Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer, not sure why?


  • This topic is locked This topic is locked
23 replies to this topic

#1 ZerkOnFire

ZerkOnFire

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 23 July 2013 - 08:38 AM

My computer just gets slower and slower, I think I'm infected. Every time I(personally) see a suspicious file, I google it and see tons of links with people saying virus in it. So I think it. I have Vipre Internet Security and recently looked it up and found out it's 2.5/5 stars. I have had it for 2.5 years.

 

I know it says post the logs, but the dds.com said attach the attach.txt after zipping it.. I'll just attach that and follow your(who ever helps) instructions once you tell me what to do. Thank you

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Jeremy_x3 at 9:32:22 on 2013-07-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.1032 [GMT -4:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: GFI Software VIPRE *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k AcfXAudioService
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Defraggler\Defraggler64.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre7\bin\java.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = about:blank
mURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: DisallowRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: NameServer = 8.8.8.8 209.55.27.13
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4} : DHCPNameServer = 8.8.8.8 209.55.27.13
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\055747E65697E2E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\25572697A556262716D27657563747 : DHCPNameServer = 8.8.8.8 209.55.27.13 204.111.1.210
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\B425638563 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\B425638563 : DHCPNameServer = 192.168.1.1 71.252.0.12
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-11-2 14904]
R3 DbusAudio;DbusAudio;C:\Windows\System32\drivers\DbusAudio.sys [2010-11-6 33848]
R3 easytether;easytether;C:\Windows\System32\drivers\easytthr.sys [2013-5-6 21704]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-7-8 140800]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-3-15 145408]
S3 acfva;acfva;C:\Windows\System32\drivers\ACFVA64.sys [2009-12-30 123008]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-26 40448]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-7-12 79680]
S3 dgcfltr;DGC Filter Driver;C:\Windows\System32\drivers\ACFDCP64.sys [2009-12-30 34944]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2009-11-2 61792]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-3-15 39504]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
.
=============== Created Last 30 ================
.
2013-07-23 12:08:33 -------- d-----w- C:\Users\Jeremy_x3\AppData\Roaming\Malwarebytes
2013-07-23 12:08:24 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-23 12:08:23 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-23 12:08:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-23 12:08:01 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Programs
2013-07-23 11:40:16 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Google
2013-07-23 11:40:04 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Apps
2013-07-23 11:40:03 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Deployment
2013-07-23 04:48:26 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Power2Go
2013-07-23 04:38:05 -------- d-----w- C:\Users\Jeremy_x3\AppData\Roaming\Asus WebStorage
2013-07-23 03:45:52 -------- d-----w- C:\Users\Jeremy_x3\AppData\Roaming\uTorrent
2013-07-23 03:33:05 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\VS Revo Group
2013-07-23 03:17:43 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\Adobe
2013-07-23 02:39:21 -------- dc----w- C:\Users\Jeremy_x3\AppData\Local\MigWiz
2013-07-23 02:38:36 -------- d-----w- C:\Users\Jeremy_x3\AppData\Roaming\GlarySoft
2013-07-23 02:18:37 -------- d-----w- C:\Users\Jeremy_x3\AppData\Local\SRS Labs
2013-07-23 02:18:20 -------- d-----w- C:\Users\Jeremy_x3\AppData\Roaming\GFI Software
2013-07-22 18:58:23 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2013-07-22 18:51:20 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-07-22 18:46:59 9460976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71FDCB9A-3DCF-486C-8D8B-84AD17943069}\mpengine.dll
2013-07-22 18:13:25 235328 ----a-w- C:\ProgramData\1374516547.bdinstall.bin
2013-07-22 17:58:48 116852 ----a-w- C:\ProgramData\1374515894.bdinstall.bin
2013-07-22 17:57:40 2718 ----a-w- C:\ProgramData\1374515854.5092.bin
2013-07-22 17:57:37 838 ----a-w- C:\ProgramData\1374515854.3788.bin
2013-07-22 17:57:37 2245 ----a-w- C:\ProgramData\1374515854.6692.bin
2013-07-22 17:57:34 92154 ----a-w- C:\ProgramData\1374515854.2852.bin
2013-07-22 07:26:21 2409733 ----a-w- C:\ProgramData\1374477036.bdinstall.bin
2013-07-22 07:21:37 -------- d-----w- C:\ProgramData\BDLogging
2013-07-22 07:21:17 511328 ----a-w- C:\Windows\capicom.dll
2013-07-22 06:56:45 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2013-07-12 16:53:37 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
2013-07-12 16:53:36 79680 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2013-07-12 16:53:36 201280 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-07-12 16:53:36 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2013-07-12 07:00:56 -------- d-----w- C:\Windows\System32\MRT
2013-07-11 06:35:34 16640 ----a-w- C:\Windows\SysWow64\drivers\BootDefragDriver.sys
2013-07-11 06:35:34 117024 ----a-w- C:\Windows\SysWow64\BootDefrag.exe
2013-07-11 06:35:34 117024 ----a-w- C:\Windows\System32\BootDefrag.exe
2013-07-11 06:10:35 -------- d-----w- C:\ProgramData\GlarySoft
2013-07-11 06:07:36 -------- d-----w- C:\Program Files (x86)\Glary Utilities 3
2013-07-10 01:25:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-09 18:22:19 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-09 18:22:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-09 18:21:48 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-09 18:21:47 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-09 18:21:46 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-09 18:21:45 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 18:21:45 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-09 18:21:45 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-09 18:21:44 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-09 18:18:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-09 18:18:57 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-09 18:18:45 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-09 18:18:45 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-09 18:12:28 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-09 18:10:10 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-09 18:10:10 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-09 18:10:10 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 18:10:09 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 18:10:09 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-07 21:20:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-07 21:16:57 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-07 20:43:15 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-07-07 20:43:03 -------- d-----w- C:\Program Files\VS Revo Group
2013-07-07 20:32:26 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-07-07 03:36:03 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies
2013-07-03 17:28:13 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-07-03 17:28:13 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-03 17:28:13 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-07-03 17:28:12 52224


BC AdBot (Login to Remove)

 


#2 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 25 July 2013 - 03:36 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, ZerkOnFire

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

It seems that your DDS log is partially cut off. Could you please run it again and copy/paste it in your next reply with attach.txt attached?

---------------------------------------------------------------------------------------------------
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#3 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 25 July 2013 - 01:55 PM

 

 

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)

 


Hello there, ZerkOnFire

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

It seems that your DDS log is partially cut off. Could you please run it again and copy/paste it in your next reply with attach.txt attached?

---------------------------------------------------------------------------------------------------

 

 

No problem. I ran it on a new account, this time I ran it on the one that's sluggish. I also zipped both of the files in case it gets cut off. If the bridged connection sparks interest, I'm using it to wire my ps3 to the computer because it can't reach the wifi signal. I'm not sure why. I'll listen to whatever you say do. I've already deleted a bunch of useless(what I thought was at least) in the ProgramData folder, such as stuff installed from other programs which I've uninstalled. Thank you very much for providing support when you don't have to. It means a lot Conspire. :)

 

Also tell me if you don't want me to quote you. I wasn't sure if I was supposed to or not.

--------------------------------------------------------------------------------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Jeremy at 14:37:00 on 2013-07-25
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.2007 [GMT -4:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: GFI Software VIPRE *Enabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k AcfXAudioService
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Glary Utilities 3\x64\Win64ShellLink.exe
C:\Program Files (x86)\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Users\Jeremy\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: DisallowRun = dword:0
uPolicies-Explorer: NoSearchFilesInStartMenu = dword:0
uPolicies-Explorer: NoSearchProgramsInStartMenu = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: DisallowRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: >> Download This Youtube Video - UnlockForUs - C:\Users\Jeremy\AppData\Local\Temp\Rar$EX01.937\YoutubeFileHack\lawrence.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: Interfaces\{AFA18CC3-1100-4AFA-AC5A-097CBC6B6936} : NameServer = 127.0.0.1
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4} : DHCPNameServer = 8.8.8.8 209.55.27.13
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\055747E65697E2E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\25572697A556262716D27657563747 : DHCPNameServer = 8.8.8.8 209.55.27.13 204.111.1.210
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\B425638563 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\B425638563 : DHCPNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{F5D8A501-F5BF-47F0-9B40-E35BB4B216B2} : NameServer = 8.8.8.8,8.8.4.4
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2013-7-23 16640]
R1 pfs_dokan;pfs_dokan;C:\Windows\System32\drivers\pfs_dokan.sys [2013-5-9 56496]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2011-5-28 258848]
R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2010-6-22 55384]
R2 AcfXAudioService;AcfXAudioService;C:\Windows\System32\svchost.exe -k AcfXAudioService [2009-7-13 27136]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2009-11-2 359552]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-11-2 14904]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2009-6-11 127352]
R2 FastBootAgent;FastBootAgent;C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-11-2 306232]
R2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [2012-10-24 115568]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-23 701512]
R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2012-10-29 3677000]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2012-10-24 82872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-10-29 175496]
R2 SCEFSMounter;SCE File System Driver;C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe [2012-6-20 79872]
R3 DbusAudio;DbusAudio;C:\Windows\System32\drivers\DbusAudio.sys [2010-11-6 33848]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-7-8 140800]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-3-15 145408]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-4-27 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-23 25928]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2013-2-22 24176]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2010-6-23 120608]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-10-24 86816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 acfva;acfva;C:\Windows\System32\drivers\ACFVA64.sys [2009-12-30 123008]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-26 40448]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-7-12 79680]
S3 dgcfltr;DGC Filter Driver;C:\Windows\System32\drivers\ACFDCP64.sys [2009-12-30 34944]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2009-11-2 61792]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-3-15 39504]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 libusb0;libusb-win32 - Kernel Driver 10/05/2012 0.0.0.0;C:\Windows\System32\drivers\libusb0.sys [2012-1-20 52320]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-1-3 115272]
S3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw1v64.sys [2009-7-20 7058432]
S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2013-5-7 15360]
S3 pnetmdm;PdaNet Modem;C:\Windows\System32\drivers\pnetmdm64.sys [2013-5-7 17920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-22 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-7-7 31800]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2010-6-23 120608]
S3 SbHips;SbHips;C:\Windows\System32\drivers\sbhips.sys [2011-5-28 61216]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 SMServer;SMServer;C:\Windows\SysWOW64\snmvtsvc.exe [2010-11-6 245760]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-7-12 201280]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2010-8-3 30720]
S3 tapSF0901;Spotflux Virtual Network Device Driver;C:\Windows\System32\drivers\tapSF0901.sys [2013-7-8 39104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-22 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-25 1255736]
.
=============== Created Last 30 ================
.
2013-07-24 02:00:17 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-23 18:50:56 -------- d-----w- C:\ProgramData\spotflux
2013-07-23 17:48:55 16640 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2013-07-23 17:40:24 -------- d-----w- C:\Users\Jeremy\AppData\Local\Apple Computer
2013-07-23 17:40:07 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-07-23 17:39:23 -------- d-----w- C:\Program Files\iPod
2013-07-23 17:39:20 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-23 17:39:20 -------- d-----w- C:\Program Files\iTunes
2013-07-23 17:39:20 -------- d-----w- C:\Program Files (x86)\iTunes
2013-07-23 17:22:15 -------- d-----w- C:\Users\Jeremy\AppData\Local\Apple
2013-07-23 17:21:14 -------- d-----w- C:\Program Files\Bonjour
2013-07-23 17:19:59 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Malwarebytes
2013-07-23 17:08:26 -------- d-----w- C:\Program Files (x86)\PrivitizeVPN
2013-07-23 16:59:41 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\QuickScan
2013-07-23 14:56:19 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\DiskDefrag
2013-07-23 12:08:24 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-23 12:08:23 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-23 12:08:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-22 18:51:20 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-07-22 18:46:59 9460976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71FDCB9A-3DCF-486C-8D8B-84AD17943069}\mpengine.dll
2013-07-22 07:21:17 511328 ----a-w- C:\Windows\capicom.dll
2013-07-22 06:56:45 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2013-07-21 00:14:15 -------- d-----w- C:\Users\Jeremy\Data
2013-07-12 16:53:37 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
2013-07-12 16:53:36 79680 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2013-07-12 16:53:36 201280 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-07-12 16:53:36 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2013-07-12 07:00:56 -------- d-----w- C:\Windows\System32\MRT
2013-07-11 06:35:34 16640 ----a-w- C:\Windows\SysWow64\drivers\BootDefragDriver.sys
2013-07-11 06:35:34 117024 ----a-w- C:\Windows\SysWow64\BootDefrag.exe
2013-07-11 06:35:34 117024 ----a-w- C:\Windows\System32\BootDefrag.exe
2013-07-11 06:10:35 -------- d-----w- C:\ProgramData\GlarySoft
2013-07-11 06:07:55 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\GlarySoft
2013-07-11 06:07:36 -------- d-----w- C:\Program Files (x86)\Glary Utilities 3
2013-07-10 01:25:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-09 18:22:19 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-09 18:22:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-09 18:21:48 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-09 18:21:47 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-09 18:21:46 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-09 18:21:45 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 18:21:45 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-09 18:21:45 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-09 18:21:44 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-09 18:18:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-09 18:18:57 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-09 18:18:45 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-09 18:18:45 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-09 18:12:28 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-09 18:10:10 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-09 18:10:10 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-09 18:10:10 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 18:10:09 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 18:10:09 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-08 20:12:10 39104 ----a-w- C:\Windows\System32\drivers\tapSF0901.sys
2013-07-07 21:20:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-07 21:16:57 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-07 20:43:15 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-07-07 20:43:03 -------- d-----w- C:\Program Files\VS Revo Group
2013-07-07 20:32:26 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-07-07 03:36:03 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies
2013-07-03 17:28:13 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-07-03 17:28:13 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-03 17:28:13 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-07-03 17:28:12 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-07-03 17:28:12 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-07-03 17:28:12 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-03 17:28:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-03 17:28:12 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-03 17:28:12 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-03 17:28:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-03 17:27:57 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-07-03 17:27:56 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-07-03 17:27:56 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-07-03 17:27:56 111448 ----a-w- C:\Windows\System32\consent.exe
2013-07-03 17:27:35 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-07-03 17:27:35 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-07-03 17:27:35 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-07-03 17:27:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-03 17:26:10 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-07-03 17:26:09 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-07-03 17:26:08 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
.
==================== Find3M  ====================
.
2013-07-23 00:27:03 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2013-07-07 21:20:06 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-07 21:20:05 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-07 21:16:41 972712 ----a-w- C:\Windows\System32\deployJava1.dll
2013-07-07 21:16:41 1093032 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-06-20 23:31:47 34840 ----a-w- C:\Windows\System32\drivers\cnnctfy3.sys
2013-06-20 21:48:37 31344 ----a-w- C:\Windows\System32\drivers\cnnctfy2.sys
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-06 00:49:33 1778032 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
.
============= FINISH: 14:38:20.35 ===============

Attached Files



#4 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 26 July 2013 - 04:03 AM

Hello,

No need to quote my post. The log is long enough for us to scroll. :wink:


Please download aswMBR.exe and save it to your desktop.

  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attachment)
TDSS Killer log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!


Edited by Conspire, 26 July 2013 - 04:04 AM.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#5 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 26 July 2013 - 01:33 PM

Okay, won't quote. I think I'm pretty savvy with computers. Not smart enough to do the stuff you're doing. But I'm alright with most things. I'll do what you say, I'm not going to do my own thing and disobey you :)

 

 

------------------------------------

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-26 14:15:34
-----------------------------
14:15:34.341    OS Version: Windows x64 6.1.7601 Service Pack 1
14:15:34.342    Number of processors: 2 586 0x170A
14:15:34.342    ComputerName: JEREMY-PC  UserName: Jeremy
14:15:36.733    Initialize success
14:16:37.266    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:16:37.269    Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
14:16:37.413    Disk 0 MBR read successfully
14:16:37.416    Disk 0 MBR scan
14:16:37.418    Disk 0 Windows VISTA default MBR code
14:16:37.445    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    14998 MB offset 2048
14:16:37.461    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       461940 MB offset 30717952
14:16:37.570    Disk 0 scanning C:\Windows\system32\drivers
14:16:52.312    Service scanning
14:17:16.343    Modules scanning
14:17:16.350    Disk 0 trace - called modules:
14:17:16.381    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
14:17:16.385    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004898170]
14:17:16.389    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8003cf3e40]
14:17:16.395    5 ACPI.sys[fffff88000e1b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046d1050]
14:17:16.400    Scan finished successfully
14:20:17.759    Disk 0 MBR has been saved successfully to "C:\Users\Jeremy\Desktop\MBR.dat"
14:20:17.765    The log file has been saved successfully to "C:\Users\Jeremy\Desktop\aswMBR.txt"
---------------------------------------
 
