Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

I'm being hijacked

In Progress 
2K views 11 replies 3 participants last post by  Cookiegal 
#1 ·
I've been having problems for several weeks with my accounts being hijacked. Steam, Netflix, gmail, hotmail, etc... I have MS Security Essentials running all the time and I keep it updated, I also use Malwarebytes Anti-malware to scan. I've run the scanning software in safe mode until they ran clean, but still have issues. I'm sure I must have a key logger or something, but I don't know how to find it. I've used HijackThis, and could post the log if that helps.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 8168 Mb
Graphics Card: AMD Radeon HD 6900 Series, -2048 Mb
Hard Drives: C: Total - 1068112 MB, Free - 642188 MB; D: Total - 78152 MB, Free - 78019 MB;
Motherboard: ASUSTeK Computer INC., P8P67 DELUXE
Antivirus: Microsoft Security Essentials, Updated and Enabled
 
#2 ·
Hi Skywalker. My name is Firefly and I will help you with your computer. I ask you to follow a few ground rules while we are taking care of your computer:

I'm an Undergraduate trainee at MalwareRemovalUniversity (MRU), and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin...please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  4. Only- post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  5. Print each set of instructions...if possible...your Internet connection will not be available during some fix processes.
  6. Only- reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean". If you are in progress at another forum, please simply let me know so I can dedicate my time to others who need help.
  7. Failure to respond for 3 days, will result in your topic being closed.
Please take time to read the Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.


Malware removal:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

File Backup

For your safety and protection, I would advise backing up all your important documents, personal data files and photos as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

All of the Windows systems we support have backup capabilities. These existing programs will allow you to back up your files to an external hard drive, USB drive or CD drive.

Do not back up your files to the hard drive of the computer we will be fixing. If the computer becomes unusable, your files will still be gone forever. Every photo, every document… gone. Seriously. Do this now.

Here are links to using the backup program Windows 7:Windows 7

Finally, there will be several items to handle in each post (usually) so I will try to break them into easier to digest sections which will be demarked with Green Bold Lettering

Restore Point

First, before we do anything, we want to make sure we have made a backup of your computer's key information so that we can be sure to not make anything worse. Since you are running Windows 7, we will both make a restore point and do a system backup.

To create a restore point: (win 7)
1. click on the Start button to open your Start Menu. Then
2. click on the Control Panel, then the System icon, and then finally click on System Protection in the left-hand task list. You will now be at the System Protection tab in the System control panel.
3. At the bottom of the window you will see a button called "create". A window will pop open allowing you to name this restore point - please name this "before malware fix".
4. You can then close the System window.

Please also do the following:
Please download tweaking.com_registry_backup_setup.exe
Choose a download site for the installer... download and save it to your desktop. Do not click on the big green button at the top - this is an advertisement. Click on one of the yellow links under the word "installer" further down on the page
Double click on the "...setup.exe" program and install the program. Let the install use the default installation. How to tutorial here.

Once the program is installed...
  1. Double click the Tweaking.com Registry Backup icon ... on your Desktop to open the program.
  2. It should open with the Backup Registry tab selected and all file options checked. Check any that are not already checked.
  3. Click on Backup Now to create a backup of your Registry.
    You'll see "Waiting for Volume Shadow Copy snapshot..." this may take a few moments, just be patient.
  4. When completed you should see a message saying something like ... Successful ??/?? Registry Files Backed Up ... ?? is total number of files, both numbers should match.
  5. Close and exit the program.

Once these are done, we can move forward with repairing the issues you are having. PLEASE DO NOT PROCEED IF YOU HAVE ANY PROBLEMS WITH THESE FIRST TWO STEPS OR IF YOU RECEIVED ANY ERROR MESSAGES.

FRST Scan

Please download FRST64 ... by Farbar, from the link below and save it to your Desktop. Please be sure to use the version appropriate for your operating system.

FRST64

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Next Steps

1. Confirm you were able to make backups, restore points, and use TCRB
2. Post FRST.txt
3. Post addition.txt
 
#3 ·
Hi Firefly. Thanks for helping me and good luck with your undergraduate degree. see the FRST.txt and Addition.txt logs below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
Ran by Gene (administrator) on GENE-PC (23-11-2015 06:53:17)
Running from C:\Users\Gene\Desktop
Loaded Profiles: Gene (Available Profiles: Gene)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DataCardService\DCService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Marvell) C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
() C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
() C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_245_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [MSUTray] => C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe [1199144 2010-11-19] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-22153849-1975329064-470824136-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-22153849-1975329064-470824136-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKU\S-1-5-21-22153849-1975329064-470824136-1000\...\MountPoints2: {32875cf9-a3b3-11e0-b99a-806e6f6e6963} - F:\Autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4758B3F9-8216-493F-B518-7AAFAB1AC3F3}: [DhcpNameServer] 184.151.118.254 70.28.245.227
Tcpip\..\Interfaces\{F2A9D693-F035-413F-811A-E0F2C1FB9D44}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-22153849-1975329064-470824136-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ca/
HKU\S-1-5-21-22153849-1975329064-470824136-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?rd=1
URLSearchHook: HKU\S-1-5-21-22153849-1975329064-470824136-1000 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-16] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27] (Atheros Commnucations)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-08-10] (Nero AG)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-02] [not signed]
FF HKU\S-1-5-21-22153849-1975329064-470824136-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-02] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (IGN Download Manager Plug-in) - C:\Program Files (x86)\Download Manager\npfpdlm.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-01] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
S3 BellCanadaRcAppSvc; C:\Program Files (x86)\Bell\Mobile Connect\RcAppSvc.exe [120088 2010-11-01] (SmithMicro Inc.)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] () [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] () [File not signed]
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 CABellCanada; C:\Program Files (x86)\Bell\Mobile Connect\ConAppsSvc.exe [124184 2010-11-01] (SmithMicro Inc.)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-29] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSUWebService; C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe [24645 2010-09-01] (Apache Software Foundation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvtlService; C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [91984 2010-10-21] ()
R2 NWHelper; C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe [270336 2010-10-07] (Novatel Wireless Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-25] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 ProfileImpSvc; C:\Program Files (x86)\Bell\Mobile Connect\ProfileImpSvc.exe [169240 2010-11-01] (SmithMicro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
S3 atillk64; C:\Users\Gene\Desktop\System update utilities\ATI Winflash\atillk64.sys [14608 2011-07-01] (ATI Technologies Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [29184 2011-12-19] (hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [21504 2011-12-19] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 NWRmNet; C:\Windows\System32\DRIVERS\NWRmNet.sys [295424 2010-10-27] (Novatel Wireless Inc.)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-11-01] (Smith Micro Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-07-25] () [File not signed]
S1 cwrhlgoj; \??\C:\Windows\system32\drivers\cwrhlgoj.sys [X]
S1 emqjyzsf; \??\C:\Windows\system32\drivers\emqjyzsf.sys [X]
S1 jjcnzhcm; \??\C:\Windows\system32\drivers\jjcnzhcm.sys [X]
S1 jlhkulsx; \??\C:\Windows\system32\drivers\jlhkulsx.sys [X]
S1 kxemfrnw; \??\C:\Windows\system32\drivers\kxemfrnw.sys [X]
S1 nfjvzqru; \??\C:\Windows\system32\drivers\nfjvzqru.sys [X]
S1 nifwxiqi; \??\C:\Windows\system32\drivers\nifwxiqi.sys [X]
S1 pxupjgne; \??\C:\Windows\system32\drivers\pxupjgne.sys [X]
S1 vdtoulea; \??\C:\Windows\system32\drivers\vdtoulea.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-05 20:12 - 2021-11-05 20:12 - 00207872 _____ (TODO: <Company name>) C:\Windows\SysWOW64\MVTrim.dll
2015-11-23 06:53 - 2015-11-23 06:53 - 00022209 _____ C:\Users\Gene\Desktop\FRST.txt
2015-11-23 06:53 - 2015-11-23 06:53 - 00000000 ____D C:\FRST
2015-11-23 06:51 - 2015-11-23 06:51 - 00000207 _____ C:\Windows\tweaking.com-regbackup-GENE-PC-Windows-7-Home-Premium-(64-bit).dat
2015-11-23 06:51 - 2015-11-23 06:51 - 00000000 ____D C:\RegBackup
2015-11-22 22:38 - 2015-11-22 22:38 - 02346496 _____ (Farbar) C:\Users\Gene\Downloads\FRST64.exe
2015-11-22 22:38 - 2015-11-22 22:38 - 02346496 _____ (Farbar) C:\Users\Gene\Desktop\FRST64.exe
2015-11-22 22:32 - 2015-11-22 22:32 - 04777232 _____ (Tweaking.com) C:\Users\Gene\Downloads\tweaking.com_registry_backup_setup.exe
2015-11-22 22:32 - 2015-11-22 22:32 - 00002191 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-11-22 22:32 - 2015-11-22 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-11-22 22:32 - 2015-11-22 22:32 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-11-22 21:56 - 2015-11-22 21:56 - 00000000 ___RD C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-11-21 14:45 - 2015-11-21 14:45 - 00509440 _____ (Tech Support Guy System) C:\Users\Gene\Downloads\SysInfo.exe
2015-11-21 13:41 - 2015-11-21 15:14 - 00014464 _____ C:\Users\Gene\Desktop\hijackthis.log
2015-11-21 13:39 - 2015-11-21 13:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gene\Desktop\HijackThis.exe
2015-11-21 13:36 - 2015-11-21 13:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gene\Downloads\HijackThis.exe
2015-11-20 20:19 - 2015-11-20 20:19 - 00002718 _____ C:\Users\Gene\Desktop\Malware Nov 20.txt
2015-11-20 19:30 - 2015-11-20 19:30 - 00000014 _____ C:\Users\Gene\Desktop\Telus tech support number.txt
2015-11-20 10:48 - 2015-11-20 10:48 - 01811872 _____ (LogMeIn, Inc.) C:\Users\Gene\Downloads\Support-LogMeInRescue.exe
2015-11-15 13:05 - 2015-11-15 13:05 - 00000218 _____ C:\Users\Gene\Desktop\Neverwinter Nights 2.lnk
2015-11-14 13:51 - 2015-11-14 13:51 - 00000000 ____D C:\Users\Gene\Downloads\NeverwinterNights2AtariUSDigitalDownload_gameversion1_04_AutoUpdateFix
2015-11-14 13:50 - 2015-11-14 13:50 - 00000000 ____D C:\Users\Gene\Downloads\Neverwinter Nights 2 Digital Download Auto Update Fix
2015-11-14 13:49 - 2015-11-14 13:49 - 02281283 _____ C:\Users\Gene\Downloads\NeverwinterNights2AtariUSDigitalDownload_gameversion1_04_AutoUpdateFix.exe
2015-11-14 13:45 - 2015-11-14 13:45 - 00000809 _____ C:\Windows\DXError.log
2015-11-14 13:44 - 2015-11-14 13:55 - 00000000 ____D C:\Users\Gene\Documents\Neverwinter Nights 2
2015-11-14 13:27 - 2015-11-14 13:27 - 00000000 ____D C:\Program Files (x86)\Atari
2015-11-14 12:08 - 2015-11-20 19:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-14 12:08 - 2015-11-14 12:08 - 00000877 _____ C:\Users\Public\Desktop\Steam.lnk
2015-11-12 16:19 - 2015-11-03 10:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 01:36 - 2015-10-20 11:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 01:36 - 2015-10-20 11:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 01:36 - 2015-10-20 11:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 01:36 - 2015-10-20 11:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 01:36 - 2015-10-20 11:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 01:36 - 2015-10-20 11:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 01:36 - 2015-10-20 10:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 01:36 - 2015-10-20 10:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 01:36 - 2015-10-20 10:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 01:36 - 2015-10-20 10:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 01:36 - 2015-10-20 10:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 01:35 - 2015-11-03 15:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 01:35 - 2015-11-03 14:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 01:35 - 2015-10-30 16:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 01:35 - 2015-10-30 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 01:35 - 2015-10-30 16:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 01:35 - 2015-10-30 16:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 01:35 - 2015-10-30 16:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 01:35 - 2015-10-30 16:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 01:35 - 2015-10-30 16:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 01:35 - 2015-10-30 16:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 01:35 - 2015-10-30 16:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 01:35 - 2015-10-30 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 01:35 - 2015-10-30 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 01:35 - 2015-10-30 16:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 01:35 - 2015-10-30 16:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 01:35 - 2015-10-30 16:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 01:35 - 2015-10-30 16:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 01:35 - 2015-10-30 16:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 01:35 - 2015-10-30 16:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 01:35 - 2015-10-30 16:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 01:35 - 2015-10-30 16:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 01:35 - 2015-10-30 15:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 01:35 - 2015-10-30 15:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 01:35 - 2015-10-30 15:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 01:35 - 2015-10-30 15:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 01:35 - 2015-10-30 15:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 01:35 - 2015-10-30 15:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 01:35 - 2015-10-30 15:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 01:35 - 2015-10-30 15:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 01:35 - 2015-10-30 15:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 01:35 - 2015-10-30 15:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 01:35 - 2015-10-30 15:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 01:35 - 2015-10-30 15:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 01:35 - 2015-10-30 15:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 01:35 - 2015-10-30 15:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 01:35 - 2015-10-30 15:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 01:35 - 2015-10-30 15:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 01:35 - 2015-10-30 15:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 01:35 - 2015-10-30 15:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 01:35 - 2015-10-30 15:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 01:35 - 2015-10-30 15:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 01:35 - 2015-10-30 15:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 01:35 - 2015-10-30 15:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 01:35 - 2015-10-30 15:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 01:35 - 2015-10-30 15:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 01:35 - 2015-10-30 15:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 01:35 - 2015-10-30 15:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 01:35 - 2015-10-30 15:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 01:35 - 2015-10-30 15:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 01:35 - 2015-10-30 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 01:35 - 2015-10-30 15:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 01:35 - 2015-10-30 15:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 01:35 - 2015-10-30 15:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 01:35 - 2015-10-30 15:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 01:35 - 2015-10-30 15:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 01:35 - 2015-10-30 15:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 01:35 - 2015-10-30 15:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 01:35 - 2015-10-30 15:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 01:35 - 2015-10-30 15:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 01:35 - 2015-10-30 15:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 01:35 - 2015-10-30 14:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 01:35 - 2015-10-30 14:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 01:35 - 2015-10-30 14:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 01:35 - 2015-10-30 14:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 01:35 - 2015-10-19 18:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 01:35 - 2015-10-19 18:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 01:35 - 2015-10-19 18:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 01:35 - 2015-10-19 18:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 01:35 - 2015-10-19 18:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 01:35 - 2015-10-19 18:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 01:35 - 2015-10-19 18:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 01:35 - 2015-10-19 18:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 01:35 - 2015-10-19 18:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 01:35 - 2015-10-19 18:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 01:35 - 2015-10-19 18:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 01:35 - 2015-10-19 18:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 01:35 - 2015-10-19 18:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 01:35 - 2015-10-19 18:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 01:35 - 2015-10-19 18:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 01:35 - 2015-10-19 17:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 01:35 - 2015-10-19 17:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 01:35 - 2015-10-19 17:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 01:35 - 2015-10-19 17:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 01:35 - 2015-10-19 17:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 01:35 - 2015-10-19 17:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 01:35 - 2015-10-19 17:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 01:35 - 2015-10-19 17:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 01:35 - 2015-10-19 17:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 01:35 - 2015-10-19 17:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 01:35 - 2015-10-19 17:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 01:35 - 2015-10-19 17:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 01:35 - 2015-10-19 17:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 17:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 16:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 01:35 - 2015-10-19 16:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 01:35 - 2015-10-19 16:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 01:35 - 2015-10-19 16:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 01:35 - 2015-10-19 16:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 01:35 - 2015-10-19 16:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 16:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 16:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 01:35 - 2015-10-19 16:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 01:35 - 2015-09-23 06:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 01:35 - 2015-09-23 06:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 01:35 - 2015-09-23 06:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 01:34 - 2015-10-29 10:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 01:34 - 2015-10-29 10:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 01:34 - 2015-10-29 10:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 01:34 - 2015-10-29 10:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 01:34 - 2015-10-29 10:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 01:34 - 2015-10-29 10:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 01:34 - 2015-10-29 10:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 01:34 - 2015-10-13 09:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 01:34 - 2015-10-13 09:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 01:34 - 2015-10-12 21:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 01:34 - 2015-10-01 11:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 01:34 - 2015-10-01 11:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 01:34 - 2015-10-01 10:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-27 20:32 - 2015-10-28 17:36 - 00000000 ____D C:\Windows\pss

