{B8BA155B-1E75-405F-9CB4-8A99615D09DC} "
    "URLInfoAbout "= "http://www.apple.com/ "
    "URLUpdateInfo "= "http://www.apple.com/itunes/ "
    "VersionMajor "= 0x000000000b (11)
    "VersionMinor "= 0x0000000001 (1)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x000b010005 (184614917)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "iTunes "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "2.2.173.0 "
    "HelpLink "= "http://www.microsoft.com/hardware/redirector/?/support "
    "HelpTelephone "=" "
    "InstallDate "= "20131115 "
    "InstallLocation "=" "
    "InstallSource "= "d:\4dbea2c57fe5f2ffc32c109ea4ec\MouseKeyboardCenter\setup64\ "
    "NoRemove "= 0x0000000001 (1)
    "NoRepair "= 0x0000000001 (1)
    "Publisher "= "Microsoft Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000015937 (88375)
    "SystemComponent "= 0x0000000001 (1)
    "URLInfoAbout "= "http://support.microsoft.com/ph/7746 "
    "URLUpdateInfo "= "http://www.microsoft.com/hardware/redirector/?/downloads "
    "VersionMajor "= 0x0000000002 (2)
    "VersionMinor "= 0x0000000002 (2)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x00020200ad (33685677)
    "Language "= 0x0000000000 (0)
    "DisplayName "= "Microsoft Mouse and Keyboard Center "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "16.4.1109.0912 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20121127 "
    "InstallLocation "=" "
    "InstallSource "= "C:\Program Files (x86)\Common Files\Windows Live\.cache\cda443101cdcccc07\ "
    "ModifyPath "= "MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77} "
    "Publisher "= "Microsoft "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000000828 (2088)
    "SystemComponent "= 0x0000000001 (1)
    "UninstallString "= "MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000010 (16)
    "VersionMinor "= 0x0000000004 (4)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0010040455 (268698709)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "MSVCRT110_amd64 "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EF79C448-6946-4D71-8134-03407888C054}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "= "McAfee "
    "DisplayVersion "= "10.0.0 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20121127 "
    "InstallLocation "=" "
    "ModifyPath "= "MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} "
    "Publisher "= "McAfee "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000000b20 (2848)
    "UninstallString "= "MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x000000000a (10)
    "VersionMinor "= 0x0000000000 (0)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x000a000000 (167772160)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Shared C Run-time for x64 "
    "InstallSource "= "C:\PROGRA~2\McAfee\Temp\qxzE93E\ "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}]
    "AuthorizedCDFPrefix "=" "
    "Comments "=" "
    "Contact "=" "
    "DisplayVersion "= "1.24.388.1 "
    "HelpLink "=" "
    "HelpTelephone "=" "
    "InstallDate "= "20130607 "
    "InstallLocation "=" "
    "InstallSource "= "C:\Windows\Temp\IIF2\IUS\ "
    "ModifyPath "= "MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} "
    "Publisher "= "Intel Corporation "
    "Readme "=" "
    "Size "=" "
    "EstimatedSize "= 0x0000002b0d (11021)
    "SystemComponent "= 0x0000000001 (1)
    "UninstallString "= "MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} "
    "URLInfoAbout "=" "
    "URLUpdateInfo "=" "
    "VersionMajor "= 0x0000000001 (1)
    "VersionMinor "= 0x0000000018 (24)
    "WindowsInstaller "= 0x0000000001 (1)
    "Version "= 0x0001180184 (18350468)
    "Language "= 0x0000000409 (1033)
    "DisplayName "= "Intel® Trusted Connect Service Client "


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    (No values found)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AffiliatedUpdate]
    "DisplayIcon "= "C:\Users\KEW\AppData\Roaming\AffiliatedUpdate\UpdateProc\UpdateTask.exe "
    "DisplayName "= "Extended Update "
    "UninstallString "= "C:\Users\KEW\AppData\Roaming\AffiliatedUpdate\UpdateProc\UpdateTask.exe /Uninstall "

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CHCT3306060]
    "EstimatedSize "= 0x00000022a3 (8867)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
    (No values found)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint]
    "DisplayName "= "VisualBee for Microsoft PowerPoint "
    "UninstallString "= "C:\Users\KEW\AppData\Local\VisualBeeExe\uninst.exe "
    "DisplayIcon "= "C:\Users\KEW\AppData\Local\VisualBeeExe\uninst.exe "
    "DisplayVersion "= "V3.9 "
    "URLInfoAbout "= "http://www.visualbee.com "
    "Publisher "= "VisualBee.com "