---------------------------------------
14:22:27.0172 4660  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:22:27.0785 4660  ============================================================
14:22:27.0785 4660  Current date / time: 2013/07/26 14:22:27.0785
14:22:27.0785 4660  SystemInfo:
14:22:27.0785 4660  
14:22:27.0785 4660  OS Version: 6.1.7601 ServicePack: 1.0
14:22:27.0785 4660  Product type: Workstation
14:22:27.0785 4660  ComputerName: JEREMY-PC
14:22:27.0785 4660  UserName: Jeremy
14:22:27.0785 4660  Windows directory: C:\Windows
14:22:27.0785 4660  System windows directory: C:\Windows
14:22:27.0785 4660  Running under WOW64
14:22:27.0785 4660  Processor architecture: Intel x64
14:22:27.0785 4660  Number of processors: 2
14:22:27.0785 4660  Page size: 0x1000
14:22:27.0786 4660  Boot type: Normal boot
14:22:27.0786 4660  ============================================================
14:22:28.0584 4660  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:28.0591 4660  ============================================================
14:22:28.0591 4660  \Device\Harddisk0\DR0:
14:22:28.0591 4660  MBR partitions:
14:22:28.0591 4660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0x3863A030
14:22:28.0591 4660  ============================================================
14:22:28.0630 4660  C: <-> \Device\Harddisk0\DR0\Partition1
14:22:28.0630 4660  ============================================================
14:22:28.0630 4660  Initialize success
14:22:28.0630 4660  ============================================================
14:22:38.0118 5788  ============================================================
14:22:38.0118 5788  Scan started
14:22:38.0118 5788  Mode: Manual; 
14:22:38.0118 5788  ============================================================
14:22:38.0363 5788  ================ Scan system memory ========================
14:22:38.0363 5788  System memory - ok
14:22:38.0364 5788  ================ Scan services =============================
14:22:38.0518 5788  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:22:38.0522 5788  1394ohci - ok
14:22:38.0599 5788  [ EE3DBB9504F9B99EB44A3785AABD1D5C ] acfva           C:\Windows\system32\DRIVERS\ACFVA64.sys
14:22:38.0601 5788  acfva - ok
14:22:38.0707 5788  [ D67C517B4EEC71B975CC913BA2625C54 ] AcfXAudioService C:\Windows\SysWOW64\ACFXAU64.dll
14:22:38.0717 5788  AcfXAudioService - ok
14:22:38.0750 5788  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:22:38.0754 5788  ACPI - ok
14:22:38.0797 5788  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:22:38.0798 5788  AcpiPmi - ok
14:22:38.0859 5788  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:22:38.0865 5788  adp94xx - ok
14:22:38.0898 5788  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:22:38.0901 5788  adpahci - ok
14:22:38.0934 5788  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:22:38.0936 5788  adpu320 - ok
14:22:38.0965 5788  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:22:38.0977 5788  AeLookupSvc - ok
14:22:39.0057 5788  [ 114C042FF784B4C5670290A661799357 ] AFBAgent        C:\Windows\system32\FBAgent.exe
14:22:39.0127 5788  AFBAgent - ok
14:22:39.0181 5788  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:22:39.0188 5788  AFD - ok
14:22:39.0240 5788  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:22:39.0241 5788  agp440 - ok
14:22:39.0300 5788  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:22:39.0302 5788  ALG - ok
14:22:39.0347 5788  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:22:39.0348 5788  aliide - ok
14:22:39.0363 5788  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:22:39.0364 5788  amdide - ok
14:22:39.0399 5788  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:22:39.0400 5788  AmdK8 - ok
14:22:39.0427 5788  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:22:39.0428 5788  AmdPPM - ok
14:22:39.0480 5788  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:22:39.0481 5788  amdsata - ok
14:22:39.0519 5788  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:22:39.0521 5788  amdsbs - ok
14:22:39.0537 5788  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:22:39.0538 5788  amdxata - ok
14:22:39.0574 5788  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
14:22:39.0576 5788  AmUStor - ok
14:22:39.0621 5788  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:22:39.0622 5788  AppID - ok
14:22:39.0651 5788  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:22:39.0654 5788  AppIDSvc - ok
14:22:39.0685 5788  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:22:39.0687 5788  Appinfo - ok
14:22:39.0787 5788  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:22:39.0840 5788  Apple Mobile Device - ok
14:22:39.0880 5788  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:22:39.0881 5788  arc - ok
14:22:39.0928 5788  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:22:39.0930 5788  arcsas - ok
14:22:39.0962 5788  [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
14:22:39.0963 5788  AsDsm - ok
14:22:40.0014 5788  [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
14:22:40.0015 5788  ASLDRService - ok
14:22:40.0069 5788  [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
14:22:40.0070 5788  ASMMAP64 - ok
14:22:40.0188 5788  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:22:40.0199 5788  aspnet_state - ok
14:22:40.0229 5788  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:40.0230 5788  AsyncMac - ok
14:22:40.0258 5788  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:22:40.0259 5788  atapi - ok
14:22:40.0325 5788  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:22:40.0339 5788  athr - ok
14:22:40.0364 5788  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
14:22:40.0366 5788  ATKGFNEXSrv - ok
14:22:40.0410 5788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:22:40.0418 5788  AudioEndpointBuilder - ok
14:22:40.0430 5788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:22:40.0436 5788  AudioSrv - ok
14:22:40.0491 5788  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:22:40.0495 5788  AxInstSV - ok
14:22:40.0554 5788  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:22:40.0559 5788  b06bdrv - ok
14:22:40.0602 5788  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:40.0605 5788  b57nd60a - ok
14:22:40.0655 5788  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:22:40.0659 5788  BDESVC - ok
14:22:40.0682 5788  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:22:40.0683 5788  Beep - ok
14:22:40.0739 5788  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:22:40.0748 5788  BFE - ok
14:22:40.0778 5788  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:22:40.0900 5788  BITS - ok
14:22:40.0921 5788  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:22:40.0923 5788  blbdrive - ok
14:22:40.0977 5788  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:22:40.0981 5788  Bonjour Service - ok
14:22:41.0026 5788  [ 52D3808A7BD62AF0F18123344779DBA1 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
14:22:41.0027 5788  BootDefragDriver - ok
14:22:41.0059 5788  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:22:41.0061 5788  bowser - ok
14:22:41.0091 5788  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:22:41.0092 5788  BrFiltLo - ok
14:22:41.0124 5788  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:22:41.0125 5788  BrFiltUp - ok
14:22:41.0173 5788  [ 5C2F352A4E961D72518261257AAE204B ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
14:22:41.0174 5788  Bridge - ok
14:22:41.0213 5788  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:22:41.0215 5788  BridgeMP - ok
14:22:41.0247 5788  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:22:41.0251 5788  Browser - ok
14:22:41.0325 5788  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:22:41.0328 5788  Brserid - ok
14:22:41.0368 5788  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:41.0369 5788  BrSerWdm - ok
14:22:41.0382 5788  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:41.0383 5788  BrUsbMdm - ok
14:22:41.0401 5788  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:41.0402 5788  BrUsbSer - ok
14:22:41.0437 5788  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:22:41.0438 5788  BTHMODEM - ok
14:22:41.0490 5788  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:22:41.0494 5788  bthserv - ok
14:22:41.0527 5788  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:22:41.0529 5788  cdfs - ok
14:22:41.0571 5788  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:22:41.0573 5788  cdrom - ok
14:22:41.0613 5788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:22:41.0616 5788  CertPropSvc - ok
14:22:41.0664 5788  [ 98C3DBAFBCC4515A6BB422321D187D37 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:22:41.0666 5788  CinemaNow Service - ok
14:22:41.0707 5788  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:22:41.0708 5788  circlass - ok
14:22:41.0744 5788  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:22:41.0750 5788  CLFS - ok
14:22:41.0825 5788  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:41.0843 5788  clr_optimization_v2.0.50727_32 - ok
14:22:41.0880 5788  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:41.0885 5788  clr_optimization_v2.0.50727_64 - ok
14:22:41.0957 5788  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:42.0053 5788  clr_optimization_v4.0.30319_32 - ok
14:22:42.0081 5788  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:42.0119 5788  clr_optimization_v4.0.30319_64 - ok
14:22:42.0134 5788  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:22:42.0135 5788  CmBatt - ok
14:22:42.0159 5788  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:22:42.0160 5788  cmdide - ok
14:22:42.0209 5788  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
14:22:42.0214 5788  CNG - ok
14:22:42.0257 5788  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:22:42.0259 5788  Compbatt - ok
14:22:42.0288 5788  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:22:42.0289 5788  CompositeBus - ok
14:22:42.0305 5788  COMSysApp - ok
14:22:42.0332 5788  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:22:42.0333 5788  crcdisk - ok
14:22:42.0366 5788  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:22:42.0373 5788  CryptSvc - ok
14:22:42.0408 5788  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
14:22:42.0409 5788  CVirtA - ok
14:22:42.0440 5788  [ 56F5311145CDFC984AB21C9862DC74F8 ] DbusAudio       C:\Windows\system32\drivers\DbusAudio.sys
14:22:42.0441 5788  DbusAudio - ok
14:22:42.0478 5788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:22:42.0513 5788  DcomLaunch - ok
14:22:42.0541 5788  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:22:42.0548 5788  defragsvc - ok
14:22:42.0590 5788  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:22:42.0591 5788  DfsC - ok
14:22:42.0622 5788  [ BB3003D9DB0D3B18B3284CCFD57F3C3F ] dgcfltr         C:\Windows\system32\DRIVERS\ACFDCP64.sys
14:22:42.0623 5788  dgcfltr - ok
14:22:42.0676 5788  [ B776FF14D4A9A8C7E9A18FE39D4B9B4E ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
14:22:42.0678 5788  dg_ssudbus - ok
14:22:42.0727 5788  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:22:42.0735 5788  Dhcp - ok
14:22:42.0773 5788  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:22:42.0775 5788  discache - ok
14:22:42.0805 5788  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:22:42.0806 5788  Disk - ok
14:22:42.0853 5788  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
14:22:42.0855 5788  DNE - ok
14:22:42.0900 5788  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:22:42.0906 5788  Dnscache - ok
14:22:42.0938 5788  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:22:42.0946 5788  dot3svc - ok
14:22:42.0977 5788  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:22:42.0982 5788  DPS - ok
14:22:43.0024 5788  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:22:43.0025 5788  drmkaud - ok
14:22:43.0075 5788  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:22:43.0086 5788  DXGKrnl - ok
14:22:43.0119 5788  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:22:43.0124 5788  EapHost - ok
14:22:43.0136 5788  easytether - ok
14:22:43.0229 5788  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:22:43.0295 5788  ebdrv - ok
14:22:43.0333 5788  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:22:43.0343 5788  EFS - ok
14:22:43.0407 5788  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:22:43.0429 5788  ehRecvr - ok
14:22:43.0449 5788  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:22:43.0453 5788  ehSched - ok
14:22:43.0503 5788  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:22:43.0509 5788  elxstor - ok
14:22:43.0538 5788  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:22:43.0539 5788  ErrDev - ok
14:22:43.0570 5788  [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
14:22:43.0572 5788  ETD - ok
14:22:43.0607 5788  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:22:43.0617 5788  EventSystem - ok
14:22:43.0644 5788  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:22:43.0647 5788  exfat - ok
14:22:43.0752 5788  [ 8C89F06DBC239492E0AAAA0B0D8645EA ] FastBootAgent   C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
14:22:43.0789 5788  FastBootAgent - ok
14:22:43.0837 5788  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:22:43.0839 5788  fastfat - ok
14:22:43.0898 5788  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:22:43.0910 5788  Fax - ok
14:22:43.0927 5788  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:22:43.0928 5788  fdc - ok
14:22:43.0971 5788  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:22:43.0978 5788  fdPHost - ok
14:22:43.0991 5788  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:22:43.0999 5788  FDResPub - ok
14:22:44.0034 5788  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:22:44.0035 5788  FileInfo - ok
14:22:44.0055 5788  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:22:44.0056 5788  Filetrace - ok
14:22:44.0139 5788  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:22:44.0181 5788  FLEXnet Licensing Service - ok
14:22:44.0221 5788  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:22:44.0223 5788  flpydisk - ok
14:22:44.0255 5788  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:22:44.0258 5788  FltMgr - ok
14:22:44.0312 5788  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:22:44.0329 5788  FontCache - ok
14:22:44.0385 5788  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:44.0402 5788  FontCache3.0.0.0 - ok
14:22:44.0432 5788  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:22:44.0433 5788  FsDepends - ok
14:22:44.0466 5788  [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:22:44.0467 5788  fssfltr - ok
14:22:44.0530 5788  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:22:44.0534 5788  fsssvc - ok
14:22:44.0558 5788  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:22:44.0560 5788  Fs_Rec - ok
14:22:44.0594 5788  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:22:44.0598 5788  fvevol - ok
14:22:44.0640 5788  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:22:44.0641 5788  gagp30kx - ok
14:22:44.0698 5788  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:22:44.0699 5788  GEARAspiWDM - ok
14:22:44.0751 5788  [ 9F5E8645FECD68C0ECC374F5A4AE068A ] gfiark          C:\Windows\system32\drivers\gfiark.sys
14:22:44.0752 5788  gfiark - ok
14:22:44.0837 5788  [ AD826942E10F8D18C29E365CE426A21B ] gfi_lanss10_attservice C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
14:22:44.0841 5788  gfi_lanss10_attservice - ok
14:22:44.0882 5788  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:22:44.0896 5788  gpsvc - ok
14:22:45.0005 5788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:45.0007 5788  gupdate - ok
14:22:45.0012 5788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:45.0015 5788  gupdatem - ok
14:22:45.0061 5788  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:22:45.0062 5788  hamachi - ok
14:22:45.0095 5788  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:22:45.0096 5788  hcw85cir - ok
14:22:45.0147 5788  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:22:45.0151 5788  HdAudAddService - ok
14:22:45.0175 5788  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:22:45.0177 5788  HDAudBus - ok
14:22:45.0195 5788  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:22:45.0196 5788  HidBatt - ok
14:22:45.0219 5788  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:22:45.0220 5788  HidBth - ok
14:22:45.0237 5788  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:22:45.0239 5788  HidIr - ok
14:22:45.0264 5788  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:22:45.0274 5788  hidserv - ok
14:22:45.0311 5788  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:22:45.0312 5788  HidUsb - ok
14:22:45.0359 5788  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:22:45.0368 5788  hkmsvc - ok
14:22:45.0395 5788  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:22:45.0407 5788  HomeGroupListener - ok
14:22:45.0439 5788  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:22:45.0456 5788  HomeGroupProvider - ok
14:22:45.0486 5788  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:22:45.0487 5788  HpSAMD - ok
14:22:45.0521 5788  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:22:45.0522 5788  HTCAND64 - ok
14:22:45.0558 5788  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:22:45.0567 5788  HTTP - ok
14:22:45.0592 5788  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:22:45.0593 5788  hwpolicy - ok
14:22:45.0635 5788  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:22:45.0637 5788  i8042prt - ok
14:22:45.0676 5788  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:22:45.0680 5788  iaStor - ok
14:22:45.0715 5788  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:22:45.0720 5788  iaStorV - ok
14:22:45.0790 5788  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:22:45.0824 5788  IDriverT - ok
14:22:45.0906 5788  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:45.0929 5788  idsvc - ok
14:22:46.0162 5788  [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:22:46.0348 5788  igfx - ok
14:22:46.0400 5788  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:22:46.0401 5788  iirsp - ok
14:22:46.0459 5788  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:22:46.0474 5788  IKEEXT - ok
14:22:46.0563 5788  [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:22:46.0581 5788  IntcAzAudAddService - ok
14:22:46.0615 5788  [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:22:46.0617 5788  IntcHdmiAddService - ok
14:22:46.0647 5788  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:22:46.0649 5788  intelide - ok
14:22:46.0690 5788  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:22:46.0692 5788  intelppm - ok
14:22:46.0716 5788  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:22:46.0726 5788  IPBusEnum - ok
14:22:46.0754 5788  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:46.0755 5788  IpFilterDriver - ok
14:22:46.0796 5788  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:22:46.0808 5788  iphlpsvc - ok
14:22:46.0839 5788  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:22:46.0840 5788  IPMIDRV - ok
14:22:46.0876 5788  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:22:46.0878 5788  IPNAT - ok
14:22:46.0961 5788  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:22:46.0965 5788  iPod Service - ok
14:22:46.0985 5788  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:22:46.0986 5788  IRENUM - ok
14:22:47.0007 5788  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:22:47.0009 5788  isapnp - ok
14:22:47.0044 5788  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:22:47.0047 5788  iScsiPrt - ok
14:22:47.0081 5788  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:22:47.0082 5788  kbdclass - ok
14:22:47.0108 5788  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:22:47.0110 5788  kbdhid - ok
14:22:47.0157 5788  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
14:22:47.0158 5788  kbfiltr - ok
14:22:47.0189 5788  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:22:47.0198 5788  KeyIso - ok
14:22:47.0229 5788  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:22:47.0230 5788  KSecDD - ok
14:22:47.0263 5788  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:22:47.0265 5788  KSecPkg - ok
14:22:47.0296 5788  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:22:47.0298 5788  ksthunk - ok
14:22:47.0329 5788  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:22:47.0344 5788  KtmRm - ok
14:22:47.0358 5788  [ AD88105EFDDC55877EA8D06346D75989 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:22:47.0359 5788  L1C - ok
14:22:47.0409 5788  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:22:47.0444 5788  LanmanServer - ok
14:22:47.0472 5788  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:22:47.0493 5788  LanmanWorkstation - ok
14:22:47.0548 5788  [ C7D21310EA0A644AA6394DE1E46E3D31 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
14:22:47.0550 5788  libusb0 - ok
14:22:47.0600 5788  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:22:47.0602 5788  lltdio - ok
14:22:47.0628 5788  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:22:47.0642 5788  lltdsvc - ok
14:22:47.0660 5788  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:22:47.0670 5788  lmhosts - ok
14:22:47.0746 5788  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:22:47.0748 5788  LSI_FC - ok
14:22:47.0760 5788  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:22:47.0762 5788  LSI_SAS - ok
14:22:47.0778 5788  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:22:47.0780 5788  LSI_SAS2 - ok
14:22:47.0793 5788  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:22:47.0795 5788  LSI_SCSI - ok
14:22:47.0815 5788  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:22:47.0818 5788  luafv - ok
14:22:47.0893 5788  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:22:47.0894 5788  MBAMProtector - ok
14:22:47.0948 5788  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:22:47.0962 5788  MBAMScheduler - ok
14:22:48.0014 5788  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:22:48.0019 5788  MBAMService - ok
14:22:48.0045 5788  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:22:48.0056 5788  Mcx2Svc - ok
14:22:48.0081 5788  [ A3B8F49446F15931E46380151E73221F ] mdmxsdk         C:\Windows\system32\DRIVERS\ACFSDK64.sys
14:22:48.0082 5788  mdmxsdk - ok
14:22:48.0107 5788  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:22:48.0108 5788  megasas - ok
14:22:48.0131 5788  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:22:48.0134 5788  MegaSR - ok
14:22:48.0160 5788  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:22:48.0171 5788  MMCSS - ok
14:22:48.0183 5788  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:22:48.0185 5788  Modem - ok
14:22:48.0222 5788  [ E38AEF079CD3BCFA19F2072A214F829D ] MODEMCSA        C:\Windows\system32\drivers\MODEMCSA.sys
14:22:48.0223 5788  MODEMCSA - ok
14:22:48.0236 5788  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:22:48.0238 5788  monitor - ok
14:22:48.0279 5788  [ 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
14:22:48.0281 5788  MotioninJoyXFilter - ok
14:22:48.0298 5788  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:22:48.0300 5788  mouclass - ok
14:22:48.0332 5788  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:22:48.0333 5788  mouhid - ok
14:22:48.0369 5788  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:22:48.0371 5788  mountmgr - ok
14:22:48.0413 5788  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:22:48.0415 5788  mpio - ok
14:22:48.0431 5788  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:22:48.0432 5788  mpsdrv - ok
14:22:48.0472 5788  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:22:48.0489 5788  MpsSvc - ok
14:22:48.0511 5788  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:22:48.0513 5788  MRxDAV - ok
14:22:48.0542 5788  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:48.0544 5788  mrxsmb - ok
14:22:48.0570 5788  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:48.0574 5788  mrxsmb10 - ok
14:22:48.0587 5788  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:48.0589 5788  mrxsmb20 - ok
14:22:48.0623 5788  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:22:48.0625 5788  msahci - ok
14:22:48.0653 5788  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:22:48.0655 5788  msdsm - ok
14:22:48.0688 5788  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:22:48.0701 5788  MSDTC - ok
14:22:48.0738 5788  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:22:48.0740 5788  Msfs - ok
14:22:48.0771 5788  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:22:48.0773 5788  mshidkmdf - ok
14:22:48.0794 5788  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:22:48.0796 5788  msisadrv - ok
14:22:48.0830 5788  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:22:48.0841 5788  MSiSCSI - ok
14:22:48.0845 5788  msiserver - ok
14:22:48.0873 5788  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:22:48.0875 5788  MSKSSRV - ok
14:22:48.0888 5788  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:48.0890 5788  MSPCLOCK - ok
14:22:48.0905 5788  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:22:48.0906 5788  MSPQM - ok
14:22:48.0940 5788  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:22:48.0944 5788  MsRPC - ok
14:22:48.0970 5788  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:22:48.0971 5788  mssmbios - ok
14:22:48.0990 5788  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:22:48.0991 5788  MSTEE - ok
14:22:49.0019 5788  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:22:49.0021 5788  MTConfig - ok
14:22:49.0057 5788  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
14:22:49.0058 5788  MTsensor - ok
14:22:49.0083 5788  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:22:49.0084 5788  Mup - ok
14:22:49.0115 5788  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:22:49.0133 5788  napagent - ok
14:22:49.0178 5788  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:22:49.0182 5788  NativeWifiP - ok
14:22:49.0227 5788  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:22:49.0238 5788  NDIS - ok
14:22:49.0276 5788  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:49.0277 5788  NdisCap - ok
14:22:49.0299 5788  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:49.0300 5788  NdisTapi - ok
14:22:49.0322 5788  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:49.0324 5788  Ndisuio - ok
14:22:49.0361 5788  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:49.0363 5788  NdisWan - ok
14:22:49.0381 5788  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:22:49.0382 5788  NDProxy - ok
14:22:49.0413 5788  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:22:49.0415 5788  NetBIOS - ok
14:22:49.0443 5788  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:22:49.0446 5788  NetBT - ok
14:22:49.0478 5788  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:22:49.0488 5788  Netlogon - ok
14:22:49.0525 5788  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:22:49.0540 5788  Netman - ok
14:22:49.0601 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0604 5788  NetMsmqActivator - ok
14:22:49.0617 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0622 5788  NetPipeActivator - ok
14:22:49.0648 5788  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:22:49.0664 5788  netprofm - ok
14:22:49.0671 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0675 5788  NetTcpActivator - ok
14:22:49.0690 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0693 5788  NetTcpPortSharing - ok
14:22:49.0847 5788  [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64        C:\Windows\system32\DRIVERS\NETw1v64.sys
14:22:49.0984 5788  NETw1v64 - ok
14:22:50.0135 5788  [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
14:22:50.0269 5788  NETw5s64 - ok
14:22:50.0298 5788  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:22:50.0299 5788  nfrd960 - ok
14:22:50.0332 5788  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:22:50.0347 5788  NlaSvc - ok
14:22:50.0375 5788  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
14:22:50.0377 5788  NPF - ok
14:22:50.0396 5788  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:22:50.0397 5788  Npfs - ok
14:22:50.0419 5788  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:22:50.0430 5788  nsi - ok
14:22:50.0446 5788  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:22:50.0447 5788  nsiproxy - ok
14:22:50.0513 5788  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:22:50.0530 5788  Ntfs - ok
14:22:50.0560 5788  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:22:50.0561 5788  Null - ok
14:22:50.0603 5788  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:22:50.0605 5788  nvraid - ok
14:22:50.0626 5788  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:22:50.0628 5788  nvstor - ok
14:22:50.0660 5788  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:22:50.0662 5788  nv_agp - ok
14:22:50.0714 5788  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:22:50.0716 5788  ohci1394 - ok
14:22:50.0817 5788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:22:50.0832 5788  p2pimsvc - ok
14:22:50.0854 5788  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:22:50.0871 5788  p2psvc - ok
14:22:50.0896 5788  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:22:50.0898 5788  Parport - ok
14:22:50.0918 5788  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:22:50.0920 5788  partmgr - ok
14:22:50.0990 5788  [ 7C0582921913D00180EC2B8518BA135C ] pbfilter        C:\Program Files\PeerBlock\pbfilter.sys
14:22:50.0991 5788  pbfilter - ok
14:22:51.0015 5788  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:22:51.0029 5788  PcaSvc - ok
14:22:51.0048 5788  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:22:51.0051 5788  pci - ok
14:22:51.0068 5788  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:22:51.0070 5788  pciide - ok
14:22:51.0100 5788  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:22:51.0102 5788  pcmcia - ok
14:22:51.0128 5788  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:22:51.0130 5788  pcw - ok
14:22:51.0159 5788  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:22:51.0166 5788  PEAUTH - ok
14:22:51.0230 5788  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:22:51.0245 5788  PerfHost - ok
14:22:51.0300 5788  [ A6E5F199999E02FF8BBFB23212495EAA ] pfs_dokan       C:\Windows\system32\DRIVERS\pfs_dokan.sys
14:22:51.0301 5788  pfs_dokan - ok
14:22:51.0373 5788  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:22:51.0400 5788  pla - ok
14:22:51.0452 5788  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:22:51.0473 5788  PlugPlay - ok
14:22:51.0499 5788  [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
14:22:51.0500 5788  pneteth - ok
14:22:51.0542 5788  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
14:22:51.0543 5788  pnetmdm - ok
14:22:51.0576 5788  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:22:51.0589 5788  PNRPAutoReg - ok
14:22:51.0605 5788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:22:51.0619 5788  PNRPsvc - ok
14:22:51.0662 5788  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:22:51.0675 5788  PolicyAgent - ok
14:22:51.0708 5788  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:22:51.0726 5788  Power - ok
14:22:51.0755 5788  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:22:51.0757 5788  PptpMiniport - ok
14:22:51.0788 5788  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:22:51.0790 5788  Processor - ok
14:22:51.0818 5788  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:22:51.0832 5788  ProfSvc - ok
14:22:51.0844 5788  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:22:51.0854 5788  ProtectedStorage - ok
14:22:51.0888 5788  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:22:51.0890 5788  Psched - ok
14:22:51.0936 5788  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:22:51.0951 5788  ql2300 - ok
14:22:51.0968 5788  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:22:51.0969 5788  ql40xx - ok
14:22:52.0005 5788  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:22:52.0021 5788  QWAVE - ok
14:22:52.0049 5788  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:22:52.0051 5788  QWAVEdrv - ok
14:22:52.0076 5788  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:22:52.0077 5788  RasAcd - ok
14:22:52.0115 5788  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:52.0116 5788  RasAgileVpn - ok
14:22:52.0129 5788  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:22:52.0144 5788  RasAuto - ok
14:22:52.0170 5788  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:52.0171 5788  Rasl2tp - ok
14:22:52.0205 5788  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:22:52.0221 5788  RasMan - ok
14:22:52.0240 5788  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:52.0242 5788  RasPppoe - ok
14:22:52.0272 5788  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:22:52.0274 5788  RasSstp - ok
14:22:52.0296 5788  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:22:52.0300 5788  rdbss - ok
14:22:52.0314 5788  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:52.0316 5788  rdpbus - ok
14:22:52.0332 5788  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:52.0334 5788  RDPCDD - ok
14:22:52.0352 5788  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:22:52.0353 5788  RDPENCDD - ok
14:22:52.0374 5788  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:22:52.0375 5788  RDPREFMP - ok
14:22:52.0447 5788  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:22:52.0448 5788  RdpVideoMiniport - ok
14:22:52.0490 5788  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:22:52.0493 5788  RDPWD - ok
14:22:52.0527 5788  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:22:52.0530 5788  rdyboost - ok
14:22:52.0559 5788  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:22:52.0571 5788  RemoteAccess - ok
14:22:52.0598 5788  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:22:52.0612 5788  RemoteRegistry - ok
14:22:52.0676 5788  [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
14:22:52.0678 5788  Revoflt - ok
14:22:52.0735 5788  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
14:22:52.0736 5788  ROOTMODEM - ok
14:22:52.0791 5788  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:22:52.0805 5788  RpcEptMapper - ok
14:22:52.0833 5788  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:22:52.0842 5788  RpcLocator - ok
14:22:52.0889 5788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:22:52.0905 5788  RpcSs - ok
14:22:52.0928 5788  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:22:52.0930 5788  rspndr - ok
14:22:52.0944 5788  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:22:52.0954 5788  SamSs - ok
14:22:53.0098 5788  [ 65EB0656904DC611A3FC86A2FF255A04 ] SBAMSvc         C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
14:22:53.0178 5788  SBAMSvc - ok
14:22:53.0211 5788  [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
14:22:53.0212 5788  sbapifs - ok
14:22:53.0259 5788  [ D8E08D2D24E777894744B657EA78796A ] SbFw            C:\Windows\system32\drivers\SbFw.sys
14:22:53.0262 5788  SbFw - ok
14:22:53.0323 5788  [ 9AEF0F267553FD9C900E9449B61586B7 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
14:22:53.0325 5788  SBFWIMCL - ok
14:22:53.0346 5788  [ 9AEF0F267553FD9C900E9449B61586B7 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
14:22:53.0349 5788  SBFWIMCLMP - ok
14:22:53.0397 5788  [ 1490E7C7A22329BE5641D4C2E16B868E ] SbHips          C:\Windows\system32\drivers\sbhips.sys
14:22:53.0399 5788  SbHips - ok
14:22:53.0427 5788  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:22:53.0428 5788  sbp2port - ok
14:22:53.0473 5788  [ 2F237D2248C7EA1B566AA106BB834A21 ] SBPIMSvc        C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
14:22:53.0479 5788  SBPIMSvc - ok
14:22:53.0534 5788  [ FD833BEE2FD9BEFDC0AFD1941A306D9E ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
14:22:53.0535 5788  SBRE - ok
14:22:53.0614 5788  [ 051C35F5FF516398FFC806979C709A2F ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
14:22:53.0616 5788  sbwtis - ok
14:22:53.0668 5788  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:22:53.0684 5788  SCardSvr - ok
14:22:53.0748 5788  [ 3AC948640421E3891A49AA83C6B77B7A ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
14:22:53.0750 5788  SCDEmu - ok
14:22:53.0815 5788  [ F76296F74AAB4AA7FB6A425411B0D82E ] SCEFSMounter    C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
14:22:53.0817 5788  SCEFSMounter - ok
14:22:53.0853 5788  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:22:53.0855 5788  scfilter - ok
14:22:53.0903 5788  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:22:53.0928 5788  Schedule - ok
14:22:53.0969 5788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:22:53.0971 5788  SCPolicySvc - ok
14:22:53.0993 5788  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:22:54.0009 5788  SDRSVC - ok
14:22:54.0039 5788  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:22:54.0040 5788  secdrv - ok
14:22:54.0085 5788  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:22:54.0100 5788  seclogon - ok
14:22:54.0119 5788  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:22:54.0134 5788  SENS - ok
14:22:54.0151 5788  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:22:54.0166 5788  SensrSvc - ok
14:22:54.0182 5788  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:22:54.0183 5788  Serenum - ok
14:22:54.0213 5788  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:22:54.0215 5788  Serial - ok
14:22:54.0251 5788  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:22:54.0252 5788  sermouse - ok
14:22:54.0298 5788  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:22:54.0314 5788  SessionEnv - ok
14:22:54.0352 5788  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:22:54.0353 5788  sffdisk - ok
14:22:54.0394 5788  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:22:54.0396 5788  sffp_mmc - ok
14:22:54.0425 5788  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:22:54.0426 5788  sffp_sd - ok
14:22:54.0471 5788  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:22:54.0472 5788  sfloppy - ok
14:22:54.0505 5788  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:22:54.0517 5788  SharedAccess - ok
14:22:54.0541 5788  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:22:54.0559 5788  ShellHWDetection - ok
14:22:54.0582 5788  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
14:22:54.0584 5788  SiSGbeLH - ok
14:22:54.0612 5788  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:22:54.0613 5788  SiSRaid2 - ok
14:22:54.0636 5788  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:22:54.0637 5788  SiSRaid4 - ok
14:22:54.0728 5788  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:54.0730 5788  SkypeUpdate - ok
14:22:54.0777 5788  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:22:54.0779 5788  Smb - ok
14:22:54.0820 5788  [ D9200D6B9CCFB74EC8743772748A9E57 ] SMServer        C:\Windows\SysWOW64\snmvtsvc.exe
14:22:54.0874 5788  SMServer - ok
14:22:54.0908 5788  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:22:54.0924 5788  SNMPTRAP - ok
14:22:54.0985 5788  [ 7AEC460DBDD193680F0E77724E40E7B6 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
14:22:55.0005 5788  SNP2UVC - ok
14:22:55.0025 5788  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:22:55.0026 5788  spldr - ok
14:22:55.0065 5788  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:22:55.0086 5788  Spooler - ok
14:22:55.0183 5788  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:22:55.0274 5788  sppsvc - ok
14:22:55.0319 5788  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:22:55.0335 5788  sppuinotify - ok
14:22:55.0371 5788  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:22:55.0376 5788  srv - ok
14:22:55.0391 5788  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:22:55.0396 5788  srv2 - ok
14:22:55.0409 5788  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:22:55.0412 5788  srvnet - ok
14:22:55.0453 5788  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:22:55.0472 5788  SSDPSRV - ok
14:22:55.0486 5788  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:22:55.0502 5788  SstpSvc - ok
14:22:55.0539 5788  [ E9807F4E870D4A404441804D2DCF721D ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
14:22:55.0542 5788  ssudmdm - ok
14:22:55.0582 5788  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:22:55.0583 5788  stexstor - ok
14:22:55.0664 5788  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:22:55.0688 5788  stisvc - ok
14:22:55.0718 5788  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:22:55.0719 5788  swenum - ok
14:22:55.0754 5788  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:22:55.0775 5788  swprv - ok
14:22:55.0835 5788  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:22:55.0868 5788  SysMain - ok
14:22:55.0894 5788  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:22:55.0912 5788  TabletInputService - ok
14:22:55.0941 5788  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:22:55.0943 5788  tap0901 - ok
14:22:55.0960 5788  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:22:55.0980 5788  TapiSrv - ok
14:22:56.0022 5788  [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD ] tapoas          C:\Windows\system32\DRIVERS\tapoas.sys
14:22:56.0024 5788  tapoas - ok
14:22:56.0059 5788  [ 185C2170CFD84F9D708276FBB5ABD77D ] tapSF0901       C:\Windows\system32\DRIVERS\tapSF0901.sys
14:22:56.0060 5788  tapSF0901 - ok
14:22:56.0092 5788  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:22:56.0110 5788  TBS - ok
14:22:56.0174 5788  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:22:56.0193 5788  Tcpip - ok
14:22:56.0231 5788  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:22:56.0242 5788  TCPIP6 - ok
14:22:56.0262 5788  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:22:56.0264 5788  tcpipreg - ok
14:22:56.0309 5788  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:22:56.0310 5788  TDPIPE - ok
14:22:56.0341 5788  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:22:56.0343 5788  TDTCP - ok
14:22:56.0378 5788  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:22:56.0380 5788  tdx - ok
14:22:56.0402 5788  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:22:56.0404 5788  TermDD - ok
14:22:56.0437 5788  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:22:56.0460 5788  TermService - ok
14:22:56.0498 5788  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:22:56.0514 5788  Themes - ok
14:22:56.0538 5788  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:22:56.0548 5788  THREADORDER - ok
14:22:56.0581 5788  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
14:22:56.0583 5788  TIEHDUSB - ok
14:22:56.0641 5788  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:22:56.0659 5788  TrkWks - ok
14:22:56.0709 5788  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:22:56.0751 5788  TrustedInstaller - ok
14:22:56.0776 5788  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:56.0778 5788  tssecsrv - ok
14:22:56.0837 5788  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:22:56.0838 5788  TsUsbFlt - ok
14:22:56.0885 5788  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:22:56.0887 5788  tunnel - ok
14:22:56.0905 5788  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:22:56.0906 5788  uagp35 - ok
14:22:56.0949 5788  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:22:56.0953 5788  udfs - ok
14:22:56.0981 5788  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:22:56.0999 5788  UI0Detect - ok
14:22:57.0032 5788  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:22:57.0034 5788  uliagpkx - ok
14:22:57.0063 5788  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
14:22:57.0065 5788  umbus - ok
14:22:57.0089 5788  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:22:57.0091 5788  UmPass - ok
14:22:57.0114 5788  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:22:57.0135 5788  upnphost - ok
14:22:57.0192 5788  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:22:57.0194 5788  USBAAPL64 - ok
14:22:57.0240 5788  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:22:57.0241 5788  usbaudio - ok
14:22:57.0279 5788  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:57.0281 5788  usbccgp - ok
14:22:57.0320 5788  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:22:57.0322 5788  usbcir - ok
14:22:57.0342 5788  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:22:57.0344 5788  usbehci - ok
14:22:57.0379 5788  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:22:57.0383 5788  usbhub - ok
14:22:57.0444 5788  [ 5C4219C10B5887DFF85E1D2779AED55B ] usbio           C:\Windows\system32\Drivers\dsiarhwprog_x64.sys
14:22:57.0445 5788  usbio - ok
14:22:57.0486 5788  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:22:57.0488 5788  usbohci - ok
14:22:57.0522 5788  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:22:57.0524 5788  usbprint - ok
14:22:57.0565 5788  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:57.0566 5788  USBSTOR - ok
14:22:57.0584 5788  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:22:57.0585 5788  usbuhci - ok
14:22:57.0633 5788  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:22:57.0635 5788  usbvideo - ok
14:22:57.0689 5788  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:22:57.0690 5788  usb_rndisx - ok
14:22:57.0714 5788  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:22:57.0731 5788  UxSms - ok
14:22:57.0745 5788  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:22:57.0754 5788  VaultSvc - ok
14:22:57.0796 5788  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:22:57.0797 5788  vdrvroot - ok
14:22:57.0828 5788  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:22:57.0852 5788  vds - ok
14:22:57.0886 5788  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:57.0887 5788  vga - ok
14:22:57.0912 5788  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:22:57.0914 5788  VgaSave - ok
14:22:57.0944 5788  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:22:57.0947 5788  vhdmp - ok
14:22:57.0968 5788  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:22:57.0970 5788  viaide - ok
14:22:57.0990 5788  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:22:57.0991 5788  volmgr - ok
14:22:58.0022 5788  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:22:58.0027 5788  volmgrx - ok
14:22:58.0047 5788  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:22:58.0051 5788  volsnap - ok
14:22:58.0074 5788  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:22:58.0077 5788  vsmraid - ok
14:22:58.0124 5788  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:22:58.0157 5788  VSS - ok
14:22:58.0172 5788  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:22:58.0173 5788  vwifibus - ok
14:22:58.0196 5788  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:22:58.0198 5788  vwififlt - ok
14:22:58.0223 5788  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:22:58.0225 5788  vwifimp - ok
14:22:58.0272 5788  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:22:58.0292 5788  W32Time - ok
14:22:58.0312 5788  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:22:58.0314 5788  WacomPen - ok
14:22:58.0354 5788  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0356 5788  WANARP - ok
14:22:58.0372 5788  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0374 5788  Wanarpv6 - ok
14:22:58.0420 5788  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:22:58.0476 5788  WatAdminSvc - ok
14:22:58.0542 5788  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:22:58.0574 5788  wbengine - ok
14:22:58.0603 5788  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:22:58.0624 5788  WbioSrvc - ok
14:22:58.0657 5788  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:22:58.0679 5788  wcncsvc - ok
14:22:58.0698 5788  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:22:58.0718 5788  WcsPlugInService - ok
14:22:58.0747 5788  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:22:58.0749 5788  Wd - ok
14:22:58.0806 5788  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:22:58.0815 5788  Wdf01000 - ok
14:22:58.0830 5788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:22:58.0849 5788  WdiServiceHost - ok
14:22:58.0853 5788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:22:58.0871 5788  WdiSystemHost - ok
14:22:58.0900 5788  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:22:58.0921 5788  WebClient - ok
14:22:58.0949 5788  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:22:58.0970 5788  Wecsvc - ok
14:22:58.0984 5788  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:22:59.0003 5788  wercplsupport - ok
14:22:59.0022 5788  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:22:59.0041 5788  WerSvc - ok
14:22:59.0063 5788  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:59.0065 5788  WfpLwf - ok
14:22:59.0102 5788  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:22:59.0105 5788  WimFltr - ok
14:22:59.0117 5788  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:22:59.0118 5788  WIMMount - ok
14:22:59.0135 5788  WinDefend - ok
14:22:59.0149 5788  WinHttpAutoProxySvc - ok
14:22:59.0201 5788  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:22:59.0218 5788  Winmgmt - ok
14:22:59.0288 5788  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:22:59.0328 5788  WinRM - ok
14:22:59.0405 5788  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:22:59.0407 5788  WinUsb - ok
14:22:59.0451 5788  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:22:59.0478 5788  Wlansvc - ok
14:22:59.0497 5788  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:22:59.0498 5788  WmiAcpi - ok
14:22:59.0536 5788  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:22:59.0542 5788  wmiApSrv - ok
14:22:59.0599 5788  WMPNetworkSvc - ok
14:22:59.0634 5788  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:22:59.0653 5788  WPCSvc - ok
14:22:59.0684 5788  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:22:59.0703 5788  WPDBusEnum - ok
14:22:59.0735 5788  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:22:59.0737 5788  ws2ifsl - ok
14:22:59.0757 5788  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:22:59.0778 5788  wscsvc - ok
14:22:59.0782 5788  WSearch - ok
14:22:59.0864 5788  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:22:59.0905 5788  wuauserv - ok
14:22:59.0924 5788  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:22:59.0926 5788  WudfPf - ok
14:22:59.0957 5788  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:22:59.0960 5788  WUDFRd - ok
14:22:59.0995 5788  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:23:00.0013 5788  wudfsvc - ok
14:23:00.0051 5788  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:23:00.0086 5788  WwanSvc - ok
14:23:00.0128 5788  [ 747006E7B4029EFEF3E975F1DE09B4DA ] XAudio          C:\Windows\system32\DRIVERS\ACFXAU64.sys
14:23:00.0129 5788  XAudio - ok
14:23:00.0165 5788  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:23:00.0167 5788  xusb21 - ok
14:23:00.0215 5788  ================ Scan global ===============================
14:23:00.0241 5788  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:23:00.0263 5788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:23:00.0288 5788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:23:00.0323 5788  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:23:00.0361 5788  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:23:00.0378 5788  [Global] - ok
14:23:00.0378 5788  ================ Scan MBR ==================================
14:23:00.0397 5788  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:23:00.0580 5788  \Device\Harddisk0\DR0 - ok
14:23:00.0581 5788  ================ Scan VBR ==================================
14:23:00.0584 5788  [ E09F52EE4ACF1E69A22563F70156E8AB ] \Device\Harddisk0\DR0\Partition1
14:23:00.0585 5788  \Device\Harddisk0\DR0\Partition1 - ok
14:23:00.0586 5788  ============================================================
14:23:00.0586 5788  Scan finished
14:23:00.0586 5788  ============================================================
14:23:00.0596 6084  Detected object count: 0
14:23:00.0596 6084  Actual detected object count: 0
14:23:38.0257 5008  Deinitialize success
-----------------------------------------------------
 