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-23 06:54 - 2014-02-10 11:56 - 00000000 ____D C:\ProgramData\BitMeterOS
2015-11-23 06:20 - 2012-04-21 14:26 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-23 06:18 - 2012-04-07 18:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-23 04:33 - 2011-07-01 00:31 - 01855034 _____ C:\Windows\WindowsUpdate.log
2015-11-23 04:33 - 2009-07-13 21:45 - 00023584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-23 04:33 - 2009-07-13 21:45 - 00023584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-23 00:09 - 2012-09-18 22:48 - 00000000 ____D C:\Users\Gene\Documents\Outlook Files
2015-11-22 22:07 - 2009-07-13 22:13 - 00801126 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-22 21:56 - 2012-04-21 14:26 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 21:55 - 2011-07-01 01:18 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-22 21:55 - 2011-07-01 01:04 - 00574928 _____ C:\Windows\SysWOW64\mvaccelerator.log
2015-11-22 21:55 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-22 21:55 - 2009-07-13 21:51 - 00072308 _____ C:\Windows\setupact.log
2015-11-22 14:24 - 2012-09-18 19:10 - 00000000 ____D C:\Users\Gene\Desktop\Rachel
2015-11-22 01:00 - 2011-07-01 02:18 - 00000000 ____D C:\Users\Gene\Desktop\bfha
2015-11-20 20:04 - 2015-04-19 23:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 16:37 - 2007-08-30 15:07 - 00000000 ____D C:\Users\Gene\Desktop\Stampin' Up!
2015-11-17 06:51 - 2011-07-05 18:54 - 00000000 ____D C:\Users\Gene\Desktop\Cards
2015-11-14 13:59 - 2011-07-05 17:21 - 00000000 ____D C:\Program Files (x86)\Dragon Age
2015-11-14 13:45 - 2011-07-05 17:29 - 00339108 _____ C:\Windows\DirectX.log
2015-11-14 13:44 - 2012-08-27 20:50 - 00001565 _____ C:\Windows\KB893803v2.log
2015-11-14 13:44 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-14 13:27 - 2011-07-01 00:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-14 13:11 - 2011-07-18 20:12 - 00003949 _____ C:\Users\Gene\Desktop\info.txt
2015-11-14 12:08 - 2011-11-24 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-14 12:08 - 2011-07-01 00:36 - 00000000 ____D C:\Users\Gene
2015-11-14 12:03 - 2015-08-03 20:11 - 00000000 ____D C:\Users\Gene\Desktop\Gene's Games
2015-11-13 04:07 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-11-13 03:30 - 2011-07-04 02:16 - 00344042 _____ C:\Windows\PFRO.log
2015-11-13 03:30 - 2009-07-13 21:45 - 00437880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-13 03:13 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2015-11-13 03:10 - 2011-07-03 20:27 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-13 03:09 - 2012-09-18 22:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-13 03:05 - 2011-07-01 01:31 - 00793248 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 03:02 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 11:18 - 2012-04-07 18:20 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 11:18 - 2012-04-07 18:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 11:18 - 2011-07-05 19:19 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-30 22:20 - 2015-01-01 19:41 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:25 - 2012-08-30 17:23 - 00000000 ____D C:\Users\Gene\Documents\My Scans
2015-10-28 06:05 - 2012-08-16 20:30 - 00000000 ____D C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-28 06:02 - 2015-01-17 14:48 - 00000000 ____D C:\Users\Gene\AppData\Roaming\Foxit Software
2015-10-27 20:32 - 2011-07-01 01:54 - 00000000 ____D C:\Users\Gene\AppData\Roaming\ICQ
2015-10-27 20:22 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-27 20:19 - 2015-04-26 14:12 - 00000000 ____D C:\Users\Gene\AppData\Roaming\Raptr
2015-10-27 20:04 - 2014-12-10 03:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-27 20:04 - 2014-05-06 02:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-26 22:47 - 2009-07-13 19:34 - 00000513 _____ C:\Windows\win.ini
2015-10-26 22:43 - 2015-04-05 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-26 20:02 - 2012-08-27 20:50 - 00000000 ____D C:\ProgramData\Origin
2015-10-26 19:23 - 2015-04-19 23:21 - 00001058 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-26 19:23 - 2015-04-19 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-26 19:23 - 2015-04-19 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-25 23:24 - 2011-10-10 16:08 - 00085956 _____ C:\shared.log

==================== Files in the root of some directories =======

2013-11-27 01:11 - 2013-11-27 01:11 - 49940480 _____ () C:\Program Files (x86)\GUT25B0.tmp
2012-05-18 12:25 - 2012-05-18 12:25 - 0001174 _____ () C:\Program Files (x86)\InstLog.txt
2013-12-15 14:22 - 2013-12-15 14:22 - 0027655 _____ () C:\Users\Gene\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-01-06 19:54 - 2014-01-06 21:30 - 0000154 _____ () C:\Users\Gene\AppData\Roaming\Rim.Desktop.Exception.log
2014-01-06 19:53 - 2014-01-06 19:53 - 0001153 _____ () C:\Users\Gene\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-01-06 19:54 - 2014-01-06 21:30 - 0000154 _____ () C:\Users\Gene\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-09-02 18:21 - 2013-09-02 18:21 - 0000092 _____ () C:\Users\Gene\AppData\Local\fusioncache.dat
2008-02-05 12:28 - 2008-02-05 12:28 - 0000051 _____ () C:\Users\Gene\AppData\Local\setup.txt
2011-10-02 21:20 - 2011-10-02 21:53 - 0001812 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Gene\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Gene\AppData\Local\Temp\AskSLib.dll
C:\Users\Gene\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Gene\AppData\Local\Temp\binkw32.dll
C:\Users\Gene\AppData\Local\Temp\converter.exe
C:\Users\Gene\AppData\Local\Temp\d2l_Install.exe
C:\Users\Gene\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Gene\AppData\Local\Temp\installerdll342453.dll
C:\Users\Gene\AppData\Local\Temp\installerdll352874.dll
C:\Users\Gene\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Gene\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Gene\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Gene\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Gene\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Gene\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Gene\AppData\Local\Temp\MobileConnect.exe
C:\Users\Gene\AppData\Local\Temp\Quarantine.exe
C:\Users\Gene\AppData\Local\Temp\raptrpatch.exe
C:\Users\Gene\AppData\Local\Temp\raptr_stub.exe
C:\Users\Gene\AppData\Local\Temp\rootsupd.exe
C:\Users\Gene\AppData\Local\Temp\Setup.exe
C:\Users\Gene\AppData\Local\Temp\sqlite3.dll
C:\Users\Gene\AppData\Local\Temp\tmp5C13.exe
C:\Users\Gene\AppData\Local\Temp\tmp6853.exe
C:\Users\Gene\AppData\Local\Temp\tmp8861.exe
C:\Users\Gene\AppData\Local\Temp\tmp93F2.exe
C:\Users\Gene\AppData\Local\Temp\tmpAE00.exe
C:\Users\Gene\AppData\Local\Temp\tmpDCE6.exe
C:\Users\Gene\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Gene\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Gene\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Gene\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Gene\AppData\Local\Temp\_is5B39.exe
C:\Users\Gene\AppData\Local\Temp\_is9C0F.exe
C:\Users\Gene\AppData\Local\Temp\_isACE1.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-11-20 00:28

==================== End of FRST.txt ============================
 
#4 ·
Additional scan result of Farbar Recovery Scan Tool (x64) Version:22-11-2015
Ran by Gene (2015-11-23 06:54:35)
Running from C:\Users\Gene\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-01 07:36:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-22153849-1975329064-470824136-500 - Administrator - Disabled)
ASPNET (S-1-5-21-22153849-1975329064-470824136-1004 - Limited - Enabled)
Gene (S-1-5-21-22153849-1975329064-470824136-1000 - Administrator - Enabled) => C:\Users\Gene
Guest (S-1-5-21-22153849-1975329064-470824136-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-22153849-1975329064-470824136-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced Scan to PDF Free 3.9.2 (HKLM-x32\...\Advanced Scan to PDF Free_is1) (Version: - PDFChief Co., Ltd.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.14 - ASUSTeK)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version: - )
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
CuteFTP 7 Home (HKLM-x32\...\{59D98250-CFEB-4A0B-A737-FC7CADE27852}) (Version: 7.20.1000 - GlobalSCAPE)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.03 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dungeons & Dragons Online® (HKLM-x32\...\Steam App 206480) (Version: - Turbine, Inc)
Dungeons & Dragons: Daggerdale (HKLM-x32\...\Steam App 99100) (Version: - )
EA Installer (HKLM-x32\...\EA Installer.1635480076) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
GameFly (HKLM-x32\...\GameFly) (Version: 1.0.1768 - GameFly)
GameFly (x32 Version: 1.0.1768 - GameFly, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.7 - Kobo Inc.)
LightScribe Applications (HKLM-x32\...\{61F25370-7465-4404-BE28-4629BF808699}) (Version: 1.18.15.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
LightScribe Template Designs - Grab Bag Pack 1 (HKLM-x32\...\{B5ECA6E5-C943-4A40-936B-8E16D5B233ED}) (Version: 1.17.0.0 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{83721450-E604-4C37-ABEB-CE7F18C587C8}) (Version: 1.18.24.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Marvell Storage Utility V4 (HKLM-x32\...\mvMSU) (Version: 4.1.0.1909 - Marvell)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mobile Broadband Generic Drivers (HKLM-x32\...\{333494BF-7B36-4681-896A-C7AB23D31E17}) (Version: 2.03.25.001.11 - Novatel Wireless)
Mobile Connect (HKLM\...\{555F1B3D-67E4-4E9B-8860-7ADD7B21B696}) (Version: 4.01.0009.0 - Smith Micro)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.16800.75.100 - Nero AG)
Nero Kwik Media (HKLM-x32\...\{D9B5AE52-FEF9-4E5C-A63E-06A6638B2935}) (Version: 10.6.12300 - Nero AG)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.1 - )
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
PS_AIO_05_C4600_Software_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Witcher 2 Enhanced Edition version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TorchLight (HKLM-x32\...\TorchLight) (Version: 1.15 - Runic Games)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.3.1 - Tweaking.com)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-22153849-1975329064-470824136-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
WISER 4.4 for Windows (HKLM-x32\...\WISER for Windows_is1) (Version: 4.4.116 - National Library of Medicine)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

13-11-2015 01:43:49 Windows Update
13-11-2015 03:00:30 Windows Update
14-11-2015 12:06:47 Removed Steam
14-11-2015 12:07:55 Installed Steam
14-11-2015 13:27:32 Installed Neverwinter Nights 2
14-11-2015 13:44:36 Installed DirectX
16-11-2015 10:51:52 Windows Update
20-11-2015 02:14:01 Windows Update
22-11-2015 22:25:57 Windows Backup
22-11-2015 22:29:42 before malware fix
23-11-2015 00:08:29 Windows Backup
23-11-2015 04:32:02 Windows Update
23-11-2015 06:43:53 Windows Backup