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d4c7ef13-32c8-42fb-a387-fa6a07c5de9f}]
    "DisplayName "= "Snap.Do Engine "
    "Publisher "= "ReSoft Ltd. "
    "DisplayVersion "= "1.167.1.12640 "
    "DisplayIcon "= "C:\Users\KEW\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico "
    "UninstallString "= "MsiExec.exe /X{76D809C3-5493-44C2-80AF-E5DF1690A74F} /quiet ENGINE=1 "


    -= EOF =-
     
    rwirsig,
    #49
  11. 2014/04/29
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Download BlitzBlank and save it to your desktop.
    Double click on Blitzblank.exe

    • Click OK at the warning.
    • Click the Script tab and copy/paste the following text there:
    Code:
    DeleteRegKey:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d4c7ef13-32c8-42fb-a387-fa6a07c5de9f}
    • Click Execute Now. Your computer will need to reboot in order to replace the files.
    • When done, post the report created by Blitzblank.
      You can find it in the root of the drive, normally C:\

    When done see if the listing is gone.
     
    broni,
    #50
  12. 2014/04/29
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    Snap.do Engine is still in the uninstall list

    BlitzBlank 1.0.0.32

    File/Registry Modification Engine native application
    DeleteRegistryKeyOnReboot: keyName = "\Registry\Machine\hkey_current_user\software\microsoft\windows\currentversion\uninstall\{d4c7ef13-32c8-42fb-a387-fa6a07c5de9f} ", backupFile = "(null) ", replaceWithDummy = 0
    DeleteRegistryKeyByDriver: keyName = "\Registry\Machine\hkey_current_user\software\microsoft\windows\currentversion\uninstall\{d4c7ef13-32c8-42fb-a387-fa6a07c5de9f} ", backupFile = "(null) ", replaceWithDummy = 0
    OpenDriver: ZwLoadDriver(\Registry\Machine\System\CurrentControlSet\Services\blzblk) failed: status = c0000428
    DeleteRegistryKeyByDriver: OpenDriver failed: status = c0000428
    DeleteRegistryKeyOnReboot: DeleteRegistryKeyByDriver failed: status = c0000428
     
    rwirsig,
    #51
  13. 2014/04/29
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Key removal failed.

    Repeat the procedure but this time right click on Blitzblank.exe and click "Run As Administrator ".
     
    broni,
    #52
  14. 2014/05/04
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Still with me?
     
    broni,
    #53
  15. 2014/05/04
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    Yes I am. I thought I had completed your last instruction as you requested including the report created by Blitzblank and waiting for the next instruction.
     
    rwirsig,
    #54
  16. 2014/05/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I wrote...
     
    broni,
    #55
  17. 2014/05/05
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    I have tried several times to download Blitzblank and run it as administrator (it goes to my downloads---don't have to option to save it to the desktop) including after a reboot. In all cases I get the error: "Failed to execute, please make sure the application was started as an administrator ".
     
    rwirsig,
    #56
  18. 2014/05/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Let's use FRST to remove that key...

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

    broni,
    #57
  19. 2014/05/06
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2014
    Ran by KEW at 2014-05-06 07:20:20 Run:1
    Running from C:\Users\KEW\Downloads
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d4c7ef13-32c8-42fb-a387-fa6a07c5de9f}
    *****************


    ==== End of Fixlog ====
     
    rwirsig,
    #58
  20. 2014/05/06
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    broni,
    #59
  21. 2014/05/06
    rwirsig Lifetime Subscription

    rwirsig Well-Known Member Thread Starter

    Joined:
    2013/08/09
    Messages:
    174
    Likes Received:
    0
    OTL logfile created on: 2014-05-06 8:53:08 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KEW\Downloads
    64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17031)
    Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

    3.89 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.45% Memory free
    4.58 Gb Paging File | 2.32 Gb Available in Paging File | 50.60% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 185.96 Gb Total Space | 148.86 Gb Free Space | 80.05% Space Free | Partition Type: NTFS
    Drive D: | 258.15 Gb Total Space | 258.02 Gb Free Space | 99.95% Space Free | Partition Type: NTFS