Hope I did this right.



Okay, won't quote. I think I'm pretty savvy with computers. Not smart enough to do the stuff you're doing. But I'm alright with most things. I'll do what you say, I'm not going to do my own thing and disobey you :)

 

 

------------------------------------

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-26 14:15:34
-----------------------------
14:15:34.341    OS Version: Windows x64 6.1.7601 Service Pack 1
14:15:34.342    Number of processors: 2 586 0x170A
14:15:34.342    ComputerName: JEREMY-PC  UserName: Jeremy
14:15:36.733    Initialize success
14:16:37.266    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:16:37.269    Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
14:16:37.413    Disk 0 MBR read successfully
14:16:37.416    Disk 0 MBR scan
14:16:37.418    Disk 0 Windows VISTA default MBR code
14:16:37.445    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    14998 MB offset 2048
14:16:37.461    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       461940 MB offset 30717952
14:16:37.570    Disk 0 scanning C:\Windows\system32\drivers
14:16:52.312    Service scanning
14:17:16.343    Modules scanning
14:17:16.350    Disk 0 trace - called modules:
14:17:16.381    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
14:17:16.385    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004898170]
14:17:16.389    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8003cf3e40]
14:17:16.395    5 ACPI.sys[fffff88000e1b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046d1050]
14:17:16.400    Scan finished successfully
14:20:17.759    Disk 0 MBR has been saved successfully to "C:\Users\Jeremy\Desktop\MBR.dat"
14:20:17.765    The log file has been saved successfully to "C:\Users\Jeremy\Desktop\aswMBR.txt"
---------------------------------------
 