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C057A69-3915-4E7D-A443-FC1F5996C8AB} - System32\Tasks\{654B1E7C-5E96-49EC-A7D2-DDE893D253A4} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [2015-10-31] (Microsoft Corporation)
Task: {1E374895-6F0C-4ACD-99A3-C5D94AE95EA6} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)
Task: {2725B977-35AB-473E-A853-993BAA251982} - System32\Tasks\{34982CD2-84F6-4319-8468-F81B5A1D618A} => C:\Program Files (x86)\Diablo II\Diablo II.exe
Task: {2781043D-97A8-4457-A394-ADEE0F0AFDF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2A36B393-085D-4521-8930-41CD35BB9354} - System32\Tasks\{475349D3-A692-4E72-84AC-CBA2A5DEA523} => C:\Program Files (x86)\Diablo II\Diablo II.exe
Task: {35C3818D-2EB8-45C5-AEBD-65C8EDD1360C} - System32\Tasks\{6A534233-7C2A-47BC-B1CD-75C3615C8944} => pcalua.exe -a C:\Users\Gene\Downloads\iPodshuffleResetUtilitySetup.exe -d C:\Users\Gene\Downloads
Task: {63425373-5A4C-496E-8804-F520ED547E87} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {7F1A2AE8-7726-41B9-B5B3-B5F734D920BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8932E13E-FCA6-4798-BAB1-7BB5C7A8EEB4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {94CA4D83-352A-4647-B404-038093B98F50} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {9A50654A-3DF9-4E07-B2BF-BF5CEDFA8F27} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.)
Task: {E5177074-A50F-42F8-B55F-6559BDA10D2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-17 11:44 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-06-18 08:24 - 2012-06-18 08:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-03 02:30 - 2010-11-03 02:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-01 19:15 - 2010-12-01 19:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
2011-07-01 00:55 - 2010-10-21 02:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2011-11-19 00:27 - 2011-11-19 00:27 - 00085435 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
2011-11-19 00:27 - 2011-11-19 00:27 - 00141466 _____ () C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
2010-05-29 05:54 - 2010-05-29 05:54 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2010-10-21 15:16 - 2010-10-21 15:16 - 00091984 _____ () C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
2010-11-19 00:58 - 2010-11-19 00:58 - 01199144 _____ () C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
2011-07-01 00:54 - 2015-11-22 21:55 - 00023552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-07-01 00:54 - 2010-06-28 19:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2008-01-17 10:17 - 2008-01-17 10:17 - 00073782 _____ () C:\Program Files (x86)\Marvell\storage\Apache2\bin\zlib1.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-01 00:55 - 2010-11-16 09:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2011-07-01 00:55 - 2010-07-30 10:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll
2011-07-01 00:55 - 2010-07-15 19:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2011-07-01 00:55 - 2010-07-15 19:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2011-07-01 00:55 - 2010-07-15 19:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2011-07-01 00:55 - 2007-10-31 02:51 - 00061440 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2011-07-01 00:55 - 2010-02-24 01:56 - 00661504 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2011-07-01 00:55 - 2010-11-10 18:09 - 00703488 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2011-07-01 00:55 - 2010-06-22 20:54 - 00114688 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2011-07-01 00:58 - 2009-05-20 19:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2011-07-01 00:58 - 2009-05-21 09:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2011-07-01 00:55 - 2010-12-02 16:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-07-01 00:55 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-07-01 00:55 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-07-01 00:55 - 2010-10-15 16:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-07-01 00:55 - 2010-11-19 09:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-07-01 00:56 - 2010-12-30 21:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2011-07-01 00:57 - 2010-12-01 11:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-07-01 00:57 - 2010-12-03 15:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-07-01 00:55 - 2010-09-27 19:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-07-01 00:55 - 2010-09-27 19:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-07-01 00:55 - 2010-11-19 09:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-07-01 00:55 - 2010-08-06 17:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-07-01 00:55 - 2010-08-06 17:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-07-01 00:54 - 2010-08-22 19:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll
2011-07-01 00:55 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-16 02:34 - 2014-10-16 02:34 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-07-01 00:49 - 2010-11-05 22:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Gene\Desktop\Shareaza Downloads:Shareaza.GUID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-22153849-1975329064-470824136-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Bell Canada Connection Manager => "C:\Program Files (x86)\Bell\Mobile Connect\MobileConnect.exe" -a
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5889E116-39B7-4D8D-A8F4-3DE40479C3E0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [TCP Query User{1861B55C-D888-4285-AFA7-3077513721D1}C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe
FirewallRules: [UDP Query User{BA2E2045-6494-4A8A-BDEB-87C480116ABB}C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\storage\apache2\bin\httpd.exe
FirewallRules: [{2879009F-45C9-4868-B132-C01257024649}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{6DA42451-C220-4C57-B6B2-522375E9A195}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{9ABC6211-2CBC-45EE-8A7D-3AE40CA1B72F}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{8C3168ED-EE94-4709-83FD-EB65C75C0DA8}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{4E9B8158-83CC-41D3-AD87-7A5B61A65CA0}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{4585CA30-2B38-46E8-86DB-B3FA68283721}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [TCP Query User{CB92D3D7-5C87-4A25-AE85-21E018302856}C:\program files (x86)\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [UDP Query User{3ECBCC54-1F59-4F19-A297-A989F3808EBA}C:\program files (x86)\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [{9B91893B-D684-4C9E-9777-2103BA140E66}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{0A320944-A11B-49D5-89F8-75BCDDCD5172}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{D86E8C1D-08CA-4F23-8153-38CC6DC1D751}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EEC5D273-912B-4656-8E20-D9AE0B48254E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CE861B17-DB18-4FAF-96C0-6906CEE40DB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{38DB5191-E2DD-4095-A14B-D041FF80907C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E6AECDB3-1EE1-43E4-88C4-04B3A26969CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{AEF7D7C8-A39B-492C-9527-1C5BB5DB8AE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{8BC36C73-4CB4-4F40-B3D2-62A2928A78D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BD9807CC-6EFB-45E1-96C4-E50954168469}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AF271AF6-02EA-4B6C-9C05-6AA8D5C308AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{49090DD4-5544-46D8-9177-793E253B6511}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{906E71C8-156F-4DA7-BDFB-D03F527C3934}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{97902138-46C5-4BDF-8106-BAACBF8F4FE6}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{6258F03B-393F-4870-9FE8-B12AB74F8E75}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{88BB4CD4-759C-4EC7-88A8-0D09699500A1}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{BC491693-F1CB-40B0-A130-DED3E76F892D}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{3B38F519-0A0C-4A81-880E-064CDE831A36}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{E813B9CE-E2FD-4B94-9C97-A7BA48588756}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{1E9596E1-3DE4-468D-B472-C138FFEB8A85}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D112C0DF-233B-4A0F-92B5-6DC013A56F30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE1E0F3-32A4-4B2B-BFD4-586382CC07B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BF7449E-AA66-4F4E-8FDE-3B48D8CC19CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{212E9BEE-178C-4DDB-8AF0-6F45EC2386DB}C:\program files (x86)\icq7.5\icq.exe] => (Allow) C:\program files (x86)\icq7.5\icq.exe
FirewallRules: [UDP Query User{AEA3D0B2-1A5C-4539-8B05-66625437BB25}C:\program files (x86)\icq7.5\icq.exe] => (Allow) C:\program files (x86)\icq7.5\icq.exe
FirewallRules: [{6B48C8EF-1ED8-482E-97F7-C434527B7426}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{878AA0CC-4F85-41C4-8171-9B05085CC185}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{D302C2C4-68C7-454A-9475-7D33F93231A0}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{6D6EA710-2C66-4168-9B7A-597FFD79EA23}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{A0B43508-6777-44C9-9104-EB4C1C0B3CC1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8C9EC6A5-9AE2-4388-B8A0-CD089C366A46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{70DFFF41-9BC0-4C75-A854-DB03F0FA05AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [{7AC75AC1-ACBA-4230-A079-66C2221AF28F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [TCP Query User{A20BC7AC-20F2-4F97-B80B-314877E8AF24}C:\program files (x86)\frostwire 5\frostwire.exe] => (Allow) C:\program files (x86)\frostwire 5\frostwire.exe
FirewallRules: [UDP Query User{4FC86D4D-2DF6-4679-B164-2B3F88016D2F}C:\program files (x86)\frostwire 5\frostwire.exe] => (Allow) C:\program files (x86)\frostwire 5\frostwire.exe
FirewallRules: [TCP Query User{4CE36B59-F2CD-48D4-ADEC-9EE6E0DE2DE7}C:\program files (x86)\steam\steamapps\common\daggerdale\binaries\win32\dndgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\daggerdale\binaries\win32\dndgame.exe
FirewallRules: [UDP Query User{7BD05742-18B2-4794-BFBC-5F222C6EB8FB}C:\program files (x86)\steam\steamapps\common\daggerdale\binaries\win32\dndgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\daggerdale\binaries\win32\dndgame.exe
FirewallRules: [{21A3AC0F-0503-4BA4-868B-000AD9505138}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{B56C3DEB-312F-4D46-AA07-7F4332AE8F00}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [TCP Query User{E5247DC3-DCA2-487A-AC4E-BC9F38BA9BDD}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{3BBD8028-159B-4A70-A157-B57092481B4F}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{941AE44D-D971-4EEC-B642-D5DC8CD712C6}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{D61925D2-D004-45D5-B6F8-9A868B7387E2}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{B21A6E5E-B89A-4605-A4EE-896C4810BED2}C:\program files (x86)\globalscape\cuteftp 7 home\ftpte.exe] => (Allow) C:\program files (x86)\globalscape\cuteftp 7 home\ftpte.exe
FirewallRules: [UDP Query User{92B47E10-BCAA-41EE-86A0-60AC2CCFA873}C:\program files (x86)\globalscape\cuteftp 7 home\ftpte.exe] => (Allow) C:\program files (x86)\globalscape\cuteftp 7 home\ftpte.exe
FirewallRules: [{FF677AFB-6331-448A-9F28-77B5CDF03544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
FirewallRules: [{97BBE184-6D01-4191-85E2-F46CF6FFF275}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeons and Dragons Online\TurbineInvoker.exe
FirewallRules: [TCP Query User{9E9012D9-DB82-4376-93E3-F4FDEB812494}C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe
FirewallRules: [UDP Query User{9F71A24A-10FA-4FD8-BAC2-CDDA317AD1FA}C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeons and dragons online\dndclient.exe
FirewallRules: [{88FD4E82-79D3-40D0-B966-770156012707}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{C235E0D7-FBF2-484B-A70F-CFA34988BEB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{6FA6C508-321F-4438-941E-84F89E9F4897}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{A0CEC01E-436F-423F-823B-035DC3989D7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{800F29D6-AED5-4170-922F-678BA2ED154B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{4F357173-080F-4AE1-8C37-88E76DD0D371}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E8759622-92E5-4B4F-8620-D9CFB079E569}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{2B4F873C-A7CF-4E6C-BF6A-507F0FD82313}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D7B553D2-00AF-42FC-AB0B-6B54CB1F68A4}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{0FE288DD-ABD6-4ED4-970B-5AF8E6E5C95E}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{91B85F6D-8399-4E52-AAE6-596495FEBC4A}] => (Allow) LPort=4481
FirewallRules: [{389D4AD8-5030-4D6F-B4BA-D755D7A38843}] => (Allow) LPort=4481
FirewallRules: [{0D7702CA-3A55-47D0-8BFF-8932A0D4C2BB}] => (Allow) LPort=4482
FirewallRules: [{AF735F34-5434-46C6-96CC-118BC7A9BBF6}] => (Allow) LPort=4482
FirewallRules: [{2D14A2E1-EADB-45AA-82A3-E1A426CC647A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{F8D57996-6BBA-40A1-8481-95B091CBFDA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C514B776-98D7-49A9-8EB4-CB6227A0B885}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F97A6D6C-7929-41E7-96BB-266742E7341A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{785F7D93-B700-46BA-879D-DDE1AD8BDA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{4BCC1E44-F01F-439D-A0A9-DA202EF1D38C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{992FB929-9109-4584-BE14-A59A1C14BE1A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{79A81D18-3817-4B0B-981E-06A2636CCB14}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{BFDB2E9D-9682-4519-AA84-1844F02BCAC0}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{B4E838BA-6926-434D-BE3B-03D0A1C01120}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4281B72F-DE17-4A19-9957-E2D551948EB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4CCD20BD-247F-4FCD-8617-8E37D2B2461D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1CCD6438-6719-47D5-9A29-A1EF3107B5BD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{46D8AD26-AA89-4771-AA72-D09333D1CE5F}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{D42FBE40-BD80-4CE0-9E1D-B0BC6808A52E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{7EEC8960-C4EE-4FAF-8769-3A0317B2F0CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B65A0CBD-8EBC-43E4-A9AD-3AAC93785759}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9659AC79-4EDF-4FE4-A509-01B57EB54ADF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{03721618-7BE1-4343-A893-36915174CD51}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{62F6600C-896F-413F-A7F3-B402DF26D5D4}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{19598B64-85A5-4C91-A0A3-9B73860143B1}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{8747C068-A2D9-46AD-930D-D6F44E2F0923}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{985FA5F9-E434-45D8-9C66-76B99BEB4CB8}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{23F51A70-47A5-4FA2-B09B-3CEBB807AEF2}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{533F3ED5-C0B9-40AA-BE33-D14B36834E9D}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2server.exe
FirewallRules: [{C7191923-12B0-4D92-98C7-CCD6B882D7FB}] => (Allow) C:\Program Files (x86)\Atari\Neverwinter Nights 2\nwn2server.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/23/2015 06:48:52 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (11/23/2015 04:14:57 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (11/17/2015 08:56:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mvraidsvc.exe, version: 3.1.0.1, time stamp: 0x4cedd314
Faulting module name: mvraidsvc.exe, version: 3.1.0.1, time stamp: 0x4cedd314
Exception code: 0x40000015
Fault offset: 0x0002caa8
Faulting process id: 0xb20
Faulting application start time: 0xmvraidsvc.exe0
Faulting application path: mvraidsvc.exe1
Faulting module path: mvraidsvc.exe2
Report Id: mvraidsvc.exe3

Error: (11/14/2015 01:44:34 PM) (Source: Windows Installer 3.1) (EventID: 4373) (User: )
Description: WindowsNot enough storage is available to process this command.