    Computer Name: KEW_PC | User Name: KEW | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014-05-06 20:51:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KEW\Downloads\OTL.exe
    PRC - [2014-04-23 20:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    PRC - [2013-12-21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013-12-06 10:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
    PRC - [2013-12-06 10:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
    PRC - [2013-04-16 20:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    PRC - [2013-03-20 12:53:42 | 001,602,368 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    PRC - [2013-02-26 14:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    PRC - [2013-01-15 19:20:58 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    PRC - [2013-01-15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    PRC - [2013-01-11 18:57:24 | 000,328,504 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    PRC - [2012-11-28 20:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    PRC - [2012-10-17 22:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    PRC - [2012-09-18 15:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    PRC - [2012-08-31 22:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
    PRC - [2012-07-17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2012-07-17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2012-06-27 15:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    PRC - [2012-06-25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2012-05-28 13:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    PRC - [2012-04-13 13:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
    PRC - [2011-11-21 17:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014-04-30 08:57:39 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
    MOD - [2014-04-30 08:57:32 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll
    MOD - [2014-04-30 08:57:29 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll
    MOD - [2014-04-30 08:56:28 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll
    MOD - [2014-04-30 08:56:13 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
    MOD - [2014-04-30 08:56:12 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll
    MOD - [2014-04-30 08:56:10 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll
    MOD - [2014-04-30 08:55:48 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll
    MOD - [2014-04-30 08:55:35 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll
    MOD - [2014-04-30 08:54:46 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
    MOD - [2014-04-23 20:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
    MOD - [2014-04-23 20:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
    MOD - [2014-04-23 20:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
    MOD - [2014-04-23 20:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
    MOD - [2014-04-23 20:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
    MOD - [2014-04-23 20:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
    MOD - [2014-01-27 07:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014-04-29 08:20:52 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014-03-08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
    SRV:64bit: - [2014-03-06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
    SRV:64bit: - [2014-03-06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
    SRV:64bit: - [2014-02-22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
    SRV:64bit: - [2014-02-22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
    SRV:64bit: - [2014-02-22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
    SRV:64bit: - [2014-02-22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
    SRV:64bit: - [2014-02-22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
    SRV:64bit: - [2014-02-22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
    SRV:64bit: - [2014-01-27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
    SRV:64bit: - [2013-12-10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
    SRV:64bit: - [2013-11-23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
    SRV:64bit: - [2013-10-30 20:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
    SRV:64bit: - [2013-10-30 20:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
    SRV:64bit: - [2013-09-30 00:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
    SRV:64bit: - [2013-08-22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
    SRV:64bit: - [2013-08-22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
    SRV:64bit: - [2013-08-22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
    SRV:64bit: - [2013-08-22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
    SRV:64bit: - [2013-08-22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
    SRV:64bit: - [2013-08-22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
    SRV:64bit: - [2013-08-22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
    SRV:64bit: - [2013-08-22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
    SRV:64bit: - [2013-08-22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
    SRV:64bit: - [2013-08-22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
    SRV:64bit: - [2013-08-22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
    SRV:64bit: - [2013-08-22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
    SRV:64bit: - [2013-08-22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
    SRV:64bit: - [2013-08-22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
    SRV:64bit: - [2013-08-22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
    SRV:64bit: - [2013-08-22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
    SRV:64bit: - [2013-08-22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
    SRV:64bit: - [2013-01-07 08:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
    SRV:64bit: - [2012-04-20 17:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV - [2013-12-21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013-12-06 10:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2013-12-06 10:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2013-10-01 14:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013-09-30 00:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
    SRV - [2013-08-22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
    SRV - [2013-08-21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
    SRV - [2013-08-21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
    SRV - [2013-01-15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
    SRV - [2012-07-17 17:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2012-07-17 17:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2012-06-27 15:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
    SRV - [2012-06-25 13:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2012-04-13 13:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
    SRV - [2011-11-21 17:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014-05-05 20:17:27 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blzblk.sys -- (blzblk)
    DRV:64bit: - [2014-03-19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
    DRV:64bit: - [2014-03-13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
    DRV:64bit: - [2014-03-08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
    DRV:64bit: - [2014-03-08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
    DRV:64bit: - [2014-02-22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2014-02-22 11:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