---------------------------------------
14:22:27.0172 4660  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:22:27.0785 4660  ============================================================
14:22:27.0785 4660  Current date / time: 2013/07/26 14:22:27.0785
14:22:27.0785 4660  SystemInfo:
14:22:27.0785 4660  
14:22:27.0785 4660  OS Version: 6.1.7601 ServicePack: 1.0
14:22:27.0785 4660  Product type: Workstation
14:22:27.0785 4660  ComputerName: JEREMY-PC
14:22:27.0785 4660  UserName: Jeremy
14:22:27.0785 4660  Windows directory: C:\Windows
14:22:27.0785 4660  System windows directory: C:\Windows
14:22:27.0785 4660  Running under WOW64
14:22:27.0785 4660  Processor architecture: Intel x64
14:22:27.0785 4660  Number of processors: 2
14:22:27.0785 4660  Page size: 0x1000
14:22:27.0786 4660  Boot type: Normal boot
14:22:27.0786 4660  ============================================================
14:22:28.0584 4660  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:28.0591 4660  ============================================================
14:22:28.0591 4660  \Device\Harddisk0\DR0:
14:22:28.0591 4660  MBR partitions:
14:22:28.0591 4660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0x3863A030
14:22:28.0591 4660  ============================================================
14:22:28.0630 4660  C: <-> \Device\Harddisk0\DR0\Partition1
14:22:28.0630 4660  ============================================================
14:22:28.0630 4660  Initialize success
14:22:28.0630 4660  ============================================================
14:22:38.0118 5788  ============================================================
14:22:38.0118 5788  Scan started
14:22:38.0118 5788  Mode: Manual; 
14:22:38.0118 5788  ============================================================
14:22:38.0363 5788  ================ Scan system memory ========================
14:22:38.0363 5788  System memory - ok
14:22:38.0364 5788  ================ Scan services =============================
14:22:38.0518 5788  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:22:38.0522 5788  1394ohci - ok
14:22:38.0599 5788  [ EE3DBB9504F9B99EB44A3785AABD1D5C ] acfva           C:\Windows\system32\DRIVERS\ACFVA64.sys
14:22:38.0601 5788  acfva - ok
14:22:38.0707 5788  [ D67C517B4EEC71B975CC913BA2625C54 ] AcfXAudioService C:\Windows\SysWOW64\ACFXAU64.dll
14:22:38.0717 5788  AcfXAudioService - ok
14:22:38.0750 5788  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:22:38.0754 5788  ACPI - ok
14:22:38.0797 5788  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:22:38.0798 5788  AcpiPmi - ok
14:22:38.0859 5788  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:22:38.0865 5788  adp94xx - ok
14:22:38.0898 5788  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:22:38.0901 5788  adpahci - ok
14:22:38.0934 5788  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:22:38.0936 5788  adpu320 - ok
14:22:38.0965 5788  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:22:38.0977 5788  AeLookupSvc - ok
14:22:39.0057 5788  [ 114C042FF784B4C5670290A661799357 ] AFBAgent        C:\Windows\system32\FBAgent.exe
14:22:39.0127 5788  AFBAgent - ok
14:22:39.0181 5788  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:22:39.0188 5788  AFD - ok
14:22:39.0240 5788  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:22:39.0241 5788  agp440 - ok
14:22:39.0300 5788  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:22:39.0302 5788  ALG - ok
14:22:39.0347 5788  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:22:39.0348 5788  aliide - ok
14:22:39.0363 5788  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:22:39.0364 5788  amdide - ok
14:22:39.0399 5788  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:22:39.0400 5788  AmdK8 - ok
14:22:39.0427 5788  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:22:39.0428 5788  AmdPPM - ok
14:22:39.0480 5788  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:22:39.0481 5788  amdsata - ok
14:22:39.0519 5788  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:22:39.0521 5788  amdsbs - ok
14:22:39.0537 5788  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:22:39.0538 5788  amdxata - ok
14:22:39.0574 5788  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
14:22:39.0576 5788  AmUStor - ok
14:22:39.0621 5788  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:22:39.0622 5788  AppID - ok
14:22:39.0651 5788  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:22:39.0654 5788  AppIDSvc - ok
14:22:39.0685 5788  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:22:39.0687 5788  Appinfo - ok
14:22:39.0787 5788  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:22:39.0840 5788  Apple Mobile Device - ok
14:22:39.0880 5788  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:22:39.0881 5788  arc - ok
14:22:39.0928 5788  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:22:39.0930 5788  arcsas - ok
14:22:39.0962 5788  [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
14:22:39.0963 5788  AsDsm - ok
14:22:40.0014 5788  [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
14:22:40.0015 5788  ASLDRService - ok
14:22:40.0069 5788  [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
14:22:40.0070 5788  ASMMAP64 - ok
14:22:40.0188 5788  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:22:40.0199 5788  aspnet_state - ok
14:22:40.0229 5788  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:40.0230 5788  AsyncMac - ok
14:22:40.0258 5788  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:22:40.0259 5788  atapi - ok
14:22:40.0325 5788  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:22:40.0339 5788  athr - ok
14:22:40.0364 5788  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
14:22:40.0366 5788  ATKGFNEXSrv - ok
14:22:40.0410 5788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:22:40.0418 5788  AudioEndpointBuilder - ok
14:22:40.0430 5788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:22:40.0436 5788  AudioSrv - ok
14:22:40.0491 5788  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:22:40.0495 5788  AxInstSV - ok
14:22:40.0554 5788  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:22:40.0559 5788  b06bdrv - ok
14:22:40.0602 5788  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:40.0605 5788  b57nd60a - ok
14:22:40.0655 5788  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:22:40.0659 5788  BDESVC - ok
14:22:40.0682 5788  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:22:40.0683 5788  Beep - ok
14:22:40.0739 5788  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:22:40.0748 5788  BFE - ok
14:22:40.0778 5788  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:22:40.0900 5788  BITS - ok
14:22:40.0921 5788  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:22:40.0923 5788  blbdrive - ok
14:22:40.0977 5788  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:22:40.0981 5788  Bonjour Service - ok
14:22:41.0026 5788  [ 52D3808A7BD62AF0F18123344779DBA1 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
14:22:41.0027 5788  BootDefragDriver - ok
14:22:41.0059 5788  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:22:41.0061 5788  bowser - ok
14:22:41.0091 5788  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:22:41.0092 5788  BrFiltLo - ok
14:22:41.0124 5788  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:22:41.0125 5788  BrFiltUp - ok
14:22:41.0173 5788  [ 5C2F352A4E961D72518261257AAE204B ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
14:22:41.0174 5788  Bridge - ok
14:22:41.0213 5788  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:22:41.0215 5788  BridgeMP - ok
14:22:41.0247 5788  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:22:41.0251 5788  Browser - ok
14:22:41.0325 5788  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:22:41.0328 5788  Brserid - ok
14:22:41.0368 5788  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:41.0369 5788  BrSerWdm - ok
14:22:41.0382 5788  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:41.0383 5788  BrUsbMdm - ok
14:22:41.0401 5788  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:41.0402 5788  BrUsbSer - ok
14:22:41.0437 5788  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:22:41.0438 5788  BTHMODEM - ok
14:22:41.0490 5788  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:22:41.0494 5788  bthserv - ok
14:22:41.0527 5788  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:22:41.0529 5788  cdfs - ok
14:22:41.0571 5788  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:22:41.0573 5788  cdrom - ok
14:22:41.0613 5788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:22:41.0616 5788  CertPropSvc - ok
14:22:41.0664 5788  [ 98C3DBAFBCC4515A6BB422321D187D37 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:22:41.0666 5788  CinemaNow Service - ok
14:22:41.0707 5788  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:22:41.0708 5788  circlass - ok
14:22:41.0744 5788  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:22:41.0750 5788  CLFS - ok
14:22:41.0825 5788  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:41.0843 5788  clr_optimization_v2.0.50727_32 - ok
14:22:41.0880 5788  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:41.0885 5788  clr_optimization_v2.0.50727_64 - ok
14:22:41.0957 5788  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:42.0053 5788  clr_optimization_v4.0.30319_32 - ok
14:22:42.0081 5788  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:42.0119 5788  clr_optimization_v4.0.30319_64 - ok
14:22:42.0134 5788  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:22:42.0135 5788  CmBatt - ok
14:22:42.0159 5788  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:22:42.0160 5788  cmdide - ok
14:22:42.0209 5788  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
14:22:42.0214 5788  CNG - ok
14:22:42.0257 5788  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:22:42.0259 5788  Compbatt - ok
14:22:42.0288 5788  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:22:42.0289 5788  CompositeBus - ok
14:22:42.0305 5788  COMSysApp - ok
14:22:42.0332 5788  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:22:42.0333 5788  crcdisk - ok
14:22:42.0366 5788  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:22:42.0373 5788  CryptSvc - ok
14:22:42.0408 5788  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
14:22:42.0409 5788  CVirtA - ok
14:22:42.0440 5788  [ 56F5311145CDFC984AB21C9862DC74F8 ] DbusAudio       C:\Windows\system32\drivers\DbusAudio.sys
14:22:42.0441 5788  DbusAudio - ok
14:22:42.0478 5788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:22:42.0513 5788  DcomLaunch - ok
14:22:42.0541 5788  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:22:42.0548 5788  defragsvc - ok
14:22:42.0590 5788  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:22:42.0591 5788  DfsC - ok
14:22:42.0622 5788  [ BB3003D9DB0D3B18B3284CCFD57F3C3F ] dgcfltr         C:\Windows\system32\DRIVERS\ACFDCP64.sys
14:22:42.0623 5788  dgcfltr - ok
14:22:42.0676 5788  [ B776FF14D4A9A8C7E9A18FE39D4B9B4E ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
14:22:42.0678 5788  dg_ssudbus - ok
14:22:42.0727 5788  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:22:42.0735 5788  Dhcp - ok
14:22:42.0773 5788  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:22:42.0775 5788  discache - ok
14:22:42.0805 5788  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:22:42.0806 5788  Disk - ok
14:22:42.0853 5788  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
14:22:42.0855 5788  DNE - ok
14:22:42.0900 5788  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:22:42.0906 5788  Dnscache - ok
14:22:42.0938 5788  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:22:42.0946 5788  dot3svc - ok
14:22:42.0977 5788  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:22:42.0982 5788  DPS - ok
14:22:43.0024 5788  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:22:43.0025 5788  drmkaud - ok
14:22:43.0075 5788  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:22:43.0086 5788  DXGKrnl - ok
14:22:43.0119 5788  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:22:43.0124 5788  EapHost - ok
14:22:43.0136 5788  easytether - ok
14:22:43.0229 5788  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:22:43.0295 5788  ebdrv - ok
14:22:43.0333 5788  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:22:43.0343 5788  EFS - ok
14:22:43.0407 5788  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:22:43.0429 5788  ehRecvr - ok
14:22:43.0449 5788  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:22:43.0453 5788  ehSched - ok
14:22:43.0503 5788  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:22:43.0509 5788  elxstor - ok
14:22:43.0538 5788  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:22:43.0539 5788  ErrDev - ok
14:22:43.0570 5788  [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
14:22:43.0572 5788  ETD - ok
14:22:43.0607 5788  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:22:43.0617 5788  EventSystem - ok
14:22:43.0644 5788  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:22:43.0647 5788  exfat - ok
14:22:43.0752 5788  [ 8C89F06DBC239492E0AAAA0B0D8645EA ] FastBootAgent   C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
14:22:43.0789 5788  FastBootAgent - ok
14:22:43.0837 5788  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:22:43.0839 5788  fastfat - ok
14:22:43.0898 5788  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:22:43.0910 5788  Fax - ok
14:22:43.0927 5788  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:22:43.0928 5788  fdc - ok
14:22:43.0971 5788  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:22:43.0978 5788  fdPHost - ok
14:22:43.0991 5788  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:22:43.0999 5788  FDResPub - ok
14:22:44.0034 5788  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:22:44.0035 5788  FileInfo - ok
14:22:44.0055 5788  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:22:44.0056 5788  Filetrace - ok
14:22:44.0139 5788  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:22:44.0181 5788  FLEXnet Licensing Service - ok
14:22:44.0221 5788  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:22:44.0223 5788  flpydisk - ok
14:22:44.0255 5788  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:22:44.0258 5788  FltMgr - ok
14:22:44.0312 5788  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:22:44.0329 5788  FontCache - ok
14:22:44.0385 5788  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:44.0402 5788  FontCache3.0.0.0 - ok
14:22:44.0432 5788  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:22:44.0433 5788  FsDepends - ok
14:22:44.0466 5788  [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:22:44.0467 5788  fssfltr - ok
14:22:44.0530 5788  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:22:44.0534 5788  fsssvc - ok
14:22:44.0558 5788  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:22:44.0560 5788  Fs_Rec - ok
14:22:44.0594 5788  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:22:44.0598 5788  fvevol - ok
14:22:44.0640 5788  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:22:44.0641 5788  gagp30kx - ok
14:22:44.0698 5788  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:22:44.0699 5788  GEARAspiWDM - ok
14:22:44.0751 5788  [ 9F5E8645FECD68C0ECC374F5A4AE068A ] gfiark          C:\Windows\system32\drivers\gfiark.sys
14:22:44.0752 5788  gfiark - ok
14:22:44.0837 5788  [ AD826942E10F8D18C29E365CE426A21B ] gfi_lanss10_attservice C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
14:22:44.0841 5788  gfi_lanss10_attservice - ok
14:22:44.0882 5788  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:22:44.0896 5788  gpsvc - ok
14:22:45.0005 5788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:45.0007 5788  gupdate - ok
14:22:45.0012 5788  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:45.0015 5788  gupdatem - ok
14:22:45.0061 5788  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:22:45.0062 5788  hamachi - ok
14:22:45.0095 5788  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:22:45.0096 5788  hcw85cir - ok
14:22:45.0147 5788  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:22:45.0151 5788  HdAudAddService - ok
14:22:45.0175 5788  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:22:45.0177 5788  HDAudBus - ok
14:22:45.0195 5788  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:22:45.0196 5788  HidBatt - ok
14:22:45.0219 5788  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:22:45.0220 5788  HidBth - ok
14:22:45.0237 5788  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:22:45.0239 5788  HidIr - ok
14:22:45.0264 5788  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:22:45.0274 5788  hidserv - ok
14:22:45.0311 5788  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:22:45.0312 5788  HidUsb - ok
14:22:45.0359 5788  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:22:45.0368 5788  hkmsvc - ok
14:22:45.0395 5788  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:22:45.0407 5788  HomeGroupListener - ok
14:22:45.0439 5788  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:22:45.0456 5788  HomeGroupProvider - ok
14:22:45.0486 5788  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:22:45.0487 5788  HpSAMD - ok
14:22:45.0521 5788  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:22:45.0522 5788  HTCAND64 - ok
14:22:45.0558 5788  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:22:45.0567 5788  HTTP - ok
14:22:45.0592 5788  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:22:45.0593 5788  hwpolicy - ok
14:22:45.0635 5788  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:22:45.0637 5788  i8042prt - ok
14:22:45.0676 5788  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:22:45.0680 5788  iaStor - ok
14:22:45.0715 5788  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:22:45.0720 5788  iaStorV - ok
14:22:45.0790 5788  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:22:45.0824 5788  IDriverT - ok
14:22:45.0906 5788  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:45.0929 5788  idsvc - ok
14:22:46.0162 5788  [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:22:46.0348 5788  igfx - ok
14:22:46.0400 5788  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:22:46.0401 5788  iirsp - ok
14:22:46.0459 5788  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:22:46.0474 5788  IKEEXT - ok
14:22:46.0563 5788  [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:22:46.0581 5788  IntcAzAudAddService - ok
14:22:46.0615 5788  [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:22:46.0617 5788  IntcHdmiAddService - ok
14:22:46.0647 5788  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:22:46.0649 5788  intelide - ok
14:22:46.0690 5788  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:22:46.0692 5788  intelppm - ok
14:22:46.0716 5788  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:22:46.0726 5788  IPBusEnum - ok
14:22:46.0754 5788  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:46.0755 5788  IpFilterDriver - ok
14:22:46.0796 5788  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:22:46.0808 5788  iphlpsvc - ok
14:22:46.0839 5788  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:22:46.0840 5788  IPMIDRV - ok
14:22:46.0876 5788  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:22:46.0878 5788  IPNAT - ok
14:22:46.0961 5788  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:22:46.0965 5788  iPod Service - ok
14:22:46.0985 5788  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:22:46.0986 5788  IRENUM - ok
14:22:47.0007 5788  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:22:47.0009 5788  isapnp - ok
14:22:47.0044 5788  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:22:47.0047 5788  iScsiPrt - ok
14:22:47.0081 5788  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:22:47.0082 5788  kbdclass - ok
14:22:47.0108 5788  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:22:47.0110 5788  kbdhid - ok
14:22:47.0157 5788  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
14:22:47.0158 5788  kbfiltr - ok
14:22:47.0189 5788  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:22:47.0198 5788  KeyIso - ok
14:22:47.0229 5788  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:22:47.0230 5788  KSecDD - ok
14:22:47.0263 5788  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:22:47.0265 5788  KSecPkg - ok
14:22:47.0296 5788  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:22:47.0298 5788  ksthunk - ok
14:22:47.0329 5788  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:22:47.0344 5788  KtmRm - ok
14:22:47.0358 5788  [ AD88105EFDDC55877EA8D06346D75989 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:22:47.0359 5788  L1C - ok
14:22:47.0409 5788  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:22:47.0444 5788  LanmanServer - ok
14:22:47.0472 5788  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:22:47.0493 5788  LanmanWorkstation - ok
14:22:47.0548 5788  [ C7D21310EA0A644AA6394DE1E46E3D31 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
14:22:47.0550 5788  libusb0 - ok
14:22:47.0600 5788  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:22:47.0602 5788  lltdio - ok
14:22:47.0628 5788  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:22:47.0642 5788  lltdsvc - ok
14:22:47.0660 5788  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:22:47.0670 5788  lmhosts - ok
14:22:47.0746 5788  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:22:47.0748 5788  LSI_FC - ok
14:22:47.0760 5788  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:22:47.0762 5788  LSI_SAS - ok
14:22:47.0778 5788  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:22:47.0780 5788  LSI_SAS2 - ok
14:22:47.0793 5788  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:22:47.0795 5788  LSI_SCSI - ok
14:22:47.0815 5788  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:22:47.0818 5788  luafv - ok
14:22:47.0893 5788  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:22:47.0894 5788  MBAMProtector - ok
14:22:47.0948 5788  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:22:47.0962 5788  MBAMScheduler - ok
14:22:48.0014 5788  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:22:48.0019 5788  MBAMService - ok
14:22:48.0045 5788  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:22:48.0056 5788  Mcx2Svc - ok
14:22:48.0081 5788  [ A3B8F49446F15931E46380151E73221F ] mdmxsdk         C:\Windows\system32\DRIVERS\ACFSDK64.sys
14:22:48.0082 5788  mdmxsdk - ok
14:22:48.0107 5788  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:22:48.0108 5788  megasas - ok
14:22:48.0131 5788  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:22:48.0134 5788  MegaSR - ok
14:22:48.0160 5788  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:22:48.0171 5788  MMCSS - ok
14:22:48.0183 5788  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:22:48.0185 5788  Modem - ok
14:22:48.0222 5788  [ E38AEF079CD3BCFA19F2072A214F829D ] MODEMCSA        C:\Windows\system32\drivers\MODEMCSA.sys
14:22:48.0223 5788  MODEMCSA - ok
14:22:48.0236 5788  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:22:48.0238 5788  monitor - ok
14:22:48.0279 5788  [ 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
14:22:48.0281 5788  MotioninJoyXFilter - ok
14:22:48.0298 5788  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:22:48.0300 5788  mouclass - ok
14:22:48.0332 5788  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:22:48.0333 5788  mouhid - ok
14:22:48.0369 5788  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:22:48.0371 5788  mountmgr - ok
14:22:48.0413 5788  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:22:48.0415 5788  mpio - ok
14:22:48.0431 5788  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:22:48.0432 5788  mpsdrv - ok
14:22:48.0472 5788  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:22:48.0489 5788  MpsSvc - ok
14:22:48.0511 5788  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:22:48.0513 5788  MRxDAV - ok
14:22:48.0542 5788  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:48.0544 5788  mrxsmb - ok
14:22:48.0570 5788  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:48.0574 5788  mrxsmb10 - ok
14:22:48.0587 5788  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:48.0589 5788  mrxsmb20 - ok
14:22:48.0623 5788  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:22:48.0625 5788  msahci - ok
14:22:48.0653 5788  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:22:48.0655 5788  msdsm - ok
14:22:48.0688 5788  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:22:48.0701 5788  MSDTC - ok
14:22:48.0738 5788  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:22:48.0740 5788  Msfs - ok
14:22:48.0771 5788  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:22:48.0773 5788  mshidkmdf - ok
14:22:48.0794 5788  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:22:48.0796 5788  msisadrv - ok
14:22:48.0830 5788  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:22:48.0841 5788  MSiSCSI - ok
14:22:48.0845 5788  msiserver - ok
14:22:48.0873 5788  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:22:48.0875 5788  MSKSSRV - ok
14:22:48.0888 5788  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:48.0890 5788  MSPCLOCK - ok
14:22:48.0905 5788  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:22:48.0906 5788  MSPQM - ok
14:22:48.0940 5788  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:22:48.0944 5788  MsRPC - ok
14:22:48.0970 5788  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:22:48.0971 5788  mssmbios - ok
14:22:48.0990 5788  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:22:48.0991 5788  MSTEE - ok
14:22:49.0019 5788  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:22:49.0021 5788  MTConfig - ok
14:22:49.0057 5788  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
14:22:49.0058 5788  MTsensor - ok
14:22:49.0083 5788  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:22:49.0084 5788  Mup - ok
14:22:49.0115 5788  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:22:49.0133 5788  napagent - ok
14:22:49.0178 5788  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:22:49.0182 5788  NativeWifiP - ok
14:22:49.0227 5788  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:22:49.0238 5788  NDIS - ok
14:22:49.0276 5788  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:49.0277 5788  NdisCap - ok
14:22:49.0299 5788  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:49.0300 5788  NdisTapi - ok