Error: (10/28/2015 09:50:54 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook experienced a serious problem with the 'icloud outlook add-in' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (10/26/2015 06:01:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2624

Start Time: 01d10dd1c51dfbce

Termination Time: 77

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (10/18/2015 02:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18015, time stamp: 0x55cec14a
Faulting module name: MSHTML.dll, version: 11.0.9600.18015, time stamp: 0x55ced693
Exception code: 0xc0000602
Fault offset: 0x00c778dd
Faulting process id: 0x1120
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/17/2015 10:00:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b74

Start Time: 01d108f88a979b12

Termination Time: 59

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (10/16/2015 08:51:39 PM) (Source: MsiInstaller) (EventID: 1024) (User: Gene-PC)
Description: Product: Adobe Reader XI (11.0.12) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011013}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/14/2015 06:26:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18015, time stamp: 0x55cec14a
Faulting module name: MSHTML.dll, version: 11.0.9600.18015, time stamp: 0x55ced693
Exception code: 0xc0000602
Fault offset: 0x00c778dd
Faulting process id: 0x33a4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (11/21/2015 02:28:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/21/2015 02:28:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.211.351.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/21/2015 02:28:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.211.351.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/21/2015 02:28:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.211.351.0

Update Source: %NT AUTHORITY59

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/21/2015 02:28:51 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/21/2015 00:27:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/21/2015 00:27:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/21/2015 00:27:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/21/2015 00:26:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (11/21/2015 00:26:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8168.86 MB
Available physical RAM: 5050.19 MB
Total Virtual: 16335.93 MB
Available Virtual: 13004.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1043.08 GB) (Free:627.02 GB) NTFS
Drive d: () (Fixed) (Total:76.32 GB) (Free:76.19 GB) NTFS
Drive f: (NWN2) (CDROM) (Total:5.8 GB) (Free:0 GB) UDF
Drive g: (WD EXT HD) (Fixed) (Total:465.76 GB) (Free:269.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 76.3 GB) (Disk ID: 0F100F0F)
Partition 1: (Active) - (Size=76.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1043.2 GB) (Disk ID: 7FF2F7AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1043.1 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 1525D564)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
#5 ·
Skywalker -

Good job running the scans, and I apologise for my delay in responding. I ended up having much less free time over thanksgiving as I had thought I would. If you have already resolved this issues, please let me know.

Regarding your scans, nothing is jumping out at me as obvious malware, but lets do some deeper digging. Please do the following:

AdwCleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished click on Report.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well (it could be another number besides [R1] such as [R0]).

AT THIS POINT, DO NOT ATTEMPT TO CLEAN ANYTHING THAT MAY BE FOUND

List Parts

Download ListParts64 to your Desktop.

  • Double click ListParts64.exe to launch the program.
  • Press the Scan button.
  • When finished scanning it will make a log Result.txt on your Desktop.
  • Please post me the contents of the log.

TDSSKiller - Rootkit Removal Tool

Please download TDSSKiller.exe and save it to your Desktop.
1. Double click on TDSSKiller.exe to launch it.
2. Click on Start Scan, the scan will run.
3. When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip DO NOT TRY TO FIX ANYTHING AT THIS POINT
4. Now click on Report to open the log file created by TDSSKiller in your root directory C:\
5. To find the log go to Start > Computer > C:
6. The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
7. Post the contents of that log in your next reply please.

Next Steps

1. AdwCleaner log
2. Listparts log
3. Tdsskiller log
 
#6 ·
Firefly-

Thank you for your time. I am still having issues.

Here's the AdwCleaner log file:

# AdwCleaner v5.022 - Logfile created 29/11/2015 at 18:35:04
# Updated 22/11/2015 by Xplode
# Database : 2015-11-29.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Gene - GENE-PC
# Running from : C:\Users\Gene\Desktop\adwcleaner_5.022.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Users\Gene\AppData\Roaming\Yahoo!\Companion

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : DoNotAskAgain

***** [ Web browsers ] *****

[C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Gene\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1593 bytes] ##########
 
#7 ·
Listparts log:

ListParts by Farbar Version: 31-07-2014
Ran by Gene (administrator) on 29-11-2015 at 18:41:30
Windows 7 (X64)
Running From: C:\Users\Gene\Desktop
Language: English (United States)
************************************************************

========================= Memory info ======================

Percentage of memory in use: 36%
Total physical RAM: 8168.86 MB
Available physical RAM: 5180.33 MB
Total Pagefile: 16335.93 MB
Available Pagefile: 13194.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:1043.08 GB) (Free:627.08 GB) NTFS
2 Drive d: () (Fixed) (Total:76.32 GB) (Free:76.19 GB) NTFS
4 Drive f: (NWN2) (CDROM) (Total:5.8 GB) (Free:0 GB) UDF
5 Drive g: (WD EXT HD) (Fixed) (Total:465.76 GB) (Free:269.28 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 76 GB 13 MB
Disk 1 Online 1043 GB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 Online 465 GB 1024 KB

Partitions of Disk 0:
===============

Disk ID: 0F100F0F

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 76 GB 31 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D NTFS Partition 76 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Disk ID: 7FF2F7AA

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 1043 GB 101 MB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 1043 GB Healthy Boot

======================================================================================================

Partitions of Disk 3:
===============

Disk ID: 1525D564

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 1024 KB

======================================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 G WD EXT HD NTFS Partition 465 GB Healthy

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 0F100F0F
Partition 1: (Active) - (Size=76 GB) - (Type=07 NTFS)

==============================
Partitions of Disk 1:
===============
Disk ID: 7FF2F7AA
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1043 GB) - (Type=07 NTFS)

==============================
Partitions of Disk 3:
===============
Disk ID: 1525D564
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)