    DRV:64bit: - [2014-02-22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
    DRV:64bit: - [2014-02-22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
    DRV:64bit: - [2014-02-22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
    DRV:64bit: - [2014-02-22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
    DRV:64bit: - [2014-02-22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
    DRV:64bit: - [2014-02-22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
    DRV:64bit: - [2014-02-22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
    DRV:64bit: - [2013-12-06 10:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
    DRV:64bit: - [2013-11-10 22:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
    DRV:64bit: - [2013-11-04 04:32:06 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
    DRV:64bit: - [2013-11-01 07:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
    DRV:64bit: - [2013-10-30 20:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
    DRV:64bit: - [2013-10-30 20:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
    DRV:64bit: - [2013-10-30 20:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
    DRV:64bit: - [2013-10-25 21:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
    DRV:64bit: - [2013-10-05 11:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
    DRV:64bit: - [2013-10-01 14:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013-09-30 00:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
    DRV:64bit: - [2013-09-29 23:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2013-09-29 23:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
    DRV:64bit: - [2013-08-22 18:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
    DRV:64bit: - [2013-08-22 18:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
    DRV:64bit: - [2013-08-22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
    DRV:64bit: - [2013-08-22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2013-08-22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
    DRV:64bit: - [2013-08-22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
    DRV:64bit: - [2013-08-22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
    DRV:64bit: - [2013-08-22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
    DRV:64bit: - [2013-08-22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
    DRV:64bit: - [2013-08-22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2013-08-22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2013-08-22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
    DRV:64bit: - [2013-08-22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2013-08-22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
    DRV:64bit: - [2013-08-22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
    DRV:64bit: - [2013-08-22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2013-08-22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2013-08-22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
    DRV:64bit: - [2013-08-22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2013-08-22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
    DRV:64bit: - [2013-08-22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
    DRV:64bit: - [2013-08-22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2013-08-22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
    DRV:64bit: - [2013-08-22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
    DRV:64bit: - [2013-08-22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2013-08-22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
    DRV:64bit: - [2013-08-22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
    DRV:64bit: - [2013-08-22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
    DRV:64bit: - [2013-08-22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
    DRV:64bit: - [2013-08-22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
    DRV:64bit: - [2013-08-22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
    DRV:64bit: - [2013-08-22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
    DRV:64bit: - [2013-08-22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
    DRV:64bit: - [2013-08-22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
    DRV:64bit: - [2013-08-22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
    DRV:64bit: - [2013-08-22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
    DRV:64bit: - [2013-08-22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
    DRV:64bit: - [2013-08-22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
    DRV:64bit: - [2013-08-22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
    DRV:64bit: - [2013-08-22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
    DRV:64bit: - [2013-08-22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
    DRV:64bit: - [2013-08-22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
    DRV:64bit: - [2013-08-22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
    DRV:64bit: - [2013-08-22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
    DRV:64bit: - [2013-08-22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
    DRV:64bit: - [2013-08-22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2013-08-22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
    DRV:64bit: - [2013-08-22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2013-08-22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
    DRV:64bit: - [2013-08-22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2013-08-22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
    DRV:64bit: - [2013-08-22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
    DRV:64bit: - [2013-08-22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
    DRV:64bit: - [2013-08-22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
    DRV:64bit: - [2013-08-22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
    DRV:64bit: - [2013-08-22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
    DRV:64bit: - [2013-08-12 19:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
    DRV:64bit: - [2013-08-09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
    DRV:64bit: - [2013-07-30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
    DRV:64bit: - [2013-07-25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
    DRV:64bit: - [2013-07-25 15:05:37 | 002,607,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
    DRV:64bit: - [2013-06-18 10:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
    DRV:64bit: - [2013-05-13 16:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
    DRV:64bit: - [2013-04-16 20:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
    DRV:64bit: - [2012-12-13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012-12-07 02:45:34 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
    DRV:64bit: - [2012-10-08 05:02:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2012-09-18 15:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
    DRV:64bit: - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012-08-01 23:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
    DRV:64bit: - [2012-07-02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV - [2011-09-07 12:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
    DRV - [2009-07-02 20:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{55EE75CB-6993-FCC7-7055-7B9E6C91254F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     
    rwirsig,
    #60
Page 3 of 4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...