14:22:49.0322 5788  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:49.0324 5788  Ndisuio - ok
14:22:49.0361 5788  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:49.0363 5788  NdisWan - ok
14:22:49.0381 5788  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:22:49.0382 5788  NDProxy - ok
14:22:49.0413 5788  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:22:49.0415 5788  NetBIOS - ok
14:22:49.0443 5788  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:22:49.0446 5788  NetBT - ok
14:22:49.0478 5788  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:22:49.0488 5788  Netlogon - ok
14:22:49.0525 5788  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:22:49.0540 5788  Netman - ok
14:22:49.0601 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0604 5788  NetMsmqActivator - ok
14:22:49.0617 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0622 5788  NetPipeActivator - ok
14:22:49.0648 5788  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:22:49.0664 5788  netprofm - ok
14:22:49.0671 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0675 5788  NetTcpActivator - ok
14:22:49.0690 5788  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0693 5788  NetTcpPortSharing - ok
14:22:49.0847 5788  [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64        C:\Windows\system32\DRIVERS\NETw1v64.sys
14:22:49.0984 5788  NETw1v64 - ok
14:22:50.0135 5788  [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
14:22:50.0269 5788  NETw5s64 - ok
14:22:50.0298 5788  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:22:50.0299 5788  nfrd960 - ok
14:22:50.0332 5788  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:22:50.0347 5788  NlaSvc - ok
14:22:50.0375 5788  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
14:22:50.0377 5788  NPF - ok
14:22:50.0396 5788  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:22:50.0397 5788  Npfs - ok
14:22:50.0419 5788  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:22:50.0430 5788  nsi - ok
14:22:50.0446 5788  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:22:50.0447 5788  nsiproxy - ok
14:22:50.0513 5788  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:22:50.0530 5788  Ntfs - ok
14:22:50.0560 5788  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:22:50.0561 5788  Null - ok
14:22:50.0603 5788  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:22:50.0605 5788  nvraid - ok
14:22:50.0626 5788  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:22:50.0628 5788  nvstor - ok
14:22:50.0660 5788  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:22:50.0662 5788  nv_agp - ok
14:22:50.0714 5788  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:22:50.0716 5788  ohci1394 - ok
14:22:50.0817 5788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:22:50.0832 5788  p2pimsvc - ok
14:22:50.0854 5788  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:22:50.0871 5788  p2psvc - ok
14:22:50.0896 5788  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:22:50.0898 5788  Parport - ok
14:22:50.0918 5788  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:22:50.0920 5788  partmgr - ok
14:22:50.0990 5788  [ 7C0582921913D00180EC2B8518BA135C ] pbfilter        C:\Program Files\PeerBlock\pbfilter.sys
14:22:50.0991 5788  pbfilter - ok
14:22:51.0015 5788  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:22:51.0029 5788  PcaSvc - ok
14:22:51.0048 5788  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:22:51.0051 5788  pci - ok
14:22:51.0068 5788  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:22:51.0070 5788  pciide - ok
14:22:51.0100 5788  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:22:51.0102 5788  pcmcia - ok
14:22:51.0128 5788  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:22:51.0130 5788  pcw - ok
14:22:51.0159 5788  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:22:51.0166 5788  PEAUTH - ok
14:22:51.0230 5788  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:22:51.0245 5788  PerfHost - ok
14:22:51.0300 5788  [ A6E5F199999E02FF8BBFB23212495EAA ] pfs_dokan       C:\Windows\system32\DRIVERS\pfs_dokan.sys
14:22:51.0301 5788  pfs_dokan - ok
14:22:51.0373 5788  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:22:51.0400 5788  pla - ok
14:22:51.0452 5788  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:22:51.0473 5788  PlugPlay - ok
14:22:51.0499 5788  [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
14:22:51.0500 5788  pneteth - ok
14:22:51.0542 5788  [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm         C:\Windows\system32\DRIVERS\pnetmdm64.sys
14:22:51.0543 5788  pnetmdm - ok
14:22:51.0576 5788  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:22:51.0589 5788  PNRPAutoReg - ok
14:22:51.0605 5788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:22:51.0619 5788  PNRPsvc - ok
14:22:51.0662 5788  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:22:51.0675 5788  PolicyAgent - ok
14:22:51.0708 5788  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:22:51.0726 5788  Power - ok
14:22:51.0755 5788  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:22:51.0757 5788  PptpMiniport - ok
14:22:51.0788 5788  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:22:51.0790 5788  Processor - ok
14:22:51.0818 5788  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:22:51.0832 5788  ProfSvc - ok
14:22:51.0844 5788  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:22:51.0854 5788  ProtectedStorage - ok
14:22:51.0888 5788  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:22:51.0890 5788  Psched - ok
14:22:51.0936 5788  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:22:51.0951 5788  ql2300 - ok
14:22:51.0968 5788  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:22:51.0969 5788  ql40xx - ok
14:22:52.0005 5788  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:22:52.0021 5788  QWAVE - ok
14:22:52.0049 5788  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:22:52.0051 5788  QWAVEdrv - ok
14:22:52.0076 5788  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:22:52.0077 5788  RasAcd - ok
14:22:52.0115 5788  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:52.0116 5788  RasAgileVpn - ok
14:22:52.0129 5788  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:22:52.0144 5788  RasAuto - ok
14:22:52.0170 5788  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:52.0171 5788  Rasl2tp - ok
14:22:52.0205 5788  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:22:52.0221 5788  RasMan - ok
14:22:52.0240 5788  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:52.0242 5788  RasPppoe - ok
14:22:52.0272 5788  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:22:52.0274 5788  RasSstp - ok
14:22:52.0296 5788  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:22:52.0300 5788  rdbss - ok
14:22:52.0314 5788  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:52.0316 5788  rdpbus - ok
14:22:52.0332 5788  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:52.0334 5788  RDPCDD - ok
14:22:52.0352 5788  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:22:52.0353 5788  RDPENCDD - ok
14:22:52.0374 5788  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:22:52.0375 5788  RDPREFMP - ok
14:22:52.0447 5788  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:22:52.0448 5788  RdpVideoMiniport - ok
14:22:52.0490 5788  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:22:52.0493 5788  RDPWD - ok
14:22:52.0527 5788  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:22:52.0530 5788  rdyboost - ok
14:22:52.0559 5788  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:22:52.0571 5788  RemoteAccess - ok
14:22:52.0598 5788  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:22:52.0612 5788  RemoteRegistry - ok
14:22:52.0676 5788  [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
14:22:52.0678 5788  Revoflt - ok
14:22:52.0735 5788  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
14:22:52.0736 5788  ROOTMODEM - ok
14:22:52.0791 5788  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:22:52.0805 5788  RpcEptMapper - ok
14:22:52.0833 5788  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:22:52.0842 5788  RpcLocator - ok
14:22:52.0889 5788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:22:52.0905 5788  RpcSs - ok
14:22:52.0928 5788  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:22:52.0930 5788  rspndr - ok
14:22:52.0944 5788  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:22:52.0954 5788  SamSs - ok
14:22:53.0098 5788  [ 65EB0656904DC611A3FC86A2FF255A04 ] SBAMSvc         C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
14:22:53.0178 5788  SBAMSvc - ok
14:22:53.0211 5788  [ 8F19D62B04081C0BFF1E8D6F26220A28 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
14:22:53.0212 5788  sbapifs - ok
14:22:53.0259 5788  [ D8E08D2D24E777894744B657EA78796A ] SbFw            C:\Windows\system32\drivers\SbFw.sys
14:22:53.0262 5788  SbFw - ok
14:22:53.0323 5788  [ 9AEF0F267553FD9C900E9449B61586B7 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
14:22:53.0325 5788  SBFWIMCL - ok
14:22:53.0346 5788  [ 9AEF0F267553FD9C900E9449B61586B7 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
14:22:53.0349 5788  SBFWIMCLMP - ok
14:22:53.0397 5788  [ 1490E7C7A22329BE5641D4C2E16B868E ] SbHips          C:\Windows\system32\drivers\sbhips.sys
14:22:53.0399 5788  SbHips - ok
14:22:53.0427 5788  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:22:53.0428 5788  sbp2port - ok
14:22:53.0473 5788  [ 2F237D2248C7EA1B566AA106BB834A21 ] SBPIMSvc        C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
14:22:53.0479 5788  SBPIMSvc - ok
14:22:53.0534 5788  [ FD833BEE2FD9BEFDC0AFD1941A306D9E ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
14:22:53.0535 5788  SBRE - ok
14:22:53.0614 5788  [ 051C35F5FF516398FFC806979C709A2F ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
14:22:53.0616 5788  sbwtis - ok
14:22:53.0668 5788  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:22:53.0684 5788  SCardSvr - ok
14:22:53.0748 5788  [ 3AC948640421E3891A49AA83C6B77B7A ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
14:22:53.0750 5788  SCDEmu - ok
14:22:53.0815 5788  [ F76296F74AAB4AA7FB6A425411B0D82E ] SCEFSMounter    C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
14:22:53.0817 5788  SCEFSMounter - ok
14:22:53.0853 5788  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:22:53.0855 5788  scfilter - ok
14:22:53.0903 5788  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:22:53.0928 5788  Schedule - ok
14:22:53.0969 5788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:22:53.0971 5788  SCPolicySvc - ok
14:22:53.0993 5788  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:22:54.0009 5788  SDRSVC - ok
14:22:54.0039 5788  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:22:54.0040 5788  secdrv - ok
14:22:54.0085 5788  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:22:54.0100 5788  seclogon - ok
14:22:54.0119 5788  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:22:54.0134 5788  SENS - ok
14:22:54.0151 5788  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:22:54.0166 5788  SensrSvc - ok
14:22:54.0182 5788  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:22:54.0183 5788  Serenum - ok
14:22:54.0213 5788  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:22:54.0215 5788  Serial - ok
14:22:54.0251 5788  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:22:54.0252 5788  sermouse - ok
14:22:54.0298 5788  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:22:54.0314 5788  SessionEnv - ok
14:22:54.0352 5788  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:22:54.0353 5788  sffdisk - ok
14:22:54.0394 5788  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:22:54.0396 5788  sffp_mmc - ok
14:22:54.0425 5788  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:22:54.0426 5788  sffp_sd - ok
14:22:54.0471 5788  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:22:54.0472 5788  sfloppy - ok
14:22:54.0505 5788  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:22:54.0517 5788  SharedAccess - ok
14:22:54.0541 5788  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:22:54.0559 5788  ShellHWDetection - ok
14:22:54.0582 5788  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
14:22:54.0584 5788  SiSGbeLH - ok
14:22:54.0612 5788  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:22:54.0613 5788  SiSRaid2 - ok
14:22:54.0636 5788  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:22:54.0637 5788  SiSRaid4 - ok
14:22:54.0728 5788  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:54.0730 5788  SkypeUpdate - ok
14:22:54.0777 5788  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:22:54.0779 5788  Smb - ok
14:22:54.0820 5788  [ D9200D6B9CCFB74EC8743772748A9E57 ] SMServer        C:\Windows\SysWOW64\snmvtsvc.exe
14:22:54.0874 5788  SMServer - ok
14:22:54.0908 5788  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:22:54.0924 5788  SNMPTRAP - ok
14:22:54.0985 5788  [ 7AEC460DBDD193680F0E77724E40E7B6 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
14:22:55.0005 5788  SNP2UVC - ok
14:22:55.0025 5788  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:22:55.0026 5788  spldr - ok
14:22:55.0065 5788  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:22:55.0086 5788  Spooler - ok
14:22:55.0183 5788  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:22:55.0274 5788  sppsvc - ok
14:22:55.0319 5788  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:22:55.0335 5788  sppuinotify - ok
14:22:55.0371 5788  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:22:55.0376 5788  srv - ok
14:22:55.0391 5788  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:22:55.0396 5788  srv2 - ok
14:22:55.0409 5788  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:22:55.0412 5788  srvnet - ok
14:22:55.0453 5788  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:22:55.0472 5788  SSDPSRV - ok
14:22:55.0486 5788  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:22:55.0502 5788  SstpSvc - ok
14:22:55.0539 5788  [ E9807F4E870D4A404441804D2DCF721D ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
14:22:55.0542 5788  ssudmdm - ok
14:22:55.0582 5788  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:22:55.0583 5788  stexstor - ok
14:22:55.0664 5788  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:22:55.0688 5788  stisvc - ok
14:22:55.0718 5788  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:22:55.0719 5788  swenum - ok
14:22:55.0754 5788  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:22:55.0775 5788  swprv - ok
14:22:55.0835 5788  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:22:55.0868 5788  SysMain - ok
14:22:55.0894 5788  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:22:55.0912 5788  TabletInputService - ok
14:22:55.0941 5788  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:22:55.0943 5788  tap0901 - ok
14:22:55.0960 5788  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:22:55.0980 5788  TapiSrv - ok
14:22:56.0022 5788  [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD ] tapoas          C:\Windows\system32\DRIVERS\tapoas.sys
14:22:56.0024 5788  tapoas - ok
14:22:56.0059 5788  [ 185C2170CFD84F9D708276FBB5ABD77D ] tapSF0901       C:\Windows\system32\DRIVERS\tapSF0901.sys
14:22:56.0060 5788  tapSF0901 - ok
14:22:56.0092 5788  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:22:56.0110 5788  TBS - ok
14:22:56.0174 5788  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:22:56.0193 5788  Tcpip - ok
14:22:56.0231 5788  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:22:56.0242 5788  TCPIP6 - ok
14:22:56.0262 5788  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:22:56.0264 5788  tcpipreg - ok
14:22:56.0309 5788  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:22:56.0310 5788  TDPIPE - ok
14:22:56.0341 5788  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:22:56.0343 5788  TDTCP - ok
14:22:56.0378 5788  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:22:56.0380 5788  tdx - ok
14:22:56.0402 5788  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:22:56.0404 5788  TermDD - ok
14:22:56.0437 5788  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:22:56.0460 5788  TermService - ok
14:22:56.0498 5788  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:22:56.0514 5788  Themes - ok
14:22:56.0538 5788  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:22:56.0548 5788  THREADORDER - ok
14:22:56.0581 5788  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
14:22:56.0583 5788  TIEHDUSB - ok
14:22:56.0641 5788  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:22:56.0659 5788  TrkWks - ok
14:22:56.0709 5788  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:22:56.0751 5788  TrustedInstaller - ok
14:22:56.0776 5788  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:56.0778 5788  tssecsrv - ok
14:22:56.0837 5788  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:22:56.0838 5788  TsUsbFlt - ok
14:22:56.0885 5788  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:22:56.0887 5788  tunnel - ok
14:22:56.0905 5788  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:22:56.0906 5788  uagp35 - ok
14:22:56.0949 5788  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:22:56.0953 5788  udfs - ok
14:22:56.0981 5788  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:22:56.0999 5788  UI0Detect - ok
14:22:57.0032 5788  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:22:57.0034 5788  uliagpkx - ok
14:22:57.0063 5788  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
14:22:57.0065 5788  umbus - ok
14:22:57.0089 5788  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:22:57.0091 5788  UmPass - ok
14:22:57.0114 5788  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:22:57.0135 5788  upnphost - ok
14:22:57.0192 5788  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:22:57.0194 5788  USBAAPL64 - ok
14:22:57.0240 5788  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:22:57.0241 5788  usbaudio - ok
14:22:57.0279 5788  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:57.0281 5788  usbccgp - ok
14:22:57.0320 5788  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:22:57.0322 5788  usbcir - ok
14:22:57.0342 5788  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:22:57.0344 5788  usbehci - ok
14:22:57.0379 5788  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:22:57.0383 5788  usbhub - ok
14:22:57.0444 5788  [ 5C4219C10B5887DFF85E1D2779AED55B ] usbio           C:\Windows\system32\Drivers\dsiarhwprog_x64.sys
14:22:57.0445 5788  usbio - ok
14:22:57.0486 5788  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:22:57.0488 5788  usbohci - ok
14:22:57.0522 5788  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:22:57.0524 5788  usbprint - ok
14:22:57.0565 5788  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:57.0566 5788  USBSTOR - ok
14:22:57.0584 5788  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:22:57.0585 5788  usbuhci - ok
14:22:57.0633 5788  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:22:57.0635 5788  usbvideo - ok
14:22:57.0689 5788  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:22:57.0690 5788  usb_rndisx - ok
14:22:57.0714 5788  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:22:57.0731 5788  UxSms - ok
14:22:57.0745 5788  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:22:57.0754 5788  VaultSvc - ok
14:22:57.0796 5788  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:22:57.0797 5788  vdrvroot - ok
14:22:57.0828 5788  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:22:57.0852 5788  vds - ok
14:22:57.0886 5788  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:57.0887 5788  vga - ok
14:22:57.0912 5788  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:22:57.0914 5788  VgaSave - ok
14:22:57.0944 5788  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:22:57.0947 5788  vhdmp - ok
14:22:57.0968 5788  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:22:57.0970 5788  viaide - ok
14:22:57.0990 5788  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:22:57.0991 5788  volmgr - ok
14:22:58.0022 5788  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:22:58.0027 5788  volmgrx - ok
14:22:58.0047 5788  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:22:58.0051 5788  volsnap - ok
14:22:58.0074 5788  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:22:58.0077 5788  vsmraid - ok
14:22:58.0124 5788  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:22:58.0157 5788  VSS - ok
14:22:58.0172 5788  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:22:58.0173 5788  vwifibus - ok
14:22:58.0196 5788  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:22:58.0198 5788  vwififlt - ok
14:22:58.0223 5788  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:22:58.0225 5788  vwifimp - ok
14:22:58.0272 5788  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:22:58.0292 5788  W32Time - ok
14:22:58.0312 5788  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:22:58.0314 5788  WacomPen - ok
14:22:58.0354 5788  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0356 5788  WANARP - ok
14:22:58.0372 5788  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0374 5788  Wanarpv6 - ok
14:22:58.0420 5788  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:22:58.0476 5788  WatAdminSvc - ok
14:22:58.0542 5788  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:22:58.0574 5788  wbengine - ok
14:22:58.0603 5788  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:22:58.0624 5788  WbioSrvc - ok
14:22:58.0657 5788  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:22:58.0679 5788  wcncsvc - ok
14:22:58.0698 5788  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:22:58.0718 5788  WcsPlugInService - ok
14:22:58.0747 5788  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:22:58.0749 5788  Wd - ok
14:22:58.0806 5788  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:22:58.0815 5788  Wdf01000 - ok
14:22:58.0830 5788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:22:58.0849 5788  WdiServiceHost - ok
14:22:58.0853 5788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:22:58.0871 5788  WdiSystemHost - ok
14:22:58.0900 5788  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:22:58.0921 5788  WebClient - ok
14:22:58.0949 5788  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:22:58.0970 5788  Wecsvc - ok
14:22:58.0984 5788  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:22:59.0003 5788  wercplsupport - ok
14:22:59.0022 5788  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:22:59.0041 5788  WerSvc - ok
14:22:59.0063 5788  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:59.0065 5788  WfpLwf - ok
14:22:59.0102 5788  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:22:59.0105 5788  WimFltr - ok
14:22:59.0117 5788  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:22:59.0118 5788  WIMMount - ok
14:22:59.0135 5788  WinDefend - ok
14:22:59.0149 5788  WinHttpAutoProxySvc - ok
14:22:59.0201 5788  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:22:59.0218 5788  Winmgmt - ok
14:22:59.0288 5788  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:22:59.0328 5788  WinRM - ok
14:22:59.0405 5788  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:22:59.0407 5788  WinUsb - ok
14:22:59.0451 5788  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:22:59.0478 5788  Wlansvc - ok
14:22:59.0497 5788  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:22:59.0498 5788  WmiAcpi - ok
14:22:59.0536 5788  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:22:59.0542 5788  wmiApSrv - ok
14:22:59.0599 5788  WMPNetworkSvc - ok
14:22:59.0634 5788  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:22:59.0653 5788  WPCSvc - ok
14:22:59.0684 5788  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:22:59.0703 5788  WPDBusEnum - ok
14:22:59.0735 5788  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:22:59.0737 5788  ws2ifsl - ok
14:22:59.0757 5788  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:22:59.0778 5788  wscsvc - ok
14:22:59.0782 5788  WSearch - ok
14:22:59.0864 5788  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:22:59.0905 5788  wuauserv - ok
14:22:59.0924 5788  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:22:59.0926 5788  WudfPf - ok
14:22:59.0957 5788  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:22:59.0960 5788  WUDFRd - ok
14:22:59.0995 5788  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:23:00.0013 5788  wudfsvc - ok
14:23:00.0051 5788  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:23:00.0086 5788  WwanSvc - ok
14:23:00.0128 5788  [ 747006E7B4029EFEF3E975F1DE09B4DA ] XAudio          C:\Windows\system32\DRIVERS\ACFXAU64.sys
14:23:00.0129 5788  XAudio - ok
14:23:00.0165 5788  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:23:00.0167 5788  xusb21 - ok
14:23:00.0215 5788  ================ Scan global ===============================
14:23:00.0241 5788  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:23:00.0263 5788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:23:00.0288 5788  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:23:00.0323 5788  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:23:00.0361 5788  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:23:00.0378 5788  [Global] - ok
14:23:00.0378 5788  ================ Scan MBR ==================================
14:23:00.0397 5788  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:23:00.0580 5788  \Device\Harddisk0\DR0 - ok
14:23:00.0581 5788  ================ Scan VBR ==================================
14:23:00.0584 5788  [ E09F52EE4ACF1E69A22563F70156E8AB ] \Device\Harddisk0\DR0\Partition1
14:23:00.0585 5788  \Device\Harddisk0\DR0\Partition1 - ok
14:23:00.0586 5788  ============================================================
14:23:00.0586 5788  Scan finished
14:23:00.0586 5788  ============================================================
14:23:00.0596 6084  Detected object count: 0
14:23:00.0596 6084  Actual detected object count: 0
14:23:38.0257 5008  Deinitialize success
-----------------------------------------------------
 

Hope I did this right.Attached File  MBR.zip   554bytes   0 downloads



#6 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 26 July 2013 - 10:26 PM

Much appreciated :)

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#7 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 27 July 2013 - 04:39 PM

One of two things happens.