****** End Of Log ******
 
#8 ·
Tdsskiller log: Part 1

18:44:07.0604 0x2118 TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
18:44:16.0855 0x2118 ============================================================
18:44:16.0855 0x2118 Current date / time: 2015/11/29 18:44:16.0855
18:44:16.0855 0x2118 SystemInfo:
18:44:16.0855 0x2118
18:44:16.0855 0x2118 OS Version: 6.1.7601 ServicePack: 1.0
18:44:16.0855 0x2118 Product type: Workstation
18:44:16.0855 0x2118 ComputerName: GENE-PC
18:44:16.0855 0x2118 UserName: Gene
18:44:16.0855 0x2118 Windows directory: C:\Windows
18:44:16.0855 0x2118 System windows directory: C:\Windows
18:44:16.0855 0x2118 Running under WOW64
18:44:16.0855 0x2118 Processor architecture: Intel x64
18:44:16.0855 0x2118 Number of processors: 8
18:44:16.0855 0x2118 Page size: 0x1000
18:44:16.0855 0x2118 Boot type: Normal boot
18:44:16.0855 0x2118 ============================================================
18:44:17.0776 0x2118 KLMD registered as C:\Windows\system32\drivers\67852634.sys
18:44:19.0398 0x2118 System UUID: {9D99BDE6-884E-43BE-54A3-2473D92E4660}
18:44:19.0929 0x2118 Drive \Device\Harddisk1\DR1 - Size: 0x104CB72C000 ( 1043.18 Gb ), SectorSize: 0x200, Cylinders: 0x213F2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
18:44:19.0929 0x2118 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 ( 76.34 Gb ), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:19.0929 0x2118 Drive \Device\Harddisk3\DR5 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:44:19.0929 0x2118 ============================================================
18:44:19.0929 0x2118 \Device\Harddisk1\DR1:
18:44:19.0929 0x2118 MBR partitions:
18:44:19.0929 0x2118 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:44:19.0929 0x2118 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x82628800
18:44:19.0929 0x2118 \Device\Harddisk0\DR0:
18:44:19.0929 0x2118 MBR partitions:
18:44:19.0929 0x2118 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98A40EC
18:44:19.0929 0x2118 \Device\Harddisk3\DR5:
18:44:19.0929 0x2118 MBR partitions:
18:44:19.0929 0x2118 \Device\Harddisk3\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
18:44:19.0929 0x2118 ============================================================
18:44:19.0929 0x2118 C: <-> \Device\Harddisk1\DR1\Partition2
18:44:19.0944 0x2118 D: <-> \Device\Harddisk0\DR0\Partition1
18:44:20.0256 0x2118 G: <-> \Device\Harddisk3\DR5\Partition1
18:44:20.0256 0x2118 ============================================================
18:44:20.0256 0x2118 Initialize success
18:44:20.0256 0x2118 ============================================================
18:44:45.0481 0x2358 ============================================================
18:44:45.0481 0x2358 Scan started
18:44:45.0481 0x2358 Mode: Manual;
18:44:45.0481 0x2358 ============================================================
18:44:45.0481 0x2358 KSN ping started
18:45:00.0021 0x2358 KSN ping finished: true
18:45:00.0457 0x2358 ================ Scan system memory ========================
18:45:00.0457 0x2358 System memory - ok
18:45:00.0457 0x2358 ================ Scan services =============================
18:45:00.0504 0x2358 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:45:00.0520 0x2358 1394ohci - ok
18:45:00.0535 0x2358 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:45:00.0551 0x2358 ACPI - ok
18:45:00.0551 0x2358 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:45:00.0551 0x2358 AcpiPmi - ok
18:45:00.0567 0x2358 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:45:00.0567 0x2358 AdobeARMservice - ok
18:45:00.0598 0x2358 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:45:00.0598 0x2358 AdobeFlashPlayerUpdateSvc - ok
18:45:00.0613 0x2358 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:45:00.0629 0x2358 adp94xx - ok
18:45:00.0629 0x2358 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:45:00.0645 0x2358 adpahci - ok
18:45:00.0645 0x2358 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:45:00.0645 0x2358 adpu320 - ok
18:45:00.0660 0x2358 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:45:00.0660 0x2358 AeLookupSvc - ok
18:45:00.0676 0x2358 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
18:45:00.0676 0x2358 AFD - ok
18:45:00.0691 0x2358 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:45:00.0691 0x2358 agp440 - ok
18:45:00.0691 0x2358 [ A41B855EDC1F141851E27F984827942C, 7BCB8C5962BED2C773CDD05BBA34F00502BB6844B9F5C83A173399CFFA8F8CDE ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
18:45:00.0691 0x2358 AiCharger - ok
18:45:00.0691 0x2358 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:45:00.0691 0x2358 ALG - ok
18:45:00.0707 0x2358 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:45:00.0707 0x2358 aliide - ok
18:45:00.0723 0x2358 [ 6BF0147A7A924E5A3AE049A95ECC9B34, 129F0E0FD165C66FEAAA9438F91001AD89AEF39CD655FE60973B7E97146A12C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:45:00.0738 0x2358 AMD External Events Utility - ok
18:45:00.0754 0x2358 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:45:00.0754 0x2358 amdide - ok
18:45:00.0754 0x2358 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:45:00.0754 0x2358 AmdK8 - ok
18:45:00.0769 0x2358 amdkmdag - ok
18:45:00.0785 0x2358 [ 50228D17A34A1E5CF93084A6AE70870B, BF8967C3178F4BC2DF2DDAF272C9598B6E53E6C312B7304D44AC66E3592C63D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:45:00.0801 0x2358 amdkmdap - ok
18:45:00.0801 0x2358 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:45:00.0801 0x2358 AmdPPM - ok
18:45:00.0816 0x2358 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:45:00.0832 0x2358 amdsata - ok
18:45:00.0832 0x2358 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:45:00.0832 0x2358 amdsbs - ok
18:45:00.0832 0x2358 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:45:00.0847 0x2358 amdxata - ok
18:45:00.0847 0x2358 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
18:45:00.0863 0x2358 AppID - ok
18:45:00.0863 0x2358 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:45:00.0879 0x2358 AppIDSvc - ok
18:45:00.0879 0x2358 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
18:45:00.0879 0x2358 Appinfo - ok
18:45:00.0894 0x2358 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:45:00.0894 0x2358 Apple Mobile Device Service - ok
18:45:00.0894 0x2358 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:45:00.0910 0x2358 arc - ok
18:45:00.0910 0x2358 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:45:00.0910 0x2358 arcsas - ok
18:45:00.0925 0x2358 [ FB03A917C1294D3E6D671F24722E1BA3, C4E2C236E5086F0A7D5E20E426EA7A86B4A38797610188C79151201AD27C0DF4 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
18:45:00.0941 0x2358 asComSvc - ok
18:45:00.0972 0x2358 [ A63173897EA1A73A75D0E65036DE5B15, 07A83172B525DFC895056612F542420F4DF3C6192624C5B3141C726501163912 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
18:45:00.0988 0x2358 asHmComSvc - ok
18:45:00.0988 0x2358 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
18:45:00.0988 0x2358 AsIO - ok
18:45:01.0066 0x2358 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:45:01.0066 0x2358 aspnet_state - ok
18:45:01.0097 0x2358 [ 5C31DFB196CB3A488A041881634D86D2, 419ABEED7FB7CEBBA264802D2F727D18F999CEDA566A0830C38A69AC1680F3EA ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
18:45:01.0097 0x2358 AsSysCtrlService - ok
18:45:01.0097 0x2358 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
18:45:01.0113 0x2358 AsUpIO - ok
18:45:01.0113 0x2358 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:45:01.0113 0x2358 AsyncMac - ok
18:45:01.0128 0x2358 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:45:01.0128 0x2358 atapi - ok
18:45:01.0128 0x2358 [ AAAE03F8EDA817EC28C5445193EA8BF3, 5A2ECB66936B87651202CAA7786D58DE6BFD8217B059C88775EB4B07BA2ADB89 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
18:45:01.0128 0x2358 AthBTPort - ok
18:45:01.0128 0x2358 [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
18:45:01.0128 0x2358 ATHDFU - ok
18:45:01.0144 0x2358 [ C34B28D6285EAD94B3A2FABA84E90DA5, 82E69CBDEB9B0D6A2056AE6227A21C4CDB3050B384D69FA879607F3363ABBFD1 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:45:01.0144 0x2358 AtherosSvc - ok
18:45:01.0159 0x2358 [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:45:01.0159 0x2358 AtiHDAudioService - ok
18:45:01.0175 0x2358 [ 26D973D6D9A0D133DFDA7D8C1ADC04B7, AD40E6D0F77C0E579FB87C5106BF6DE3D1A9F30EE2FBF8C9C011F377FA05F173 ] atillk64 C:\Users\Gene\Desktop\System update utilities\ATI Winflash\atillk64.sys
18:45:01.0175 0x2358 atillk64 - ok
18:45:01.0206 0x2358 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:45:01.0206 0x2358 AudioEndpointBuilder - ok
18:45:01.0222 0x2358 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:45:01.0237 0x2358 AudioSrv - ok
18:45:01.0253 0x2358 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:45:01.0253 0x2358 AxInstSV - ok
18:45:01.0269 0x2358 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:45:01.0269 0x2358 b06bdrv - ok
18:45:01.0284 0x2358 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:45:01.0284 0x2358 b57nd60a - ok
18:45:01.0284 0x2358 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:45:01.0300 0x2358 BDESVC - ok
18:45:01.0300 0x2358 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:45:01.0300 0x2358 Beep - ok
18:45:01.0315 0x2358 [ 3B5ECD24CCFB0CF721089233357866D9, DDDD06942ECA098B1934DBA539CD13C79B1D6E43C3C066FC0EC7A8D4057BEFF5 ] BellCanadaRcAppSvc C:\Program Files (x86)\Bell\Mobile Connect\RcAppSvc.exe
18:45:01.0315 0x2358 BellCanadaRcAppSvc - ok
18:45:01.0331 0x2358 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:45:01.0347 0x2358 BFE - ok
18:45:01.0362 0x2358 [ 945ADD5BFC277DE39923C37B4B7449EC, 771F8829F20CEB492CE928C090CBFE67648A6C2D9C5303FAF43855D73F41EC15 ] BitMeterCaptureService C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
18:45:01.0362 0x2358 BitMeterCaptureService - ok
18:45:01.0362 0x2358 [ F903E319334367D773CA182593FAEF97, 544889F5FD123EE1D55C83A984FD470B5A300E775D8443B95F9A95E3D37FF1DA ] BitMeterWebService C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
18:45:01.0378 0x2358 BitMeterWebService - ok
18:45:01.0409 0x2358 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:45:01.0425 0x2358 BITS - ok
18:45:01.0471 0x2358 [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
18:45:01.0471 0x2358 Blackberry Device Manager - ok
18:45:01.0487 0x2358 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:45:01.0487 0x2358 blbdrive - ok
18:45:01.0503 0x2358 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:45:01.0503 0x2358 Bonjour Service - ok
18:45:01.0518 0x2358 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:45:01.0518 0x2358 bowser - ok
18:45:01.0518 0x2358 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:45:01.0518 0x2358 BrFiltLo - ok
18:45:01.0518 0x2358 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:45:01.0518 0x2358 BrFiltUp - ok
18:45:01.0534 0x2358 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:45:01.0534 0x2358 Browser - ok
18:45:01.0549 0x2358 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:45:01.0549 0x2358 Brserid - ok
18:45:01.0549 0x2358 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:45:01.0549 0x2358 BrSerWdm - ok
18:45:01.0549 0x2358 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:45:01.0549 0x2358 BrUsbMdm - ok
18:45:01.0549 0x2358 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:45:01.0565 0x2358 BrUsbSer - ok
18:45:01.0565 0x2358 [ 3B1B573371B206D1D5F25E0EF5FCD6D6, 9CE8E687F7554FF4AD989015806D3A03A801647C88ECADF08F7404E49517680C ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
18:45:01.0565 0x2358 BTATH_A2DP - ok
18:45:01.0581 0x2358 [ 2D0446336D9DB55A742B999EC16ADF15, FBF57CBDCFE4146176ABBD7ACF04240048403143DD380E10AE63B10BA5D4F311 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
18:45:01.0581 0x2358 BTATH_BUS - ok
18:45:01.0581 0x2358 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD, 6534E599DDDF04A42E25581BB1CF4507B5F2E332FC74961C7F2CB8F672683C39 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:45:01.0581 0x2358 BTATH_HCRP - ok
18:45:01.0596 0x2358 [ FC0A8075DDF2E9C66267AEC91E0676F9, BAEBBA87DE72E996C9466FF15D9FD01DBD5D1A1097FC0FFB4819550830DEBCBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:45:01.0596 0x2358 BTATH_LWFLT - ok
18:45:01.0596 0x2358 [ 5EB4815CBDDBA4541F2380DAE6E269AB, DBBB0B1E5946BE5CA0C28F4175DE10613A3E5A89DCE0D6B9EDDF756B08CD274B ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
18:45:01.0596 0x2358 BTATH_RCP - ok
18:45:01.0612 0x2358 [ 0ECEDE7B33CFD9A52A61220ABBD09A50, 4E52C0A1626D26E882B0273204B1415D779E188F7AF7ABCEBF72EC6DAF9810F5 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
18:45:01.0612 0x2358 BtFilter - ok
18:45:01.0627 0x2358 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:45:01.0627 0x2358 BthEnum - ok
18:45:01.0627 0x2358 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:45:01.0627 0x2358 BTHMODEM - ok
18:45:01.0627 0x2358 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:45:01.0627 0x2358 BthPan - ok
18:45:01.0659 0x2358 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:45:01.0674 0x2358 BTHPORT - ok
18:45:01.0674 0x2358 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:45:01.0674 0x2358 bthserv - ok
18:45:01.0674 0x2358 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:45:01.0674 0x2358 BTHUSB - ok
18:45:01.0690 0x2358 [ 5D31265CCF6949654692B28A5BADB427, BA72A2B5DCB8149DB9928A5B3DFB43AAB53B44F54DC10FC4BA85EF896A07FDD8 ] CABellCanada C:\Program Files (x86)\Bell\Mobile Connect\ConAppsSvc.exe
18:45:01.0690 0x2358 CABellCanada - ok
18:45:01.0690 0x2358 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:45:01.0690 0x2358 cdfs - ok
18:45:01.0705 0x2358 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:45:01.0705 0x2358 cdrom - ok
18:45:01.0721 0x2358 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:45:01.0721 0x2358 CertPropSvc - ok
18:45:01.0721 0x2358 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:45:01.0721 0x2358 circlass - ok
18:45:01.0737 0x2358 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:45:01.0752 0x2358 CLFS - ok
18:45:01.0768 0x2358 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:45:01.0768 0x2358 clr_optimization_v2.0.50727_32 - ok
18:45:01.0783 0x2358 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:45:01.0783 0x2358 clr_optimization_v2.0.50727_64 - ok
18:45:01.0846 0x2358 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:45:01.0861 0x2358 clr_optimization_v4.0.30319_32 - ok
18:45:01.0877 0x2358 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:45:01.0877 0x2358 clr_optimization_v4.0.30319_64 - ok
18:45:01.0877 0x2358 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:45:01.0877 0x2358 CmBatt - ok
18:45:01.0893 0x2358 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:45:01.0893 0x2358 cmdide - ok
18:45:01.0924 0x2358 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
18:45:01.0939 0x2358 CNG - ok
18:45:01.0955 0x2358 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:45:01.0955 0x2358 Compbatt - ok
18:45:01.0971 0x2358 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:45:01.0971 0x2358 CompositeBus - ok
18:45:01.0971 0x2358 COMSysApp - ok
18:45:01.0971 0x2358 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:45:01.0971 0x2358 crcdisk - ok
18:45:01.0986 0x2358 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:45:01.0986 0x2358 CryptSvc - ok
18:45:01.0986 0x2358 cwrhlgoj - ok
18:45:02.0002 0x2358 DAUpdaterSvc - ok
18:45:02.0017 0x2358 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:45:02.0033 0x2358 DcomLaunch - ok
18:45:02.0033 0x2358 [ 79DF2501A76ECE7F6E367E73E5D42D05, 67D7B30A1E6034956D6E95B23ED972F858FC913D6B12AEF5EEBEC9BD0F7CCCFC ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
18:45:02.0049 0x2358 DCService.exe - ok
18:45:02.0049 0x2358 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:45:02.0064 0x2358 defragsvc - ok
18:45:02.0080 0x2358 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:45:02.0080 0x2358 DfsC - ok
18:45:02.0080 0x2358 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:45:02.0095 0x2358 Dhcp - ok
18:45:02.0142 0x2358 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
18:45:02.0173 0x2358 DiagTrack - ok
18:45:02.0173 0x2358 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:45:02.0173 0x2358 discache - ok
18:45:02.0173 0x2358 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:45:02.0189 0x2358 Disk - ok
18:45:02.0189 0x2358 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:45:02.0189 0x2358 Dnscache - ok
18:45:02.0205 0x2358 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:45:02.0205 0x2358 dot3svc - ok
18:45:02.0220 0x2358 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:45:02.0220 0x2358 Dot4 - ok
18:45:02.0236 0x2358 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:45:02.0236 0x2358 Dot4Print - ok
18:45:02.0236 0x2358 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:45:02.0236 0x2358 dot4usb - ok
18:45:02.0251 0x2358 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:45:02.0251 0x2358 DPS - ok
18:45:02.0251 0x2358 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:45:02.0251 0x2358 drmkaud - ok
18:45:02.0283 0x2358 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:45:02.0314 0x2358 DXGKrnl - ok
18:45:02.0314 0x2358 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
18:45:02.0329 0x2358 e1cexpress - ok
18:45:02.0329 0x2358 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:45:02.0329 0x2358 EapHost - ok
18:45:02.0407 0x2358 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:45:02.0454 0x2358 ebdrv - ok
18:45:02.0470 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
18:45:02.0470 0x2358 EFS - ok
18:45:02.0485 0x2358 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:45:02.0501 0x2358 ehRecvr - ok
18:45:02.0501 0x2358 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:45:02.0517 0x2358 ehSched - ok
18:45:02.0517 0x2358 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:45:02.0532 0x2358 elxstor - ok
18:45:02.0532 0x2358 emqjyzsf - ok
18:45:02.0532 0x2358 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:45:02.0532 0x2358 ErrDev - ok
18:45:02.0548 0x2358 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:45:02.0563 0x2358 EventSystem - ok
18:45:02.0563 0x2358 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:45:02.0563 0x2358 exfat - ok
18:45:02.0579 0x2358 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:45:02.0579 0x2358 fastfat - ok
18:45:02.0595 0x2358 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:45:02.0610 0x2358 Fax - ok
18:45:02.0610 0x2358 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:45:02.0610 0x2358 fdc - ok
18:45:02.0610 0x2358 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:45:02.0610 0x2358 fdPHost - ok
18:45:02.0610 0x2358 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:45:02.0610 0x2358 FDResPub - ok
18:45:02.0610 0x2358 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:45:02.0626 0x2358 FileInfo - ok
18:45:02.0626 0x2358 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:45:02.0626 0x2358 Filetrace - ok
18:45:02.0626 0x2358 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:45:02.0626 0x2358 flpydisk - ok
18:45:02.0626 0x2358 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:45:02.0641 0x2358 FltMgr - ok
18:45:02.0657 0x2358 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
18:45:02.0688 0x2358 FontCache - ok
18:45:02.0688 0x2358 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:45:02.0688 0x2358 FontCache3.0.0.0 - ok
18:45:02.0688 0x2358 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:45:02.0688 0x2358 FsDepends - ok
18:45:02.0704 0x2358 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:45:02.0704 0x2358 Fs_Rec - ok
18:45:02.0719 0x2358 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:45:02.0735 0x2358 fvevol - ok
18:45:02.0735 0x2358 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:45:02.0735 0x2358 gagp30kx - ok
18:45:02.0751 0x2358 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:45:02.0751 0x2358 GEARAspiWDM - ok
18:45:02.0766 0x2358 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:45:02.0782 0x2358 gpsvc - ok
18:45:02.0813 0x2358 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:45:02.0813 0x2358 gupdate - ok
18:45:02.0813 0x2358 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:45:02.0813 0x2358 gupdatem - ok
18:45:02.0813 0x2358 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:45:02.0813 0x2358 hcw85cir - ok
18:45:02.0829 0x2358 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:45:02.0829 0x2358 HdAudAddService - ok
18:45:02.0844 0x2358 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:45:02.0844 0x2358 HDAudBus - ok
18:45:02.0844 0x2358 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:45:02.0844 0x2358 HidBatt - ok
18:45:02.0844 0x2358 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:45:02.0860 0x2358 HidBth - ok
18:45:02.0860 0x2358 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:45:02.0860 0x2358 HidIr - ok
18:45:02.0860 0x2358 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:45:02.0860 0x2358 hidserv - ok
18:45:02.0860 0x2358 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:45:02.0860 0x2358 HidUsb - ok
18:45:02.0875 0x2358 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:45:02.0875 0x2358 hkmsvc - ok
18:45:02.0875 0x2358 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:45:02.0891 0x2358 HomeGroupListener - ok
18:45:02.0891 0x2358 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:45:02.0891 0x2358 HomeGroupProvider - ok
18:45:02.0938 0x2358 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:45:02.0938 0x2358 hpqcxs08 - ok
18:45:02.0953 0x2358 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:45:02.0953 0x2358 hpqddsvc - ok
18:45:02.0953 0x2358 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:45:02.0953 0x2358 HpSAMD - ok
18:45:02.0969 0x2358 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:45:02.0985 0x2358 HTTP - ok
18:45:02.0985 0x2358 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:45:02.0985 0x2358 hwpolicy - ok
18:45:03.0000 0x2358 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:45:03.0000 0x2358 i8042prt - ok
18:45:03.0000 0x2358 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:45:03.0016 0x2358 iaStor - ok
18:45:03.0016 0x2358 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:45:03.0016 0x2358 IAStorDataMgrSvc - ok
18:45:03.0031 0x2358 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:45:03.0031 0x2358 iaStorV - ok
18:45:03.0031 0x2358 [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
18:45:03.0047 0x2358 ICCWDT - ok
18:45:03.0078 0x2358 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:45:03.0094 0x2358 idsvc - ok
18:45:03.0094 0x2358 IEEtwCollectorService - ok
18:45:03.0094 0x2358 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:45:03.0094 0x2358 iirsp - ok
18:45:03.0172 0x2358 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:45:03.0187 0x2358 IKEEXT - ok
18:45:03.0250 0x2358 [ DAB7318CCFA8081200D5B7B486793F74, 1D0833352D125D7C46F51401C8DE66DB92E3104003917BAEFE4A21218531C330 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:45:03.0297 0x2358 IntcAzAudAddService - ok
18:45:03.0312 0x2358 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:45:03.0312 0x2358 intelide - ok
18:45:03.0312 0x2358 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:45:03.0312 0x2358 intelppm - ok
18:45:03.0328 0x2358 [ 068EC06F3B6DD7B81B365D8FD2CE27E6, EDAD8F5B3F929C7C6200F38B862B2A03F310ADB55A04007DB6FF5F4F698547A4 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
18:45:03.0328 0x2358 Intel® PROSet Monitoring Service - ok
18:45:03.0328 0x2358 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:45:03.0328 0x2358 IPBusEnum - ok
18:45:03.0343 0x2358 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:45:03.0343 0x2358 IpFilterDriver - ok
18:45:03.0359 0x2358 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:45:03.0375 0x2358 iphlpsvc - ok
18:45:03.0375 0x2358 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:45:03.0375 0x2358 IPMIDRV - ok
18:45:03.0375 0x2358 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:45:03.0390 0x2358 IPNAT - ok
18:45:03.0406 0x2358 [ 4331CE358AD3E7587B2170100EBA43BD, A291707CA48C42E9B29F9E7D54AF88A58FE734DE4E87AF1ABF013877E6012558 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:45:03.0406 0x2358 iPod Service - ok
18:45:03.0406 0x2358 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:45:03.0421 0x2358 IRENUM - ok
18:45:03.0421 0x2358 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:45:03.0421 0x2358 isapnp - ok
18:45:03.0453 0x2358 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:45:03.0453 0x2358 iScsiPrt - ok
18:45:03.0453 0x2358 jjcnzhcm - ok
18:45:03.0453 0x2358 jlhkulsx - ok
18:45:03.0453 0x2358 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:45:03.0468 0x2358 kbdclass - ok
18:45:03.0468 0x2358 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:45:03.0468 0x2358 kbdhid - ok
18:45:03.0468 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
18:45:03.0468 0x2358 KeyIso - ok
18:45:03.0468 0x2358 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:45:03.0484 0x2358 KSecDD - ok
18:45:03.0484 0x2358 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:45:03.0484 0x2358 KSecPkg - ok
18:45:03.0484 0x2358 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:45:03.0484 0x2358 ksthunk - ok
18:45:03.0499 0x2358 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:45:03.0499 0x2358 KtmRm - ok
18:45:03.0515 0x2358 kxemfrnw - ok
18:45:03.0515 0x2358 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:45:03.0515 0x2358 LanmanServer - ok
18:45:03.0531 0x2358 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:45:03.0531 0x2358 LanmanWorkstation - ok
18:45:03.0546 0x2358 [ ACEC35F181075B20A5EF4A71958B13DF, E7C471C08241CE1941B2B5CF6C8726AA07DC972846F80E2DF5A11FA515003A33 ] libusb0 C:\Windows\system32\drivers\libusb0.sys
18:45:03.0546 0x2358 libusb0 - ok
18:45:03.0546 0x2358 [ 71C6A95A5F0CCC87298C4DD0F2C3635A, F8C9DE947A9650F1000EEF783942610FB38F06F4F453E2C7E1383611FDF96F23 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:45:03.0546 0x2358 LightScribeService - ok
18:45:03.0562 0x2358 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:45:03.0562 0x2358 lltdio - ok
18:45:03.0562 0x2358 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:45:03.0577 0x2358 lltdsvc - ok
18:45:03.0577 0x2358 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:45:03.0577 0x2358 lmhosts - ok
18:45:03.0577 0x2358 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:45:03.0593 0x2358 LSI_FC - ok
18:45:03.0593 0x2358 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:45:03.0593 0x2358 LSI_SAS - ok
18:45:03.0593 0x2358 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:45:03.0593 0x2358 LSI_SAS2 - ok
18:45:03.0609 0x2358 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:45:03.0609 0x2358 LSI_SCSI - ok
18:45:03.0609 0x2358 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:45:03.0609 0x2358 luafv - ok
18:45:03.0624 0x2358 [ 63FCDCD7E95BD71D0EF201671090DF31, 546189E2C22101963206987BA0B3420202274B956D5E1E4545BF495CF680B826 ] Marvell Storage Management C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
18:45:03.0624 0x2358 Marvell Storage Management - ok
18:45:03.0640 0x2358 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:45:03.0640 0x2358 MBAMProtector - ok
18:45:03.0687 0x2358 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:45:03.0702 0x2358 MBAMService - ok
18:45:03.0718 0x2358 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:45:03.0718 0x2358 MBAMWebAccessControl - ok
18:45:03.0718 0x2358 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:45:03.0718 0x2358 Mcx2Svc - ok
18:45:03.0718 0x2358 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:45:03.0733 0x2358 megasas - ok
18:45:03.0733 0x2358 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:45:03.0733 0x2358 MegaSR - ok
18:45:03.0749 0x2358 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:45:03.0749 0x2358 MEIx64 - ok
18:45:03.0765 0x2358 Microsoft SharePoint Workspace Audit Service - ok
18:45:03.0765 0x2358 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:45:03.0765 0x2358 MMCSS - ok
18:45:03.0765 0x2358 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:45:03.0780 0x2358 Modem - ok
18:45:03.0780 0x2358 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:45:03.0780 0x2358 monitor - ok
18:45:03.0780 0x2358 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:45:03.0780 0x2358 mouclass - ok
18:45:03.0780 0x2358 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:45:03.0780 0x2358 mouhid - ok
18:45:03.0796 0x2358 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:45:03.0796 0x2358 mountmgr - ok
18:45:03.0811 0x2358 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:45:03.0811 0x2358 MpFilter - ok
18:45:03.0811 0x2358 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:45:03.0827 0x2358 mpio - ok
18:45:03.0827 0x2358 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:45:03.0827 0x2358 mpsdrv - ok
18:45:03.0843 0x2358 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:45:03.0858 0x2358 MpsSvc - ok
18:45:03.0905 0x2358 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:45:03.0905 0x2358 MRxDAV - ok
18:45:03.0921 0x2358 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:45:03.0936 0x2358 mrxsmb - ok
18:45:03.0967 0x2358 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:45:03.0983 0x2358 mrxsmb10 - ok
18:45:03.0999 0x2358 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:45:04.0014 0x2358 mrxsmb20 - ok
18:45:04.0030 0x2358 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:45:04.0030 0x2358 msahci - ok
18:45:04.0045 0x2358 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:45:04.0045 0x2358 msdsm - ok
18:45:04.0045 0x2358 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:45:04.0061 0x2358 MSDTC - ok
18:45:04.0061 0x2358 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:45:04.0061 0x2358 Msfs - ok
18:45:04.0061 0x2358 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:45:04.0061 0x2358 mshidkmdf - ok
18:45:04.0061 0x2358 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:45:04.0077 0x2358 msisadrv - ok
18:45:04.0077 0x2358 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:45:04.0077 0x2358 MSiSCSI - ok
 
#9 ·
Tdsskiller log: Part 2

18:45:04.0077 0x2358 msiserver - ok
18:45:04.0077 0x2358 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:45:04.0077 0x2358 MSKSSRV - ok
18:45:04.0108 0x2358 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:45:04.0108 0x2358 MsMpSvc - ok
18:45:04.0139 0x2358 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:45:04.0139 0x2358 MSPCLOCK - ok
18:45:04.0155 0x2358 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:45:04.0155 0x2358 MSPQM - ok
18:45:04.0170 0x2358 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:45:04.0186 0x2358 MsRPC - ok
18:45:04.0217 0x2358 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:45:04.0217 0x2358 mssmbios - ok
18:45:04.0217 0x2358 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:45:04.0217 0x2358 MSTEE - ok
18:45:04.0217 0x2358 [ 5334D3450B55FC929D50143F530597F0, A0A8CE97BA5CEA8BC9CEC3DC4A590C1D0ED5787CD8F798659238BC0F5B59CBEA ] MSUWebService C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
18:45:04.0217 0x2358 MSUWebService - ok
18:45:04.0233 0x2358 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:45:04.0233 0x2358 MTConfig - ok
18:45:04.0233 0x2358 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:45:04.0233 0x2358 Mup - ok
18:45:04.0248 0x2358 [ E53D9AB63917338D7FFE12E85310A636, 92BC83F8FC67D332A10B98361D0D1C4E7D324F15740A48E6DE1B8FACE957A818 ] mv91cons C:\Windows\system32\DRIVERS\mv91cons.sys
18:45:04.0248 0x2358 mv91cons - ok
18:45:04.0248 0x2358 [ 38B4C95E821528FB91DF16A78E04450F, 8ADDF63088293923B497E1AFF86C189669B973F43153FEE2370EA32860D71AD7 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
18:45:04.0248 0x2358 mv91xx - ok
18:45:04.0264 0x2358 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:45:04.0279 0x2358 napagent - ok
18:45:04.0295 0x2358 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:45:04.0295 0x2358 NativeWifiP - ok
18:45:04.0342 0x2358 [ 7F79DA9E719D0774BDBC3622ABD3AFD9, BA45D9D5C983D85999BF18C6D7F985A8D2E2CA5B2A86FF2B8B0928565E789D61 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:45:04.0357 0x2358 NAUpdate - ok
18:45:04.0389 0x2358 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:45:04.0404 0x2358 NDIS - ok
18:45:04.0404 0x2358 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:45:04.0404 0x2358 NdisCap - ok
18:45:04.0404 0x2358 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:45:04.0404 0x2358 NdisTapi - ok
18:45:04.0404 0x2358 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:45:04.0420 0x2358 Ndisuio - ok
18:45:04.0420 0x2358 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:45:04.0420 0x2358 NdisWan - ok
18:45:04.0420 0x2358 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:45:04.0420 0x2358 NDProxy - ok
18:45:04.0435 0x2358 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:45:04.0435 0x2358 Net Driver HPZ12 - ok
18:45:04.0435 0x2358 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
18:45:04.0435 0x2358 Netaapl - ok
18:45:04.0435 0x2358 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:45:04.0435 0x2358 NetBIOS - ok
18:45:04.0451 0x2358 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:45:04.0451 0x2358 NetBT - ok
18:45:04.0451 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
18:45:04.0451 0x2358 Netlogon - ok
18:45:04.0467 0x2358 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:45:04.0467 0x2358 Netman - ok
18:45:04.0498 0x2358 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:45:04.0498 0x2358 NetMsmqActivator - ok
18:45:04.0498 0x2358 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:45:04.0498 0x2358 NetPipeActivator - ok
18:45:04.0513 0x2358 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:45:04.0529 0x2358 netprofm - ok
18:45:04.0529 0x2358 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:45:04.0529 0x2358 NetTcpActivator - ok
18:45:04.0529 0x2358 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:45:04.0529 0x2358 NetTcpPortSharing - ok
18:45:04.0529 0x2358 nfjvzqru - ok
18:45:04.0545 0x2358 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:45:04.0545 0x2358 nfrd960 - ok
18:45:04.0545 0x2358 nifwxiqi - ok
18:45:04.0560 0x2358 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:45:04.0560 0x2358 NisDrv - ok
18:45:04.0576 0x2358 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:45:04.0591 0x2358 NisSrv - ok
18:45:04.0607 0x2358 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:45:04.0623 0x2358 NlaSvc - ok
18:45:04.0623 0x2358 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:45:04.0623 0x2358 Npfs - ok
18:45:04.0623 0x2358 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:45:04.0623 0x2358 nsi - ok
18:45:04.0623 0x2358 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:45:04.0623 0x2358 nsiproxy - ok
18:45:04.0716 0x2358 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:45:04.0747 0x2358 Ntfs - ok
18:45:04.0763 0x2358 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:45:04.0763 0x2358 Null - ok
18:45:04.0763 0x2358 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
18:45:04.0763 0x2358 nusb3hub - ok
18:45:04.0779 0x2358 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:45:04.0779 0x2358 nusb3xhc - ok
18:45:04.0794 0x2358 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:45:04.0794 0x2358 nvraid - ok
18:45:04.0810 0x2358 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:45:04.0810 0x2358 nvstor - ok
18:45:04.0825 0x2358 [ 500AB4924177067A4BB88CEE24F23B65, E1E8ADFDE90391C9D8D3920BB1BB8079E104B9F0122EA174EDFDE44D9BD76074 ] NvtlService C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
18:45:04.0825 0x2358 NvtlService - ok
18:45:04.0825 0x2358 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:45:04.0841 0x2358 nv_agp - ok
18:45:04.0857 0x2358 [ FAE56D9727B52BAE51F617F9F6C20D8E, 703858EF41F66134D194C1F8987780C017E41D950D9A67D1EA75A30C6480C91A ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
18:45:04.0857 0x2358 NWADI - ok
18:45:04.0872 0x2358 [ CFD6C86499DDCFA795A5F312102D05AA, 0A98F62A85D6DA44D04B42F04548E71F9A8BC4A7A328857B5CFE6DC4E650FCB7 ] NWHelper C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe
18:45:04.0888 0x2358 NWHelper - ok
18:45:04.0903 0x2358 [ 0631CC081D315953A4F8DC5699017218, 02B352109A43880E91B1BFD97ED855F7CC2D22BBA73E4584D5474DFF425EABBE ] NWRmNet C:\Windows\system32\DRIVERS\NWRmNet.sys
18:45:04.0919 0x2358 NWRmNet - ok
18:45:04.0919 0x2358 [ A66E23D2684AF82930486749584491E3, 7065C311B70EB5672D61FCC6347F9A9D4C70304F03ED0644C22F64C61063B0D7 ] NWUSBModem_000 C:\Windows\system32\DRIVERS\nwusbmdm_000.sys
18:45:04.0935 0x2358 NWUSBModem_000 - ok
18:45:04.0935 0x2358 [ A66E23D2684AF82930486749584491E3, 7065C311B70EB5672D61FCC6347F9A9D4C70304F03ED0644C22F64C61063B0D7 ] NWUSBPort2_000 C:\Windows\system32\DRIVERS\nwusbser2_000.sys
18:45:04.0950 0x2358 NWUSBPort2_000 - ok
18:45:04.0950 0x2358 [ A66E23D2684AF82930486749584491E3, 7065C311B70EB5672D61FCC6347F9A9D4C70304F03ED0644C22F64C61063B0D7 ] NWUSBPort_000 C:\Windows\system32\DRIVERS\nwusbser_000.sys
18:45:04.0950 0x2358 NWUSBPort_000 - ok
18:45:04.0966 0x2358 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:45:04.0966 0x2358 ohci1394 - ok
18:45:05.0044 0x2358 [ 4F9FFCF12B6ED0B4DAC95427772C226E, 4A79AEC410ED1034366FAC1388FB29381EE6541AA17E3652BE86265D09541C56 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:45:05.0106 0x2358 Origin Client Service - ok
18:45:05.0137 0x2358 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:45:05.0137 0x2358 ose - ok
18:45:05.0387 0x2358 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:45:05.0465 0x2358 osppsvc - ok
18:45:05.0481 0x2358 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:45:05.0481 0x2358 p2pimsvc - ok
18:45:05.0496 0x2358 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:45:05.0512 0x2358 p2psvc - ok
18:45:05.0512 0x2358 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:45:05.0512 0x2358 Parport - ok
18:45:05.0527 0x2358 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:45:05.0527 0x2358 partmgr - ok
18:45:05.0543 0x2358 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:45:05.0559 0x2358 PcaSvc - ok
18:45:05.0559 0x2358 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:45:05.0559 0x2358 pci - ok
18:45:05.0574 0x2358 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:45:05.0574 0x2358 pciide - ok
18:45:05.0574 0x2358 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:45:05.0590 0x2358 pcmcia - ok
18:45:05.0590 0x2358 [ B5D3C24E4EA8E6D4850E83DAD8C510D4, 50EA8D658CF56022712D9E07DFA6E775B9A781B3A6B765E63C1731C59EABF677 ] PCTINDIS5X64 C:\Windows\system32\PCTINDIS5X64.SYS
18:45:05.0590 0x2358 PCTINDIS5X64 - ok
18:45:05.0590 0x2358 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:45:05.0590 0x2358 pcw - ok
18:45:05.0621 0x2358 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:45:05.0637 0x2358 PEAUTH - ok
18:45:05.0637 0x2358 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:45:05.0652 0x2358 PerfHost - ok
18:45:05.0683 0x2358 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:45:05.0699 0x2358 pla - ok
18:45:05.0715 0x2358 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:45:05.0730 0x2358 PlugPlay - ok
18:45:05.0730 0x2358 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:45:05.0730 0x2358 Pml Driver HPZ12 - ok
18:45:05.0730 0x2358 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:45:05.0730 0x2358 PNRPAutoReg - ok
18:45:05.0746 0x2358 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:45:05.0746 0x2358 PNRPsvc - ok
18:45:05.0761 0x2358 [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
18:45:05.0777 0x2358 Point64 - ok
18:45:05.0777 0x2358 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:45:05.0793 0x2358 PolicyAgent - ok
18:45:05.0793 0x2358 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:45:05.0808 0x2358 Power - ok
18:45:05.0808 0x2358 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:45:05.0808 0x2358 PptpMiniport - ok
18:45:05.0808 0x2358 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:45:05.0824 0x2358 Processor - ok
18:45:05.0824 0x2358 [ FFCF0C39226970A41791F8AC40A2E634, DEA6C9AF976A1B8839A9BCCA678F05B7B01B073130A0EA41B56758985043FC56 ] ProfileImpSvc C:\Program Files (x86)\Bell\Mobile Connect\ProfileImpSvc.exe
18:45:05.0824 0x2358 ProfileImpSvc - ok
18:45:05.0824 0x2358 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:45:05.0839 0x2358 ProfSvc - ok
18:45:05.0839 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:45:05.0839 0x2358 ProtectedStorage - ok
18:45:05.0839 0x2358 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:45:05.0839 0x2358 Psched - ok
18:45:05.0855 0x2358 pxupjgne - ok
18:45:05.0886 0x2358 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:45:05.0902 0x2358 ql2300 - ok
18:45:05.0917 0x2358 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:45:05.0917 0x2358 ql40xx - ok
18:45:05.0917 0x2358 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:45:05.0933 0x2358 QWAVE - ok
18:45:05.0933 0x2358 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:45:05.0933 0x2358 QWAVEdrv - ok
18:45:05.0933 0x2358 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:45:05.0933 0x2358 RasAcd - ok
18:45:05.0949 0x2358 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:45:05.0949 0x2358 RasAgileVpn - ok
18:45:05.0949 0x2358 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:45:05.0949 0x2358 RasAuto - ok
18:45:05.0949 0x2358 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:45:05.0949 0x2358 Rasl2tp - ok
18:45:05.0964 0x2358 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:45:05.0964 0x2358 RasMan - ok
18:45:05.0980 0x2358 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:45:05.0980 0x2358 RasPppoe - ok
18:45:05.0980 0x2358 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:45:05.0980 0x2358 RasSstp - ok
18:45:05.0995 0x2358 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:45:05.0995 0x2358 rdbss - ok
18:45:05.0995 0x2358 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:45:06.0011 0x2358 rdpbus - ok
18:45:06.0011 0x2358 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:45:06.0011 0x2358 RDPCDD - ok
18:45:06.0011 0x2358 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:45:06.0011 0x2358 RDPENCDD - ok
18:45:06.0011 0x2358 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:45:06.0011 0x2358 RDPREFMP - ok
18:45:06.0042 0x2358 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:45:06.0042 0x2358 RdpVideoMiniport - ok
18:45:06.0073 0x2358 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:45:06.0089 0x2358 RDPWD - ok
18:45:06.0089 0x2358 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:45:06.0105 0x2358 rdyboost - ok
18:45:06.0105 0x2358 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:45:06.0105 0x2358 RemoteAccess - ok
18:45:06.0120 0x2358 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:45:06.0120 0x2358 RemoteRegistry - ok
18:45:06.0120 0x2358 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:45:06.0136 0x2358 RFCOMM - ok
18:45:06.0136 0x2358 [ 6D850FAD4CC9498D1F382B77BA4035CC, 689B8D90BFA404F2ABEF3F7CD098382DAA81A4CF6BF3784C9CC24DAF33F10660 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:45:06.0136 0x2358 RimUsb - ok
18:45:06.0151 0x2358 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:45:06.0151 0x2358 RimVSerPort - ok
18:45:06.0151 0x2358 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
18:45:06.0151 0x2358 ROOTMODEM - ok
18:45:06.0167 0x2358 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:45:06.0167 0x2358 RpcEptMapper - ok
18:45:06.0167 0x2358 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:45:06.0167 0x2358 RpcLocator - ok
18:45:06.0183 0x2358 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:45:06.0214 0x2358 RpcSs - ok
18:45:06.0214 0x2358 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:45:06.0214 0x2358 rspndr - ok
18:45:06.0261 0x2358 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:45:06.0261 0x2358 RTL8167 - ok
18:45:06.0276 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
18:45:06.0276 0x2358 SamSs - ok
18:45:06.0276 0x2358 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:45:06.0276 0x2358 sbp2port - ok
18:45:06.0276 0x2358 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:45:06.0292 0x2358 SCardSvr - ok
18:45:06.0292 0x2358 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:45:06.0292 0x2358 scfilter - ok
18:45:06.0323 0x2358 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
18:45:06.0339 0x2358 Schedule - ok
18:45:06.0339 0x2358 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:45:06.0339 0x2358 SCPolicySvc - ok
18:45:06.0354 0x2358 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:45:06.0354 0x2358 SDRSVC - ok
18:45:06.0354 0x2358 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:45:06.0354 0x2358 secdrv - ok
18:45:06.0354 0x2358 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:45:06.0370 0x2358 seclogon - ok
18:45:06.0370 0x2358 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:45:06.0370 0x2358 SENS - ok
18:45:06.0370 0x2358 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:45:06.0370 0x2358 SensrSvc - ok
18:45:06.0370 0x2358 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:45:06.0385 0x2358 Serenum - ok
18:45:06.0385 0x2358 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:45:06.0385 0x2358 Serial - ok
18:45:06.0385 0x2358 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:45:06.0385 0x2358 sermouse - ok
18:45:06.0401 0x2358 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:45:06.0401 0x2358 SessionEnv - ok
18:45:06.0401 0x2358 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:45:06.0401 0x2358 sffdisk - ok
18:45:06.0417 0x2358 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:45:06.0417 0x2358 sffp_mmc - ok
18:45:06.0417 0x2358 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:45:06.0417 0x2358 sffp_sd - ok
18:45:06.0417 0x2358 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:45:06.0417 0x2358 sfloppy - ok
18:45:06.0432 0x2358 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:45:06.0432 0x2358 SharedAccess - ok
18:45:06.0448 0x2358 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:45:06.0448 0x2358 ShellHWDetection - ok
18:45:06.0448 0x2358 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:45:06.0463 0x2358 SiSRaid2 - ok
18:45:06.0463 0x2358 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:45:06.0463 0x2358 SiSRaid4 - ok
18:45:06.0463 0x2358 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:45:06.0463 0x2358 Smb - ok
18:45:06.0479 0x2358 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:45:06.0479 0x2358 SNMPTRAP - ok