 

1: it finishes the install and makes a noise like it's done, or at least didn't fail. Then nothing opens. There are no new files (other than the new extracted ones by the tool, but I didn't look) and I can't uninstall it.

 

2: I get the error in the attached picture Capture.png

 

I wanted to tell you before using Google to help and mess it up somehow. Attached File  Capture.PNG   80.65KB   2 downloads

 

 

 

 

 

This is the "log" if I press ignore and copy it before it auto-closes.

 

Output folder: C:\32788R22FWJFW
Delete file: C:\32788R22FWJFW\023.dat
Delete file: C:\32788R22FWJFW\023v.dat
Delete file: C:\32788R22FWJFW\023w7.dat
Delete file: C:\32788R22FWJFW\023w8.dat
Delete file: C:\32788R22FWJFW\ActiveDrv.vbs
Delete file: C:\32788R22FWJFW\AppDataFile.cfx
Delete file: C:\32788R22FWJFW\AppDataFolder.cfx
Delete file: C:\32788R22FWJFW\appinit.bad
Delete file: C:\32788R22FWJFW\asp.str
Delete file: C:\32788R22FWJFW\Assoc.cmd
Delete file: C:\32788R22FWJFW\Auto-RC.cmd
Delete file: C:\32788R22FWJFW\av.cmd
Delete file: C:\32788R22FWJFW\av.vbs
Delete file: C:\32788R22FWJFW\AWF.cmd
Delete file: C:\32788R22FWJFW\badclsid.c
Delete file: C:\32788R22FWJFW\BFE.dat
Delete file: C:\32788R22FWJFW\Boot-Rk.cmd
Delete file: C:\32788R22FWJFW\Boot.bat
Delete file: C:\32788R22FWJFW\BootDrv.vbs
Delete file: C:\32788R22FWJFW\c.bat
Delete file: C:\32788R22FWJFW\Catch-sub.cmd
Delete file: C:\32788R22FWJFW\catchme.3XE
Delete file: C:\32788R22FWJFW\CF-Script.cmd
Delete file: C:\32788R22FWJFW\clsid.c
Delete file: C:\32788R22FWJFW\Combo-Fix.sys
Delete file: C:\32788R22FWJFW\Combobatch.bat
Delete file: C:\32788R22FWJFW\ComboFix-Download.3XE
Delete file: C:\32788R22FWJFW\Create.cmd
Delete file: C:\32788R22FWJFW\Creg.dat
Delete file: C:\32788R22FWJFW\CregC.cmd
Delete file: C:\32788R22FWJFW\CregC.dat
Delete file: C:\32788R22FWJFW\dd.3XE
Delete file: C:\32788R22FWJFW\ddsDo.sed
Delete file: C:\32788R22FWJFW\DelClsid.bat
Delete file: C:\32788R22FWJFW\DelClsid64.bat
Delete file: C:\32788R22FWJFW\DesktopFile.cfx
Delete file: C:\32788R22FWJFW\Dnl.dat
Delete file: C:\32788R22FWJFW\DPF.str
Delete file: C:\32788R22FWJFW\DrvRun.vbs
Delete file: C:\32788R22FWJFW\dumphive.3XE
Delete file: C:\32788R22FWJFW\embedded.sed
Delete file: C:\32788R22FWJFW\EN-US\iexplore.exe
Remove folder: C:\32788R22FWJFW\EN-US\
Delete file: C:\32788R22FWJFW\ERDNT.e_e
Delete file: C:\32788R22FWJFW\ERDNTDOS.LOC
Delete file: C:\32788R22FWJFW\ERDNTWIN.LOC
Delete file: C:\32788R22FWJFW\ERUNT.3XE
Delete file: C:\32788R22FWJFW\ERUNT.LOC
Delete file: C:\32788R22FWJFW\Exe.reg
Delete file: C:\32788R22FWJFW\extract.3XE
Delete file: C:\32788R22FWJFW\FavoriteFolder.cfx
Delete file: C:\32788R22FWJFW\FavoritesFile.cfx
Delete file: C:\32788R22FWJFW\FD-SV.cmd
Delete file: C:\32788R22FWJFW\ffdefstr.dll
Delete file: C:\32788R22FWJFW\ffext.pif
Delete file: C:\32788R22FWJFW\FileKill.3XE
Delete file: C:\32788R22FWJFW\files.pif
Delete file: C:\32788R22FWJFW\Fin.dat
Delete file: C:\32788R22FWJFW\FIND3M.bat
Delete file: C:\32788R22FWJFW\firefox.exe
Delete file: C:\32788R22FWJFW\FIXLSP.bat
Delete file: C:\32788R22FWJFW\FIXLSP64.cmd
Delete file: C:\32788R22FWJFW\FKMGen.cmd
Delete file: C:\32788R22FWJFW\fl0.bat
Delete file: C:\32788R22FWJFW\GetHive.cmd
Delete file: C:\32788R22FWJFW\grep.3XE
Delete file: C:\32788R22FWJFW\gsar.3XE
Delete file: C:\32788R22FWJFW\handle.3XE
Delete file: C:\32788R22FWJFW\hidec.3XE
Delete file: C:\32788R22FWJFW\history.bat
Delete file: C:\32788R22FWJFW\hwid.pif
Delete file: C:\32788R22FWJFW\iexplore.exe
Delete file: C:\32788R22FWJFW\image001.gif
Delete file: C:\32788R22FWJFW\Imefile.dat
Delete file: C:\32788R22FWJFW\Install-RC.cmd
Delete file: C:\32788R22FWJFW\iphlpsvc.vista.dat
Delete file: C:\32788R22FWJFW\iphlpsvc.w7.dat
Delete file: C:\32788R22FWJFW\iphlpsvc.w8.dat
Delete file: C:\32788R22FWJFW\katch.cmd
Delete file: C:\32788R22FWJFW\Kill-All.cmd
Delete file: C:\32788R22FWJFW\KNetSvcs.vbs
Delete file: C:\32788R22FWJFW\Ksvchost.vbs
Delete file: C:\32788R22FWJFW\Lang.bat
Delete file: C:\32788R22FWJFW\License\Curl - license.txt
Delete file: C:\32788R22FWJFW\License\dumphive-license.txt
Delete file: C:\32788R22FWJFW\License\EXTRACT.TXT
Delete file: C:\32788R22FWJFW\License\FI - license.txt
Delete file: C:\32788R22FWJFW\License\firefox.exe
Delete file: C:\32788R22FWJFW\License\iexplore.exe
Delete file: C:\32788R22FWJFW\License\mtee.txt
Delete file: C:\32788R22FWJFW\License\ncmd.cfxxe
Delete file: C:\32788R22FWJFW\License\pv_5_2_2.zip
Delete file: C:\32788R22FWJFW\License\streamtools.zip
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.com
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.html
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.pif
Delete file: C:\32788R22FWJFW\License\Zip - license.txt
Remove folder: C:\32788R22FWJFW\License\
Delete file: C:\32788R22FWJFW\List-B.bat
Delete file: C:\32788R22FWJFW\List-C.bat
Delete file: C:\32788R22FWJFW\List-D.bat
Delete file: C:\32788R22FWJFW\List.bat
Delete file: C:\32788R22FWJFW\lnkread.vbs
Delete file: C:\32788R22FWJFW\LocalAppDataFile.cfx
Delete file: C:\32788R22FWJFW\LocalAppDataFolder.cfx
Delete file: C:\32788R22FWJFW\LocalService.dat
Delete file: C:\32788R22FWJFW\LocalServiceNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\LocalSettingsFile.cfx
Delete file: C:\32788R22FWJFW\LocalSettingsFolder.cfx
Delete file: C:\32788R22FWJFW\LocalSystemNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\mbr.3XE
Delete file: C:\32788R22FWJFW\mbr.chk
Delete file: C:\32788R22FWJFW\md5sum.pif
Delete file: C:\32788R22FWJFW\md5sum00.pif
Delete file: C:\32788R22FWJFW\MDWht.dat
Delete file: C:\32788R22FWJFW\MoveIt.bat
Delete file: C:\32788R22FWJFW\MpsSvc.dat
Delete file: C:\32788R22FWJFW\mtee.3XE
Delete file: C:\32788R22FWJFW\mynul.dat
Delete file: C:\32788R22FWJFW\MZChanged.dat
Delete file: C:\32788R22FWJFW\ncmd.com
Delete file: C:\32788R22FWJFW\ndis_combofix.dat
Delete file: C:\32788R22FWJFW\ND_.bat
Delete file: C:\32788R22FWJFW\ND_64.bat
Delete file: C:\32788R22FWJFW\netsvc.bad.dat
Delete file: C:\32788R22FWJFW\netsvc.dat
Delete file: C:\32788R22FWJFW\netsvc.vista.dat
Delete file: C:\32788R22FWJFW\netsvc.xp.dat
Delete file: C:\32788R22FWJFW\NetworkService.dat
Delete file: C:\32788R22FWJFW\nir.pif
Delete file: C:\32788R22FWJFW\NirCmd.3XE
Delete file: C:\32788R22FWJFW\NirCmd.chm
Delete file: C:\32788R22FWJFW\NirCmdC.3XE
Delete file: C:\32788R22FWJFW\NirScript.dat
Delete file: C:\32788R22FWJFW\NT-OS.cmd
Remove folder: C:\32788R22FWJFW\N_\
Delete file: C:\32788R22FWJFW\OSid.vbs
Delete file: C:\32788R22FWJFW\P.cmd
Delete file: C:\32788R22FWJFW\pausep.3XE
Delete file: C:\32788R22FWJFW\PersonalFile.cfx
Delete file: C:\32788R22FWJFW\PersonalFolder.cfx
Delete file: C:\32788R22FWJFW\pev.3XE
Delete file: C:\32788R22FWJFW\pevb.3XE
Delete file: C:\32788R22FWJFW\Policies.dat
Delete file: C:\32788R22FWJFW\powp.dat
Delete file: C:\32788R22FWJFW\Prep.inf
Delete file: C:\32788R22FWJFW\ProfilesFile.cfx
Delete file: C:\32788R22FWJFW\ProfilesFolder.cfx
Delete file: C:\32788R22FWJFW\ProgramsFile.cfx
Delete file: C:\32788R22FWJFW\ProgramsFolder.cfx
Delete file: C:\32788R22FWJFW\Purity.dat
Delete file: C:\32788R22FWJFW\PV.3XE
Delete file: C:\32788R22FWJFW\pv.com
Delete file: C:\32788R22FWJFW\RCLink.dat
Delete file: C:\32788R22FWJFW\REGDACL.sed
Delete file: C:\32788R22FWJFW\RegDo.sed
Delete file: C:\32788R22FWJFW\region.dat
Delete file: C:\32788R22FWJFW\RegScan.cmd
Delete file: C:\32788R22FWJFW\RegScan64.cmd
Delete file: C:\32788R22FWJFW\restore_pt.vbs
Delete file: C:\32788R22FWJFW\Rkey.cmd
Delete file: C:\32788R22FWJFW\rmbr.3XE
Delete file: C:\32788R22FWJFW\rogues.dat
Delete file: C:\32788R22FWJFW\run2.sed
Delete file: C:\32788R22FWJFW\Rust.str
Delete file: C:\32788R22FWJFW\s0rt.3XE
Delete file: C:\32788R22FWJFW\safeboot.dat
Delete file: C:\32788R22FWJFW\safeboot.def.dat
Delete file: C:\32788R22FWJFW\safeboot.def.vista.dat
Delete file: C:\32788R22FWJFW\Safeboot.def.w7.dat
Delete file: C:\32788R22FWJFW\Safeboot.def.w8.dat
Delete file: C:\32788R22FWJFW\sed.3XE
Delete file: C:\32788R22FWJFW\SetEnvmt.bat
Delete file: C:\32788R22FWJFW\setpath.3XE
Delete file: C:\32788R22FWJFW\ShAccess.dat
Delete file: C:\32788R22FWJFW\SnapShot.cmd
Delete file: C:\32788R22FWJFW\sqlite3.3XE
Delete file: C:\32788R22FWJFW\SRestore.cmd
Delete file: C:\32788R22FWJFW\srizbi.md5
Delete file: C:\32788R22FWJFW\StartMenuFile.cfx
Delete file: C:\32788R22FWJFW\StartMenuFolder.cfx
Delete file: C:\32788R22FWJFW\StartUpFile.cfx
Delete file: C:\32788R22FWJFW\SuppScan.cmd
Delete file: C:\32788R22FWJFW\SvcDrv.vbs
Delete file: C:\32788R22FWJFW\svchost.dat
Delete file: C:\32788R22FWJFW\svchost.vista.dat
Delete file: C:\32788R22FWJFW\svchost.vista.x64.dat
Delete file: C:\32788R22FWJFW\svchost.w7.dat
Delete file: C:\32788R22FWJFW\svchost.w7.x64.dat
Delete file: C:\32788R22FWJFW\svchost.w8.dat
Delete file: C:\32788R22FWJFW\svchost.w8.x64.dat
Delete file: C:\32788R22FWJFW\svc_wht.dat
Delete file: C:\32788R22FWJFW\swreg.3XE
Delete file: C:\32788R22FWJFW\swsc.3XE
Delete file: C:\32788R22FWJFW\system_ini.dat
Delete file: C:\32788R22FWJFW\tail.3XE
Delete file: C:\32788R22FWJFW\TemplatesFile.cfx
Delete file: C:\32788R22FWJFW\TemplatesFolder.cfx
Delete file: C:\32788R22FWJFW\toolbar.sed
Delete file: C:\32788R22FWJFW\UndoW7_XP.dat
Delete file: C:\32788R22FWJFW\Update-CF.cmd
Delete file: C:\32788R22FWJFW\VBR.pif
Delete file: C:\32788R22FWJFW\VInfo
Delete file: C:\32788R22FWJFW\VInfo2
Delete file: C:\32788R22FWJFW\VINFO3
Delete file: C:\32788R22FWJFW\Vipev.dat
Delete file: C:\32788R22FWJFW\vistaMcode.dat
Delete file: C:\32788R22FWJFW\vistareg.dat
Delete file: C:\32788R22FWJFW\vun.dat
Delete file: C:\32788R22FWJFW\VwinTemp.dacl
Delete file: C:\32788R22FWJFW\w7Mcode.dat
Delete file: C:\32788R22FWJFW\w7reg.dat
Delete file: C:\32788R22FWJFW\w8reg.dat
Delete file: C:\32788R22FWJFW\Wmi_rem.vbs
Delete file: C:\32788R22FWJFW\w_sock.dll
Delete file: C:\32788R22FWJFW\xpmcode.dat
Delete file: C:\32788R22FWJFW\xpreg.dat
Delete file: C:\32788R22FWJFW\XPSBoot.reg
Delete file: C:\32788R22FWJFW\zDomain.dat
Delete file: C:\32788R22FWJFW\zhsvc.dat
Delete file: C:\32788R22FWJFW\zip.3XE
Extract: 023.dat
Extract: 023v.dat
Extract: 023w7.dat
Extract: 023w8.dat
Extract: AWF.cmd
Extract: ActiveDrv.vbs
Extract: AppDataFile.cfx
Extract: AppDataFolder.cfx
Extract: Assoc.cmd
Extract: Auto-RC.cmd
Extract: BFE.dat
Extract: Boot-Rk.cmd
Extract: Boot.bat
Extract: BootDrv.vbs
Extract: CF-Script.cmd
Extract: Catch-sub.cmd
Extract: Combo-Fix.sys
Extract: ComboFix-Download.3XE
Extract: Combobatch.bat
Extract: Create.cmd
Extract: Creg.dat
Extract: CregC.cmd
Extract: CregC.dat
Extract: DPF.str
Extract: DelClsid.bat
Extract: DelClsid64.bat
Extract: DesktopFile.cfx
Extract: Dnl.dat
Extract: DrvRun.vbs
Extract: ERDNT.e_e
Extract: ERDNTDOS.LOC
Extract: ERDNTWIN.LOC
Extract: ERUNT.3XE
Extract: ERUNT.LOC
Extract: Exe.reg
Extract: FD-SV.cmd
Extract: FIND3M.bat
Extract: FIXLSP.bat
Extract: FIXLSP64.cmd
Extract: FKMGen.cmd
Extract: FavoriteFolder.cfx
Extract: FavoritesFile.cfx
Extract: FileKill.3XE
Extract: Fin.dat
Extract: GetHive.cmd
Extract: Imefile.dat
Extract: Install-RC.cmd
Extract: KNetSvcs.vbs
Extract: Kill-All.cmd
Extract: Ksvchost.vbs
Extract: Lang.bat
Extract: List-B.bat
Extract: List-C.bat
Extract: List-D.bat
Extract: List.bat
Extract: LocalAppDataFile.cfx
Extract: LocalAppDataFolder.cfx
Extract: LocalService.dat
Extract: LocalServiceNetworkRestricted.dat
Extract: LocalSettingsFile.cfx
Extract: LocalSettingsFolder.cfx
Extract: LocalSystemNetworkRestricted.dat
Extract: MDWht.dat
Extract: MZChanged.dat
Extract: MoveIt.bat
Extract: MpsSvc.dat
Extract: ND_.bat
Extract: ND_64.bat
Extract: NT-OS.cmd
Extract: NetworkService.dat
Extract: NirCmd.3XE
Extract: NirCmd.chm
Extract: NirCmdC.3XE
Extract: NirScript.dat
Extract: OSid.vbs
Extract: P.cmd
Extract: PV.3XE
Extract: PersonalFile.cfx
Extract: PersonalFolder.cfx
Extract: Policies.dat
Extract: Prep.inf
Extract: ProfilesFile.cfx
Extract: ProfilesFolder.cfx
Extract: ProgramsFile.cfx
Extract: ProgramsFolder.cfx
Extract: Purity.dat
Extract: RCLink.dat
Extract: REGDACL.sed
Extract: RegDo.sed
Extract: RegScan.cmd
Extract: RegScan64.cmd
Extract: Rkey.cmd
Extract: Rust.str
Extract: SRestore.cmd
Extract: Safeboot.def.w7.dat
Extract: Safeboot.def.w8.dat
Extract: SetEnvmt.bat
Extract: ShAccess.dat
Extract: SnapShot.cmd
Extract: StartMenuFile.cfx
Extract: StartMenuFolder.cfx
Extract: StartUpFile.cfx
Extract: SuppScan.cmd
Extract: SvcDrv.vbs
Extract: TemplatesFile.cfx
Extract: TemplatesFolder.cfx
Extract: UndoW7_XP.dat
Extract: Update-CF.cmd
Extract: VBR.pif
Extract: VINFO3
Extract: VInfo
Extract: VInfo2
Extract: Vipev.dat
Extract: VwinTemp.dacl
Extract: Wmi_rem.vbs
Extract: XPSBoot.reg
Extract: appinit.bad
Extract: asp.str
Extract: av.cmd
Extract: av.vbs
Extract: badclsid.c
Extract: c.bat
Extract: catchme.3XE
Extract: clsid.c
Extract: dd.3XE
Extract: ddsDo.sed
Extract: dumphive.3XE
Extract: embedded.sed
Extract: extract.3XE
Extract: ffdefstr.dll
Extract: ffext.pif
Extract: files.pif
Extract: firefox.exe
Extract: fl0.bat
Extract: grep.3XE
Extract: gsar.3XE
Extract: handle.3XE
Extract: hidec.3XE
Extract: history.bat
Extract: hwid.pif
Extract: iexplore.exe
Extract: image001.gif
Extract: iphlpsvc.vista.dat
Extract: iphlpsvc.w7.dat
Extract: iphlpsvc.w8.dat
Extract: katch.cmd
Extract: lnkread.vbs
Extract: mbr.3XE
Extract: mbr.chk
Extract: md5sum.pif
Extract: md5sum00.pif
Extract: mtee.3XE
Extract: mynul.dat
Extract: ncmd.com
Extract: ndis_combofix.dat
Extract: netsvc.bad.dat
Extract: netsvc.dat
Extract: netsvc.vista.dat
Extract: netsvc.xp.dat
Extract: nir.pif
Extract: pausep.3XE
Extract: pev.3XE
Extract: pevb.3XE
Extract: powp.dat
Extract: pv.com
Extract: region.dat
Extract: restore_pt.vbs
Extract: rmbr.3XE
Extract: rogues.dat
Extract: run2.sed
Extract: s0rt.3XE
Extract: safeboot.dat
Extract: safeboot.def.dat
Extract: safeboot.def.vista.dat
Extract: sed.3XE
Extract: setpath.3XE
Extract: sqlite3.3XE
Extract: srizbi.md5
Extract: svc_wht.dat
Extract: svchost.dat
Extract: svchost.vista.dat
Extract: svchost.vista.x64.dat
Extract: svchost.w7.dat
Extract: svchost.w7.x64.dat
Extract: svchost.w8.dat
Extract: svchost.w8.x64.dat
Extract: swreg.3XE
Extract: swsc.3XE
Extract: system_ini.dat
Extract: tail.3XE
Extract: toolbar.sed
Extract: vistaMcode.dat
Extract: vistareg.dat
Extract: vun.dat
Extract: w7Mcode.dat
Extract: w7reg.dat
Extract: w8reg.dat
Extract: w_sock.dll
Extract: xpmcode.dat
Extract: xpreg.dat
Extract: zDomain.dat
Extract: zhsvc.dat
Extract: zip.3XE
Output folder: C:\32788R22FWJFW\EN-US
Extract: iexplore.exe
Output folder: C:\32788R22FWJFW\License
Extract: Curl - license.txt
Extract: EXTRACT.TXT
Extract: FI - license.txt
Extract: UnxUtilsDist.com
Extract: UnxUtilsDist.html
Extract: UnxUtilsDist.pif
Extract: Zip - license.txt
Extract: dumphive-license.txt
Extract: firefox.exe
Extract: iexplore.exe
Extract: mtee.txt
Extract: ncmd.cfxxe
Extract: pv_5_2_2.zip
Extract: streamtools.zip
Output folder: C:\32788R22FWJFW\N_
Output folder: C:\32788R22FWJFW
===================
 