18:45:06.0479 0x2358 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:45:06.0479 0x2358 spldr - ok
18:45:06.0495 0x2358 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:45:06.0510 0x2358 Spooler - ok
18:45:06.0588 0x2358 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:45:06.0651 0x2358 sppsvc - ok
18:45:06.0651 0x2358 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:45:06.0651 0x2358 sppuinotify - ok
18:45:06.0697 0x2358 [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\system32\Drivers\sptd.sys
18:45:06.0697 0x2358 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
18:45:06.0697 0x2358 sptd - detected LockedFile.Multi.Generic ( 1 )
18:45:09.0349 0x2358 Detect skipped due to KSN trusted
18:45:09.0349 0x2358 sptd - ok
18:45:09.0396 0x2358 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:45:09.0412 0x2358 srv - ok
18:45:09.0412 0x2358 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:45:09.0427 0x2358 srv2 - ok
18:45:09.0427 0x2358 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:45:09.0443 0x2358 srvnet - ok
18:45:09.0490 0x2358 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:45:09.0490 0x2358 SSDPSRV - ok
18:45:09.0505 0x2358 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:45:09.0505 0x2358 SstpSvc - ok
18:45:09.0537 0x2358 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:45:09.0771 0x2358 Steam Client Service - ok
18:45:09.0771 0x2358 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:45:09.0771 0x2358 stexstor - ok
18:45:09.0786 0x2358 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:45:09.0802 0x2358 stisvc - ok
18:45:09.0802 0x2358 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:45:09.0802 0x2358 swenum - ok
18:45:09.0817 0x2358 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:45:09.0833 0x2358 swprv - ok
18:45:09.0880 0x2358 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:45:09.0911 0x2358 SysMain - ok
18:45:09.0911 0x2358 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:45:09.0927 0x2358 TabletInputService - ok
18:45:09.0927 0x2358 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:45:09.0942 0x2358 TapiSrv - ok
18:45:09.0942 0x2358 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:45:09.0942 0x2358 TBS - ok
18:45:09.0989 0x2358 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:45:10.0036 0x2358 Tcpip - ok
18:45:10.0067 0x2358 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:45:10.0098 0x2358 TCPIP6 - ok
18:45:10.0129 0x2358 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:45:10.0129 0x2358 tcpipreg - ok
18:45:10.0129 0x2358 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:45:10.0129 0x2358 TDPIPE - ok
18:45:10.0129 0x2358 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:45:10.0129 0x2358 TDTCP - ok
18:45:10.0145 0x2358 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:45:10.0145 0x2358 tdx - ok
18:45:10.0161 0x2358 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:45:10.0161 0x2358 TermDD - ok
18:45:10.0176 0x2358 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:45:10.0192 0x2358 TermService - ok
18:45:10.0192 0x2358 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:45:10.0192 0x2358 Themes - ok
18:45:10.0192 0x2358 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:45:10.0192 0x2358 THREADORDER - ok
18:45:10.0207 0x2358 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:45:10.0207 0x2358 TrkWks - ok
18:45:10.0207 0x2358 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:45:10.0223 0x2358 TrustedInstaller - ok
18:45:10.0223 0x2358 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:45:10.0223 0x2358 tssecsrv - ok
18:45:10.0239 0x2358 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:45:10.0239 0x2358 TsUsbFlt - ok
18:45:10.0239 0x2358 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:45:10.0254 0x2358 tunnel - ok
18:45:10.0254 0x2358 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:45:10.0254 0x2358 uagp35 - ok
18:45:10.0270 0x2358 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:45:10.0270 0x2358 udfs - ok
18:45:10.0270 0x2358 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:45:10.0270 0x2358 UI0Detect - ok
18:45:10.0285 0x2358 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:45:10.0285 0x2358 uliagpkx - ok
18:45:10.0285 0x2358 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
18:45:10.0285 0x2358 umbus - ok
18:45:10.0285 0x2358 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:45:10.0285 0x2358 UmPass - ok
18:45:10.0301 0x2358 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:45:10.0301 0x2358 upnphost - ok
18:45:10.0332 0x2358 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:45:10.0348 0x2358 USBAAPL64 - ok
18:45:10.0363 0x2358 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:45:10.0363 0x2358 usbccgp - ok
18:45:10.0379 0x2358 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:45:10.0379 0x2358 usbcir - ok
18:45:10.0395 0x2358 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:45:10.0395 0x2358 usbehci - ok
18:45:10.0395 0x2358 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:45:10.0410 0x2358 usbhub - ok
18:45:10.0410 0x2358 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:45:10.0410 0x2358 usbohci - ok
18:45:10.0426 0x2358 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:45:10.0426 0x2358 usbprint - ok
18:45:10.0426 0x2358 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:45:10.0426 0x2358 usbscan - ok
18:45:10.0441 0x2358 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:45:10.0441 0x2358 USBSTOR - ok
18:45:10.0441 0x2358 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:45:10.0441 0x2358 usbuhci - ok
18:45:10.0457 0x2358 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:45:10.0457 0x2358 UxSms - ok
18:45:10.0457 0x2358 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
18:45:10.0457 0x2358 VaultSvc - ok
18:45:10.0457 0x2358 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:45:10.0457 0x2358 vdrvroot - ok
18:45:10.0473 0x2358 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:45:10.0488 0x2358 vds - ok
18:45:10.0488 0x2358 vdtoulea - ok
18:45:10.0488 0x2358 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:45:10.0488 0x2358 vga - ok
18:45:10.0488 0x2358 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:45:10.0488 0x2358 VgaSave - ok
18:45:10.0504 0x2358 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:45:10.0504 0x2358 vhdmp - ok
18:45:10.0551 0x2358 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:45:10.0551 0x2358 viaide - ok
18:45:10.0566 0x2358 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:45:10.0566 0x2358 volmgr - ok
18:45:10.0582 0x2358 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:45:10.0597 0x2358 volmgrx - ok
18:45:10.0613 0x2358 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:45:10.0613 0x2358 volsnap - ok
18:45:10.0629 0x2358 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:45:10.0629 0x2358 vsmraid - ok
18:45:10.0660 0x2358 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:45:10.0691 0x2358 VSS - ok
18:45:10.0691 0x2358 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:45:10.0691 0x2358 vwifibus - ok
18:45:10.0707 0x2358 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:45:10.0722 0x2358 W32Time - ok
18:45:10.0722 0x2358 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:45:10.0722 0x2358 WacomPen - ok
18:45:10.0722 0x2358 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:45:10.0722 0x2358 WANARP - ok
18:45:10.0738 0x2358 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:45:10.0738 0x2358 Wanarpv6 - ok
18:45:10.0769 0x2358 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:45:10.0785 0x2358 WatAdminSvc - ok
18:45:10.0816 0x2358 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:45:10.0847 0x2358 wbengine - ok
18:45:10.0847 0x2358 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:45:10.0863 0x2358 WbioSrvc - ok
18:45:10.0863 0x2358 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:45:10.0878 0x2358 wcncsvc - ok
18:45:10.0878 0x2358 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:45:10.0878 0x2358 WcsPlugInService - ok
18:45:10.0878 0x2358 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:45:10.0878 0x2358 Wd - ok
18:45:10.0894 0x2358 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:45:10.0909 0x2358 Wdf01000 - ok
18:45:10.0941 0x2358 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:45:10.0941 0x2358 WdiServiceHost - ok
18:45:10.0941 0x2358 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:45:10.0941 0x2358 WdiSystemHost - ok
18:45:10.0972 0x2358 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
18:45:10.0987 0x2358 WebClient - ok
18:45:10.0987 0x2358 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:45:10.0987 0x2358 Wecsvc - ok
18:45:11.0003 0x2358 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:45:11.0003 0x2358 wercplsupport - ok
18:45:11.0003 0x2358 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:45:11.0003 0x2358 WerSvc - ok
18:45:11.0003 0x2358 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:45:11.0003 0x2358 WfpLwf - ok
18:45:11.0019 0x2358 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:45:11.0019 0x2358 WIMMount - ok
18:45:11.0019 0x2358 WinDefend - ok
18:45:11.0019 0x2358 WinHttpAutoProxySvc - ok
18:45:11.0034 0x2358 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:45:11.0034 0x2358 Winmgmt - ok
18:45:11.0097 0x2358 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:45:11.0143 0x2358 WinRM - ok
18:45:11.0175 0x2358 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
18:45:11.0175 0x2358 WinUsb - ok
18:45:11.0190 0x2358 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:45:11.0206 0x2358 Wlansvc - ok
18:45:11.0206 0x2358 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:45:11.0206 0x2358 WmiAcpi - ok
18:45:11.0221 0x2358 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:45:11.0221 0x2358 wmiApSrv - ok
18:45:11.0221 0x2358 WMPNetworkSvc - ok
18:45:11.0221 0x2358 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:45:11.0221 0x2358 WPCSvc - ok
18:45:11.0237 0x2358 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:45:11.0237 0x2358 WPDBusEnum - ok
18:45:11.0237 0x2358 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:45:11.0237 0x2358 ws2ifsl - ok
18:45:11.0237 0x2358 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:45:11.0253 0x2358 wscsvc - ok
18:45:11.0253 0x2358 WSearch - ok
18:45:11.0299 0x2358 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
18:45:11.0346 0x2358 wuauserv - ok
18:45:11.0362 0x2358 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:45:11.0362 0x2358 WudfPf - ok
18:45:11.0377 0x2358 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:45:11.0377 0x2358 WUDFRd - ok
18:45:11.0377 0x2358 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:45:11.0377 0x2358 wudfsvc - ok
18:45:11.0409 0x2358 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:45:11.0409 0x2358 WwanSvc - ok
18:45:11.0424 0x2358 [ 38F55D07B1D3391065C40EC065F984E2, 056F5E3034C4C11403D74F44A364964A3A5945608DAE2A03EF025A22F5C31B26 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
18:45:11.0424 0x2358 xusb21 - ok
18:45:11.0440 0x2358 ================ Scan global ===============================
18:45:11.0440 0x2358 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:45:11.0455 0x2358 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
18:45:11.0455 0x2358 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
18:45:11.0471 0x2358 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:45:11.0487 0x2358 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:45:11.0487 0x2358 [ Global ] - ok
18:45:11.0502 0x2358 ================ Scan MBR ==================================
18:45:11.0502 0x2358 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:45:11.0549 0x2358 \Device\Harddisk1\DR1 - ok
18:45:11.0549 0x2358 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:45:11.0580 0x2358 \Device\Harddisk0\DR0 - ok
18:45:11.0580 0x2358 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR5
18:45:11.0580 0x2358 \Device\Harddisk3\DR5 - ok
18:45:11.0580 0x2358 ================ Scan VBR ==================================
18:45:11.0580 0x2358 [ DD66C83048B61FD82B1319D9EDF76F66 ] \Device\Harddisk1\DR1\Partition1
18:45:11.0611 0x2358 \Device\Harddisk1\DR1\Partition1 - ok
18:45:11.0611 0x2358 [ 5C0B999D15CB55A7966DA93F9EFC59B4 ] \Device\Harddisk1\DR1\Partition2
18:45:11.0643 0x2358 \Device\Harddisk1\DR1\Partition2 - ok
18:45:11.0643 0x2358 [ 46A7AB8EBDFFD16290CC1A6E7C56F4D1 ] \Device\Harddisk0\DR0\Partition1
18:45:11.0643 0x2358 \Device\Harddisk0\DR0\Partition1 - ok
18:45:11.0658 0x2358 [ 6D8DCD4256924ED1188AE5D25ECC6CCA ] \Device\Harddisk3\DR5\Partition1
18:45:11.0658 0x2358 \Device\Harddisk3\DR5\Partition1 - ok
18:45:11.0658 0x2358 ================ Scan generic autorun ======================
18:45:11.0986 0x2358 [ 72CD24BCDCAEABAC39CC4F10BAC97C22, E300BD5480259C7DFC2ED25D1CBF246CF1BE0FFEB0A060CABEC4BD15FA8FAFFE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:45:12.0157 0x2358 RtHDVCpl - ok
18:45:12.0235 0x2358 [ F7123DD08DB0E254C62DB2B65FFE010C, 22638D929369244ADB68C10EC945B2BE2062E0DD59AB37D9A4B862D8BC55FBD8 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
18:45:12.0251 0x2358 AtherosBtStack - ok
18:45:12.0267 0x2358 [ 91894B8CCED018B2567C99F8F729F3D6, 5678B36722FB270B917F9E23A9CF7C8863B71665D2C81681F2D02C93CDF07739 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
18:45:12.0267 0x2358 AthBtTray - ok
18:45:12.0329 0x2358 [ 0080231EC57D26B380F630CC790DAB85, CA59ED2E67D03C70A77AB0D605C6172B72B8238A42425D0F75C1C891DB89FF9A ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
18:45:12.0376 0x2358 IntelliPoint - ok
18:45:12.0407 0x2358 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
18:45:12.0423 0x2358 MSC - ok
18:45:12.0423 0x2358 [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
18:45:12.0423 0x2358 NUSB3MON - ok
18:45:12.0438 0x2358 [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:45:12.0438 0x2358 IAStorIcon - ok
18:45:12.0454 0x2358 [ BFD8FC00279EDCE90C0981C29AF90683, 8FCA9802F8AB96712CCA006735860EE1AE0CFC67CAC561DB122BA9C7204B881C ] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
18:45:12.0469 0x2358 ASUS Ai Charger - ok
18:45:12.0469 0x2358 [ 90C6C359293757A161A3FCA0793B1293, 1820C2A9608E7D470A0938FDC407BF4B6D0077C78D5A2B6AD34C84B8F4DA55AE ] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
18:45:12.0469 0x2358 ASUS ShellProcess Execute - ok
18:45:12.0501 0x2358 [ 95BCE007607F409FE1C7AFE947D74AC2, D5CD93C14C6AAB7FE9DF4CF5540A1A550D300D1574B88B3AAD80A0C8BD0A3DB3 ] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
18:45:12.0516 0x2358 MSUTray - ok
18:45:12.0516 0x2358 [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:45:12.0516 0x2358 APSDaemon - ok
18:45:12.0547 0x2358 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:45:12.0547 0x2358 BCSSync - ok
18:45:12.0563 0x2358 [ BED38B0ADFF5F5CC6E988A6491017E83, B2C0EFDEC9320D7EB5882F244E5ACF11A61C1A0AFED83D080C8BB8F7F1AC7E79 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
18:45:12.0579 0x2358 RIMBBLaunchAgent.exe - ok
18:45:12.0594 0x2358 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
18:45:12.0610 0x2358 HP Software Update - ok
18:45:12.0641 0x2358 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:45:12.0657 0x2358 Sidebar - ok
18:45:12.0672 0x2358 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:45:12.0672 0x2358 mctadmin - ok
18:45:12.0688 0x2358 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:45:12.0703 0x2358 Sidebar - ok
18:45:12.0719 0x2358 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:45:12.0719 0x2358 mctadmin - ok
18:45:12.0735 0x2358 [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
18:45:12.0735 0x2358 iCloudServices - ok
18:45:12.0735 0x2358 Steam - ok
18:45:12.0735 0x2358 Waiting for KSN requests completion. In queue: 308
18:45:13.0749 0x2358 Waiting for KSN requests completion. In queue: 308
18:45:14.0763 0x2358 Waiting for KSN requests completion. In queue: 308
18:45:15.0792 0x2358 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
18:45:15.0808 0x2358 Win FW state via NFP2: enabled ( trusted )
18:45:18.0475 0x2358 ============================================================
18:45:18.0475 0x2358 Scan finished
18:45:18.0475 0x2358 ============================================================
18:45:18.0475 0x2260 Detected object count: 0
18:45:18.0475 0x2260 Actual detected object count: 0
18:47:18.0030 0x18b0 Deinitialize success
 
#10 ·
Skywalker -

Thanks for those posts. I am seeing a good amount of junk and a good amount of what I assume to be obsolete software, but I do not see any indication of a hidden keylogger or backdoor. If your accounts are being hacked, there are a couple of courses of action for you to consider:

1. You could reformat your computer and start from scratch. While this is a bit of a pain in the butt, if you do have a hidden back door, it is very possible that it has been used to create security flaws which are effectively undetectable. This would be the only way to ensure that your computer is secure. My suggestion would be to change all of your passwords from another computer, then reformat your computer.

2. We can address the junkware and odd settings. It is possible that some of it may be leaking information, but it would again be reliant on some hidden software which is not evident from the scans you have posted.

3. As an aside, you may want to consider how you access the internet. Do you use shared connections (ie starbucks, etc.)? Are there other devices on your network?

Give it some thought. If you would like to try cleaning it first, please let me know the following so I can tailor a fix for your computer:

1. Do you still use a blackberry? My guess is that it is old programs which shoudl be removed if no longer in use.
2. Do you still use icq?
3. Just to double check - there are references to a peer-to-peer program called frostwire. It looks like the program has been removed, and I want to confirm that is the case. If not, I can almost guarantee that is the source of your problems.

Let me know what you want to do, and I will be happy to help.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top