and this is the log if it succeeds, before it closes..
 
Output folder: C:\32788R22FWJFW
Delete file: C:\32788R22FWJFW\023.dat
Delete file: C:\32788R22FWJFW\023v.dat
Delete file: C:\32788R22FWJFW\023w7.dat
Delete file: C:\32788R22FWJFW\023w8.dat
Delete file: C:\32788R22FWJFW\ActiveDrv.vbs
Delete file: C:\32788R22FWJFW\AppDataFile.cfx
Delete file: C:\32788R22FWJFW\AppDataFolder.cfx
Delete file: C:\32788R22FWJFW\appinit.bad
Delete file: C:\32788R22FWJFW\asp.str
Delete file: C:\32788R22FWJFW\Assoc.cmd
Delete file: C:\32788R22FWJFW\Auto-RC.cmd
Delete file: C:\32788R22FWJFW\av.cmd
Delete file: C:\32788R22FWJFW\av.vbs
Delete file: C:\32788R22FWJFW\AWF.cmd
Delete file: C:\32788R22FWJFW\badclsid.c
Delete file: C:\32788R22FWJFW\BFE.dat
Delete file: C:\32788R22FWJFW\Boot-Rk.cmd
Delete file: C:\32788R22FWJFW\Boot.bat
Delete file: C:\32788R22FWJFW\BootDrv.vbs
Delete file: C:\32788R22FWJFW\c.bat
Delete file: C:\32788R22FWJFW\Catch-sub.cmd
Delete file: C:\32788R22FWJFW\catchme.3XE
Delete file: C:\32788R22FWJFW\CF-Script.cmd
Delete file: C:\32788R22FWJFW\clsid.c
Delete file: C:\32788R22FWJFW\cmd.3XE
Delete file: C:\32788R22FWJFW\Combo-Fix.sys
Delete file: C:\32788R22FWJFW\Combobatch.bat
Delete file: C:\32788R22FWJFW\ComboFix-Download.3XE
Delete file: C:\32788R22FWJFW\Create.cmd
Delete file: C:\32788R22FWJFW\Creg.dat
Delete file: C:\32788R22FWJFW\CregC.cmd
Delete file: C:\32788R22FWJFW\CregC.dat
Delete file: C:\32788R22FWJFW\dd.3XE
Delete file: C:\32788R22FWJFW\ddsDo.sed
Delete file: C:\32788R22FWJFW\DelClsid.bat
Delete file: C:\32788R22FWJFW\DelClsid64.bat
Delete file: C:\32788R22FWJFW\DesktopFile.cfx
Delete file: C:\32788R22FWJFW\Dnl.dat
Delete file: C:\32788R22FWJFW\DPF.str
Delete file: C:\32788R22FWJFW\DrvRun.vbs
Delete file: C:\32788R22FWJFW\dumphive.3XE
Delete file: C:\32788R22FWJFW\embedded.sed
Delete file: C:\32788R22FWJFW\ERDNT.e_e
Delete file: C:\32788R22FWJFW\ERDNTDOS.LOC
Delete file: C:\32788R22FWJFW\ERDNTWIN.LOC
Delete file: C:\32788R22FWJFW\ERUNT.3XE
Delete file: C:\32788R22FWJFW\ERUNT.LOC
Delete file: C:\32788R22FWJFW\Exe.reg
Delete file: C:\32788R22FWJFW\extract.3XE
Delete file: C:\32788R22FWJFW\FavoriteFolder.cfx
Delete file: C:\32788R22FWJFW\FavoritesFile.cfx
Delete file: C:\32788R22FWJFW\FD-SV.cmd
Delete file: C:\32788R22FWJFW\ffdefstr.dll
Delete file: C:\32788R22FWJFW\ffext.pif
Delete file: C:\32788R22FWJFW\FileKill.3XE
Delete file: C:\32788R22FWJFW\files.pif
Delete file: C:\32788R22FWJFW\Fin.dat
Delete file: C:\32788R22FWJFW\FIND3M.bat
Delete file: C:\32788R22FWJFW\firefox.exe
Delete file: C:\32788R22FWJFW\FIXLSP.bat
Delete file: C:\32788R22FWJFW\FIXLSP64.cmd
Delete file: C:\32788R22FWJFW\FKMGen.cmd
Delete file: C:\32788R22FWJFW\fl0.bat
Delete file: C:\32788R22FWJFW\GetHive.cmd
Delete file: C:\32788R22FWJFW\grep.3XE
Delete file: C:\32788R22FWJFW\gsar.3XE
Delete file: C:\32788R22FWJFW\handle.3XE
Delete file: C:\32788R22FWJFW\hidec.3XE
Delete file: C:\32788R22FWJFW\history.bat
Delete file: C:\32788R22FWJFW\hwid.pif
Delete file: C:\32788R22FWJFW\iexplore.exe
Delete file: C:\32788R22FWJFW\image001.gif
Delete file: C:\32788R22FWJFW\Imefile.dat
Delete file: C:\32788R22FWJFW\Install-RC.cmd
Delete file: C:\32788R22FWJFW\iphlpsvc.vista.dat
Delete file: C:\32788R22FWJFW\iphlpsvc.w7.dat
Delete file: C:\32788R22FWJFW\iphlpsvc.w8.dat
Delete file: C:\32788R22FWJFW\katch.cmd
Delete file: C:\32788R22FWJFW\Kill-All.cmd
Delete file: C:\32788R22FWJFW\KNetSvcs.vbs
Delete file: C:\32788R22FWJFW\Ksvchost.vbs
Delete file: C:\32788R22FWJFW\Lang.bat
Delete file: C:\32788R22FWJFW\List-B.bat
Delete file: C:\32788R22FWJFW\List-C.bat
Delete file: C:\32788R22FWJFW\List-D.bat
Delete file: C:\32788R22FWJFW\List.bat
Delete file: C:\32788R22FWJFW\lnkread.vbs
Delete file: C:\32788R22FWJFW\LocalAppDataFile.cfx
Delete file: C:\32788R22FWJFW\LocalAppDataFolder.cfx
Delete file: C:\32788R22FWJFW\LocalService.dat
Delete file: C:\32788R22FWJFW\LocalServiceNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\LocalSettingsFile.cfx
Delete file: C:\32788R22FWJFW\LocalSettingsFolder.cfx
Delete file: C:\32788R22FWJFW\LocalSystemNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\mbr.3XE
Delete file: C:\32788R22FWJFW\mbr.chk
Delete file: C:\32788R22FWJFW\md5sum.pif
Delete file: C:\32788R22FWJFW\md5sum00.pif
Delete file: C:\32788R22FWJFW\MDWht.dat
Delete file: C:\32788R22FWJFW\MoveIt.bat
Delete file: C:\32788R22FWJFW\MpsSvc.dat
Delete file: C:\32788R22FWJFW\mtee.3XE
Delete file: C:\32788R22FWJFW\mynul.dat
Delete file: C:\32788R22FWJFW\MZChanged.dat
Delete file: C:\32788R22FWJFW\ncmd.com
Delete file: C:\32788R22FWJFW\ndis_combofix.dat
Delete file: C:\32788R22FWJFW\ND_.bat
Delete file: C:\32788R22FWJFW\ND_64.bat
Delete file: C:\32788R22FWJFW\netsvc.bad.dat
Delete file: C:\32788R22FWJFW\netsvc.dat
Delete file: C:\32788R22FWJFW\netsvc.vista.dat
Delete file: C:\32788R22FWJFW\netsvc.xp.dat
Delete file: C:\32788R22FWJFW\NetworkService.dat
Delete file: C:\32788R22FWJFW\nir.pif
Delete file: C:\32788R22FWJFW\NirCmd.3XE
Delete file: C:\32788R22FWJFW\NirCmd.chm
Delete file: C:\32788R22FWJFW\NirCmdC.3XE
Delete file: C:\32788R22FWJFW\NirScript.dat
Delete file: C:\32788R22FWJFW\NT-OS.cmd
Delete file: C:\32788R22FWJFW\OSid.vbs
Delete file: C:\32788R22FWJFW\P.cmd
Delete file: C:\32788R22FWJFW\pausep.3XE
Delete file: C:\32788R22FWJFW\PersonalFile.cfx
Delete file: C:\32788R22FWJFW\PersonalFolder.cfx
Delete file: C:\32788R22FWJFW\pev.3XE
Delete file: C:\32788R22FWJFW\pevb.3XE
Delete file: C:\32788R22FWJFW\Policies.dat
Delete file: C:\32788R22FWJFW\powp.dat
Delete file: C:\32788R22FWJFW\Prep.inf
Delete file: C:\32788R22FWJFW\ProfilesFile.cfx
Delete file: C:\32788R22FWJFW\ProfilesFolder.cfx
Delete file: C:\32788R22FWJFW\ProgramsFile.cfx
Delete file: C:\32788R22FWJFW\ProgramsFolder.cfx
Delete file: C:\32788R22FWJFW\Purity.dat
Delete file: C:\32788R22FWJFW\PV.3XE
Delete file: C:\32788R22FWJFW\pv.com
Delete file: C:\32788R22FWJFW\RCLink.dat
Delete file: C:\32788R22FWJFW\REGDACL.sed
Delete file: C:\32788R22FWJFW\RegDo.sed
Delete file: C:\32788R22FWJFW\region.dat
Delete file: C:\32788R22FWJFW\RegScan.cmd
Delete file: C:\32788R22FWJFW\RegScan64.cmd
Delete file: C:\32788R22FWJFW\restore_pt.vbs
Delete file: C:\32788R22FWJFW\Rkey.cmd
Delete file: C:\32788R22FWJFW\rmbr.3XE
Delete file: C:\32788R22FWJFW\rogues.dat
Delete file: C:\32788R22FWJFW\run2.sed
Delete file: C:\32788R22FWJFW\Rust.str
Delete file: C:\32788R22FWJFW\s0rt.3XE
Delete file: C:\32788R22FWJFW\safeboot.dat
Delete file: C:\32788R22FWJFW\safeboot.def.dat
Delete file: C:\32788R22FWJFW\safeboot.def.vista.dat
Delete file: C:\32788R22FWJFW\Safeboot.def.w7.dat
Delete file: C:\32788R22FWJFW\Safeboot.def.w8.dat
Delete file: C:\32788R22FWJFW\sed.3XE
Delete file: C:\32788R22FWJFW\SetEnvmt.bat
Delete file: C:\32788R22FWJFW\setpath.3XE
Delete file: C:\32788R22FWJFW\ShAccess.dat
Delete file: C:\32788R22FWJFW\SnapShot.cmd
Delete file: C:\32788R22FWJFW\sqlite3.3XE
Delete file: C:\32788R22FWJFW\SRestore.cmd
Delete file: C:\32788R22FWJFW\srizbi.md5
Delete file: C:\32788R22FWJFW\StartMenuFile.cfx
Delete file: C:\32788R22FWJFW\StartMenuFolder.cfx
Delete file: C:\32788R22FWJFW\StartUpFile.cfx
Delete file: C:\32788R22FWJFW\SuppScan.cmd
Delete file: C:\32788R22FWJFW\SvcDrv.vbs
Delete file: C:\32788R22FWJFW\svchost.dat
Delete file: C:\32788R22FWJFW\svchost.vista.dat
Delete file: C:\32788R22FWJFW\svchost.vista.x64.dat
Delete file: C:\32788R22FWJFW\svchost.w7.dat
Delete file: C:\32788R22FWJFW\svchost.w7.x64.dat
Delete file: C:\32788R22FWJFW\svchost.w8.dat
Delete file: C:\32788R22FWJFW\svchost.w8.x64.dat
Delete file: C:\32788R22FWJFW\svc_wht.dat
Delete file: C:\32788R22FWJFW\swreg.3XE
Delete file: C:\32788R22FWJFW\swsc.3XE
Delete file: C:\32788R22FWJFW\swxcacls.3XE
Delete file: C:\32788R22FWJFW\TemplatesFile.cfx
Delete file: C:\32788R22FWJFW\TemplatesFolder.cfx
Delete file: C:\32788R22FWJFW\UndoW7_XP.dat
Delete file: C:\32788R22FWJFW\Update-CF.cmd
Delete file: C:\32788R22FWJFW\VBR.pif
Delete file: C:\32788R22FWJFW\VInfo
Delete file: C:\32788R22FWJFW\VInfo2
Delete file: C:\32788R22FWJFW\VINFO3
Delete file: C:\32788R22FWJFW\Vipev.dat
Delete file: C:\32788R22FWJFW\VwinTemp.dacl
Delete file: C:\32788R22FWJFW\Wmi_rem.vbs
Delete file: C:\32788R22FWJFW\XPSBoot.reg
Extract: 023.dat
Extract: 023v.dat
Extract: 023w7.dat
Extract: 023w8.dat
Extract: AWF.cmd
Extract: ActiveDrv.vbs
Extract: AppDataFile.cfx
Extract: AppDataFolder.cfx
Extract: Assoc.cmd
Extract: Auto-RC.cmd
Extract: BFE.dat
Extract: Boot-Rk.cmd
Extract: Boot.bat
Extract: BootDrv.vbs
Extract: CF-Script.cmd
Extract: Catch-sub.cmd
Extract: Combo-Fix.sys
Extract: ComboFix-Download.3XE
Extract: Combobatch.bat
Extract: Create.cmd
Extract: Creg.dat
Extract: CregC.cmd
Extract: CregC.dat
Extract: DPF.str
Extract: DelClsid.bat
Extract: DelClsid64.bat
Extract: DesktopFile.cfx
Extract: Dnl.dat
Extract: DrvRun.vbs
Extract: ERDNT.e_e
Extract: ERDNTDOS.LOC
Extract: ERDNTWIN.LOC
Extract: ERUNT.3XE
Extract: ERUNT.LOC
Extract: Exe.reg
Extract: FD-SV.cmd
Extract: FIND3M.bat
Extract: FIXLSP.bat
Extract: FIXLSP64.cmd
Extract: FKMGen.cmd
Extract: FavoriteFolder.cfx
Extract: FavoritesFile.cfx
Extract: FileKill.3XE
Extract: Fin.dat
Extract: GetHive.cmd
Extract: Imefile.dat
Extract: Install-RC.cmd
Extract: KNetSvcs.vbs
Extract: Kill-All.cmd
Extract: Ksvchost.vbs
Extract: Lang.bat
Extract: List-B.bat
Extract: List-C.bat
Extract: List-D.bat
Extract: List.bat
Extract: LocalAppDataFile.cfx
Extract: LocalAppDataFolder.cfx
Extract: LocalService.dat
Extract: LocalServiceNetworkRestricted.dat
Extract: LocalSettingsFile.cfx
Extract: LocalSettingsFolder.cfx
Extract: LocalSystemNetworkRestricted.dat
Extract: MDWht.dat
Extract: MZChanged.dat
Extract: MoveIt.bat
Extract: MpsSvc.dat
Extract: ND_.bat
Extract: ND_64.bat
Extract: NT-OS.cmd
Extract: NetworkService.dat
Extract: NirCmd.3XE
Extract: NirCmd.chm
Extract: NirCmdC.3XE
Extract: NirScript.dat
Extract: OSid.vbs
Extract: P.cmd
Extract: PV.3XE
Extract: PersonalFile.cfx
Extract: PersonalFolder.cfx
Extract: Policies.dat
Extract: Prep.inf
Extract: ProfilesFile.cfx
Extract: ProfilesFolder.cfx
Extract: ProgramsFile.cfx
Extract: ProgramsFolder.cfx
Extract: Purity.dat
Extract: RCLink.dat
Extract: REGDACL.sed
Extract: RegDo.sed
Extract: RegScan.cmd
Extract: RegScan64.cmd
Extract: Rkey.cmd
Extract: Rust.str
Extract: SRestore.cmd
Extract: Safeboot.def.w7.dat
Extract: Safeboot.def.w8.dat
Extract: SetEnvmt.bat
Extract: ShAccess.dat
Extract: SnapShot.cmd
Extract: StartMenuFile.cfx
Extract: StartMenuFolder.cfx
Extract: StartUpFile.cfx
Extract: SuppScan.cmd
Extract: SvcDrv.vbs
Extract: TemplatesFile.cfx
Extract: TemplatesFolder.cfx
Extract: UndoW7_XP.dat
Extract: Update-CF.cmd
Extract: VBR.pif
Extract: VINFO3
Extract: VInfo
Extract: VInfo2
Extract: Vipev.dat
Extract: VwinTemp.dacl
Extract: Wmi_rem.vbs
Extract: XPSBoot.reg
Extract: appinit.bad
Extract: asp.str
Extract: av.cmd
Extract: av.vbs
Extract: badclsid.c
Extract: c.bat
Extract: catchme.3XE
Extract: clsid.c
Extract: dd.3XE
Extract: ddsDo.sed
Extract: dumphive.3XE
Extract: embedded.sed
Extract: extract.3XE
Extract: ffdefstr.dll
Extract: ffext.pif
Extract: files.pif
Extract: firefox.exe
Extract: fl0.bat
Extract: grep.3XE
Extract: gsar.3XE
Extract: handle.3XE
Extract: hidec.3XE
Extract: history.bat
Extract: hwid.pif
Extract: iexplore.exe
Extract: image001.gif
Extract: iphlpsvc.vista.dat
Extract: iphlpsvc.w7.dat
Extract: iphlpsvc.w8.dat
Extract: katch.cmd
Extract: lnkread.vbs
Extract: mbr.3XE
Extract: mbr.chk
Extract: md5sum.pif
Extract: md5sum00.pif
Extract: mtee.3XE
Extract: mynul.dat
Extract: ncmd.com
Extract: ndis_combofix.dat
Extract: netsvc.bad.dat
Extract: netsvc.dat
Extract: netsvc.vista.dat
Extract: netsvc.xp.dat
Extract: nir.pif
Extract: pausep.3XE
Extract: pev.3XE
Extract: pevb.3XE
Extract: powp.dat
Extract: pv.com
Extract: region.dat
Extract: restore_pt.vbs
Extract: rmbr.3XE
Extract: rogues.dat
Extract: run2.sed
Extract: s0rt.3XE
Extract: safeboot.dat
Extract: safeboot.def.dat
Extract: safeboot.def.vista.dat
Extract: sed.3XE
Extract: setpath.3XE
Extract: sqlite3.3XE
Extract: srizbi.md5
Extract: svc_wht.dat
Extract: svchost.dat
Extract: svchost.vista.dat
Extract: svchost.vista.x64.dat
Extract: svchost.w7.dat
Extract: svchost.w7.x64.dat
Extract: svchost.w8.dat
Extract: svchost.w8.x64.dat
Extract: swreg.3XE
Extract: swsc.3XE
Extract: swxcacls.3XE
Extract: system_ini.dat
Extract: tail.3XE
Extract: toolbar.sed
Extract: vistaMcode.dat
Extract: vistareg.dat
Extract: vun.dat
Extract: w7Mcode.dat
Extract: w7reg.dat
Extract: w8reg.dat
Extract: w_sock.dll
Extract: xpmcode.dat
Extract: xpreg.dat
Extract: zDomain.dat
Extract: zhsvc.dat
Extract: zip.3XE
Output folder: C:\32788R22FWJFW\EN-US
Extract: iexplore.exe
Output folder: C:\32788R22FWJFW\License
Extract: Curl - license.txt
Extract: EXTRACT.TXT
Extract: FI - license.txt
Extract: UnxUtilsDist.com
Extract: UnxUtilsDist.html
Extract: UnxUtilsDist.pif
Extract: Zip - license.txt
Extract: dumphive-license.txt
Extract: firefox.exe
Extract: iexplore.exe
Extract: mtee.txt
Extract: ncmd.cfxxe
Extract: pv_5_2_2.zip
Extract: streamtools.zip
Output folder: C:\32788R22FWJFW\N_
Output folder: C:\32788R22FWJFW
 

 


Edited by ZerkOnFire, 27 July 2013 - 04:49 PM.


#8 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 27 July 2013 - 10:39 PM

Probably a bad copy. Try downloading it again.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#9 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 28 July 2013 - 10:15 PM

Waited 5 minutes and it never popped up(blue box thingy) 

 

What now?

 

and yes, I tried both links, restarted and tried again, and at least 10 times.



#10 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 28 July 2013 - 11:32 PM

I know you're feeling frustrated now. We will proceed without combofix for the moment.

Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#11 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 29 July 2013 - 01:20 AM

I noticed this in my log, can I delete these?
 
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx

 

 
 
----------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Jeremy (administrator) on 29-07-2013 02:14:44
Running from C:\Users\Jeremy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files (x86)\Glary Utilities 3\x64\Win64ShellLink.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Integrator.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(GlarySoft Ltd) C:\Program Files (x86)\Glary Utilities 3\memdefrag.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
() C:\Users\Jeremy\Local Settings\Apps\F.lux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Jeremy\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [EeeStorageBackup] - C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [SBRegRebootCleaner] - C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe [201608 2012-10-29] (GFI Software)
HKCU\...\Run: [Glary Memory Optimizer] - C:\Program Files (x86)\Glary Utilities 3\memdefrag.exe [117536 2013-07-22] (GlarySoft Ltd)
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: F - F:\SETUP.EXE
MountPoints2: G - G:\RunGame.exe
MountPoints2: I - I:\SETUP.EXE
MountPoints2: {724a2dba-39c4-11e0-9dba-c70e78f3cb56} - D:\LaunchU3.exe -a
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-02] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [SBAMTray] - C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe [3149704 2012-10-29] (GFI Software)
HKLM-x32\...\Run: [PrivitizeVPN] - C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe [196784 2013-07-23] (OOO Industry)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKU\Jeremy_x3\...\Policies\system: [LogonHoursAction] 2
HKU\Jeremy_x3\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Teytey♥\...\Policies\system: [LogonHoursAction] 2
HKU\Teytey♥\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
BootExecute: autocheck autochk *  BootDefrag.exe
 
==================== Internet (Whitelisted) ====================
 
URLSearchHook: (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -  No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 209.55.27.13
Tcpip\..\Interfaces\{AFA18CC3-1100-4AFA-AC5A-097CBC6B6936}: [NameServer]127.0.0.1
 
Chrome: 
=======
CHR HomePage: about:blank
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.2_0
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Torrent Turbo Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\4.0.0_0
CHR Extension: (AdBlock) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.3_0
CHR Extension: (Google Mail Checker) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Late Night) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx
 
==================== Services (Whitelisted) =================
 
R2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-29] (Conexant Systems, Inc.)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-23] (ASUSTeK Computer Inc.)
R2 gfi_lanss10_attservice; C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [115568 2012-10-24] (GFI Software Development Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SBAMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [3677000 2012-10-29] (GFI Software)
R2 SBPIMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [175496 2012-10-29] (GFI Software)
R2 SCEFSMounter; C:\Program Files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe [79872 2012-06-20] (Sony Computer Entertainment Inc.)
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [245760 2010-09-10] (SMServer)
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-04-24] (<Glarysoft Ltd>)
R0 BootDefragDriver; C:\Windows\SysWow64\drivers\BootDefragDriver.sys [16640 2013-04-24] (<Glarysoft Ltd>)
R3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [33848 2010-09-11] (Windows ® Codename Longhorn DDK provider)
S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-29] (Conexant Systems, Inc.)
R3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2012-01-20] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
S3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-13] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 NPF; C:\Windows\SysWow64\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
R1 pfs_dokan; C:\Windows\System32\DRIVERS\pfs_dokan.sys [56496 2012-06-20] (Sony Computer Entertainment Inc.)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [55384 2011-04-29] (Sunbelt Software)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-07-08] (Spotflux, Inc.)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-29] (Conexant Systems, Inc.)
S3 easytether; system32\DRIVERS\easytthr.sys [x]
U3 tmlwf; 
U3 tmwfp; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-07-29 02:14 - 2013-07-29 02:14 - 00000000 ____D C:\FRST
2013-07-29 02:13 - 2013-07-29 02:14 - 01780547 _____ (Farbar) C:\Users\Jeremy\Downloads\FRST64.exe
2013-07-29 01:00 - 2013-07-29 01:00 - 00000000 _____ C:\Windows\system32\SBRC.dat
2013-07-28 23:14 - 2013-07-28 23:14 - 00000000 ____D C:\Qoobox
2013-07-28 23:13 - 2013-07-28 23:13 - 05095176 ____R (Swearware) C:\Users\Jeremy\Downloads\ComboFix (1).exe
2013-07-28 14:12 - 2013-07-28 23:19 - 00000112 _____ C:\Windows\setupact.log
2013-07-28 14:12 - 2013-07-28 14:12 - 00000000 _____ C:\Windows\setuperr.log
2013-07-27 23:34 - 2013-07-27 23:34 - 15696982 _____ (Skyrim Online                                               ) C:\Users\Jeremy\Downloads\setup.exe
2013-07-27 23:34 - 2013-07-27 23:34 - 00266104 _____ C:\Users\Jeremy\Downloads\skse_1_06_15_installer.exe
2013-07-27 23:25 - 2013-07-27 23:25 - 00167480 _____ () C:\Users\Jeremy\Downloads\VLCMediaPlayerSetup-eGvgG1s.exe
2013-07-27 23:03 - 2013-07-27 23:03 - 00000000 ____D C:\Users\Jeremy\Documents\My torrents
2013-07-27 22:04 - 2013-07-27 22:04 - 00000000 ____D C:\Users\Jeremy\Downloads\Sony Dex Tool
2013-07-27 21:48 - 2013-07-27 21:48 - 61478110 _____ C:\Users\Jeremy\Downloads\ProDG v4.20.1.0 + PS3Gen v3.30 Tools.rar
2013-07-27 21:24 - 2013-07-27 21:24 - 01005568 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\dotNetFx45_Full_setup (1).exe
2013-07-27 21:22 - 2013-07-27 21:22 - 01005568 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\dotNetFx45_Full_setup.exe
2013-07-27 21:21 - 2013-07-27 21:22 - 05718872 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x64.exe
2013-07-27 21:21 - 2013-07-27 21:22 - 05073240 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x86 (1).exe
2013-07-27 21:21 - 2013-07-27 21:21 - 01821192 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x86.exe
2013-07-27 21:16 - 2013-07-27 21:17 - 01920194 _____ C:\Users\Jeremy\Downloads\c2d_openssl.rar
2013-07-27 21:01 - 2013-07-27 21:01 - 00071024 _____ C:\Users\Jeremy\Downloads\eEID_RKDumper.pkg
2013-07-27 17:23 - 2013-07-27 17:41 - 05095176 ____R (Swearware) C:\Users\Jeremy\Downloads\ComboFix.exe
2013-07-27 17:16 - 2013-07-28 23:14 - 00000000 ___SD C:\32788R22FWJFW
2013-07-27 17:16 - 2013-07-27 17:16 - 00000000 ____D C:\Windows\erdnt
2013-07-27 15:30 - 2013-07-27 15:30 - 00000000 ____D C:\Program Files (x86)\WinPcap
2013-07-27 15:24 - 2013-07-27 15:26 - 26660121 _____ C:\Users\Jeremy\Downloads\NetTools5.0.70.zip
2013-07-26 02:04 - 2013-07-26 02:04 - 10768507 _____ C:\Users\Jeremy\Downloads\BO2 Tool by Raz0rMind.rar
2013-07-25 23:38 - 2013-07-25 23:38 - 01488854 _____ C:\Users\Jeremy\Downloads\Black Ops II Real Time Editor 1.13 By EaZyMoDzHD.rar
2013-07-25 22:27 - 2013-07-25 22:28 - 14216280 _____ C:\Users\Jeremy\Downloads\ZOMBIE1.13_EBOOT.BIN
2013-07-25 22:27 - 2013-07-25 22:27 - 00000000 ____D C:\Users\Jeremy\Desktop\1111111
2013-07-25 22:25 - 2013-07-25 22:25 - 00000717 _____ C:\Users\Jeremy\Documents\HxD.ini
2013-07-25 22:14 - 2013-07-25 22:15 - 14216280 _____ C:\Users\Jeremy\Downloads\MP113BOII.BIN
2013-07-25 22:12 - 2013-07-25 22:12 - 19448119 _____ C:\Users\Jeremy\Downloads\FIXED BO2 1.13 RAWDOG RTE ZOMBIE TOOL.rar
2013-07-25 22:07 - 2013-07-25 22:07 - 00102400 _____ C:\Users\Jeremy\Downloads\(BLUS31011) B02 Paladin Camo Fix By [XxUnkn0wnxX].pkg
2013-07-25 21:10 - 2013-07-25 21:10 - 01585515 _____ C:\Users\Jeremy\Downloads\Black OPS II RTM Tool [1.13] by i_iTop_i v1.1.rar
2013-07-25 21:04 - 2013-07-25 21:35 - 00000000 ____D C:\Users\Jeremy\Desktop\make_fself
2013-07-25 21:04 - 2013-07-25 21:06 - 00000000 ____D C:\Users\Jeremy\Desktop\TrueAncestor SELF Resigner v1.85
2013-07-25 21:04 - 2013-07-25 21:04 - 00000000 ____D C:\Users\Jeremy\Desktop\BOII Zombies [1.13] xSOKNEYx v3.2
2013-07-25 21:03 - 2013-07-25 21:03 - 00722129 _____ C:\Users\Jeremy\Downloads\TrueAncestor SELF Resigner v1.85.zip
2013-07-25 21:03 - 2013-07-25 21:03 - 00088467 _____ C:\Users\Jeremy\Downloads\make_fself.rar
2013-07-25 20:58 - 2013-07-25 20:58 - 13734676 _____ C:\Users\Jeremy\Downloads\BOII113ELFS.rar
2013-07-25 20:52 - 2013-07-25 20:56 - 161438560 _____ C:\Users\Jeremy\Downloads\UP0002-BLUS31011_00-CODBLOPS2PATCH09-A0113-V0100-PE.pkg
2013-07-25 19:46 - 2013-07-25 19:46 - 00102400 _____ C:\Users\Jeremy\Downloads\(BLUS31011) Camo Pack 3 Fix By [XxUnkn0wnxX].pkg
2013-07-25 19:18 - 2013-07-25 19:18 - 02735451 _____ C:\Users\Jeremy\Downloads\BOII Zombies [1.13] xSOKNEYx v3.2.rar
2013-07-23 23:00 - 2013-07-23 23:00 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Apple Computer
2013-07-23 22:19 - 2013-07-28 23:21 - 00003174 _____ C:\Windows\System32\Tasks\P4GIntlCtrl
2013-07-23 22:00 - 2013-07-23 22:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-23 21:28 - 2013-07-23 22:49 - 00000000 ____D C:\Users\Jeremy\Desktop\mbar
2013-07-23 21:24 - 2013-07-23 21:24 - 13399154 _____ C:\Users\Jeremy\Downloads\mbar-1.06.0.1004.zip
2013-07-23 21:24 - 2013-07-23 21:24 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\WinRAR
2013-07-23 21:10 - 2013-07-23 21:10 - 01129552 _____ (BitTorrent Inc.) C:\Users\Jeremy\Downloads\utorrent.exe
2013-07-23 14:50 - 2013-07-23 14:50 - 00000000 ____D C:\ProgramData\spotflux
2013-07-23 14:46 - 2013-07-23 14:47 - 06097256 _____ C:\Users\Jeremy\Downloads\spotflux-latestPC.exe
2013-07-23 13:48 - 2013-04-24 02:52 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-07-23 13:45 - 2013-07-23 13:48 - 00000075 _____ C:\DiskDefrag.log
2013-07-23 13:40 - 2013-07-23 13:44 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Apple Computer
2013-07-23 13:40 - 2013-07-23 13:40 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-07-23 13:40 - 2013-07-23 13:40 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Apple Computer
2013-07-23 13:40 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-07-23 13:39 - 2013-07-23 13:40 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-23 13:39 - 2013-07-23 13:40 - 00000000 ____D C:\Program Files\iTunes
2013-07-23 13:39 - 2013-07-23 13:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-23 13:39 - 2013-07-23 13:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-23 13:39 - 2013-07-23 13:39 - 00000000 ____D C:\Program Files\iPod
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Apple
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-23 13:21 - 2013-07-23 13:21 - 00000000 ____D C:\Program Files\Bonjour
2013-07-23 13:20 - 2013-07-23 13:21 - 00000000 ____D C:\ProgramData\Apple
2013-07-23 13:19 - 2013-07-23 13:19 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Malwarebytes
2013-07-23 13:08 - 2013-07-23 13:08 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN
2013-07-23 13:08 - 2013-07-23 13:08 - 00000000 ____D C:\Program Files (x86)\PrivitizeVPN
2013-07-23 13:07 - 2013-07-23 13:07 - 00893000 _____ (PrivitizeVPN) C:\Users\Jeremy\Downloads\privitize_secure.exe
2013-07-23 12:59 - 2013-07-23 12:59 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\QuickScan
2013-07-23 12:32 - 2013-07-23 12:32 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-23 12:31 - 2013-07-29 01:36 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-23 12:31 - 2013-07-28 23:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 12:31 - 2013-07-23 12:31 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-23 12:31 - 2013-07-23 12:31 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-23 12:29 - 2013-07-23 12:29 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Adobe
2013-07-23 11:23 - 2013-07-23 11:23 - 00001042 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-07-23 11:22 - 2013-07-23 11:22 - 16285968 _____ C:\Users\Jeremy\Downloads\gu3setup.exe
2013-07-23 11:18 - 2013-07-23 11:18 - 35023512 _____ (Google Inc.) C:\Users\Jeremy\Downloads\ChromeStandaloneSetup.exe
2013-07-23 10:56 - 2013-07-23 10:56 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DiskDefrag
2013-07-23 09:36 - 2013-07-23 09:36 - 00003577 _____ C:\Users\Jeremy_x3\Desktop\attach.zip
2013-07-23 09:34 - 2013-07-23 09:34 - 00009273 _____ C:\Users\Jeremy_x3\Desktop\attach.txt
2013-07-23 09:34 - 2013-07-23 09:33 - 00019065 _____ C:\Users\Jeremy_x3\Desktop\dds.txt
2013-07-23 09:26 - 2013-07-23 09:26 - 00688992 ____R (Swearware) C:\Users\Jeremy_x3\Desktop\dds.com
2013-07-23 08:08 - 2013-07-23 08:08 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Malwarebytes
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-23 08:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-23 07:48 - 2013-07-23 07:48 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\WinRAR
2013-07-23 07:40 - 2013-07-23 12:32 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-23 07:40 - 2013-07-23 07:41 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Google
2013-07-23 07:40 - 2013-07-23 07:40 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Deployment
2013-07-23 07:40 - 2013-07-23 07:40 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Apps\2.0
2013-07-23 00:48 - 2013-07-23 00:48 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Power2Go
2013-07-23 00:38 - 2013-07-23 00:38 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Asus WebStorage
2013-07-23 00:05 - 2013-07-23 00:05 - 00002033 _____ C:\Users\Jeremy\Desktop\VIPRE Internet Security.lnk
2013-07-22 23:45 - 2013-07-23 10:46 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\uTorrent
2013-07-22 23:33 - 2013-07-22 23:33 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\VS Revo Group
2013-07-22 23:17 - 2013-07-22 23:20 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Adobe
2013-07-22 22:39 - 2013-07-23 06:21 - 00000000 ___DC C:\Users\Jeremy_x3\AppData\Local\MigWiz
2013-07-22 22:38 - 2013-07-22 22:38 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\GlarySoft
2013-07-22 22:18 - 2013-07-23 00:38 - 00078776 _____ C:\Users\Jeremy_x3\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\GFI Software
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Adobe
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\SRS Labs
2013-07-22 22:17 - 2013-07-23 23:10 - 00000632 __RSH C:\Users\Jeremy_x3\ntuser.pol
2013-07-22 22:17 - 2013-07-23 23:10 - 00000000 ____D C:\Users\Jeremy_x3
2013-07-22 22:17 - 2013-07-23 07:57 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\VirtualStore
2013-07-22 22:17 - 2013-07-22 22:17 - 00000020 ___SH C:\Users\Jeremy_x3\ntuser.ini
2013-07-22 22:17 - 2013-03-18 19:43 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Apple Computer
2013-07-22 22:17 - 2010-01-15 23:50 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Microsoft Help
2013-07-22 21:52 - 2013-07-22 21:52 - 00003558 _____ C:\Windows\System32\Tasks\{C1709A1B-B4F0-4CFB-B2B3-196F94D82F49}
2013-07-22 14:58 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-22 14:58 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-22 14:58 - 2012-08-23 10:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-22 14:58 - 2012-08-23 09:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-07-22 14:58 - 2012-08-23 09:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-07-22 14:58 - 2012-08-23 09:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-22 14:58 - 2012-08-23 09:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-22 14:58 - 2012-08-23 09:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-22 14:58 - 2012-08-23 09:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-22 14:58 - 2012-08-23 09:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-22 14:58 - 2012-08-23 09:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-22 14:58 - 2012-08-23 09:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-22 14:58 - 2012-08-23 08:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-22 14:58 - 2012-08-23 07:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-22 14:58 - 2012-08-23 07:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-22 14:58 - 2012-08-23 07:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-22 14:58 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-07-22 14:58 - 2012-08-23 06:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-22 14:58 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-22 14:58 - 2012-08-23 06:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-22 14:58 - 2012-08-23 06:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-22 14:58 - 2012-08-23 05:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-22 14:58 - 2012-08-23 04:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-22 14:58 - 2012-08-23 04:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-22 14:51 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-22 14:44 - 2013-05-10 01:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-22 14:44 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-22 14:44 - 2013-04-25 19:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-22 14:44 - 2013-04-17 03:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-22 14:44 - 2013-04-17 02:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-22 14:44 - 2013-03-31 18:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-22 14:44 - 2013-03-19 01:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-22 14:44 - 2013-03-19 01:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-22 14:44 - 2013-01-24 02:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-07-22 14:44 - 2012-08-24 14:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-22 14:44 - 2012-08-24 14:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-22 14:44 - 2012-08-24 14:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-22 14:44 - 2012-08-24 14:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-22 14:44 - 2012-08-24 12:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-22 14:44 - 2012-08-24 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-22 14:44 - 2012-08-24 12:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-22 14:44 - 2012-05-04 07:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-22 14:44 - 2012-05-04 05:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-22 13:17 - 2013-07-22 13:17 - 00000385 _____ C:\Users\Jeremy\AppData\Roaminguser_gensett.xml
2013-07-22 03:36 - 2013-07-22 03:36 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-07-22 03:21 - 2013-07-22 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-07-22 03:21 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2013-07-22 02:56 - 2013-07-22 14:10 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-07-21 20:56 - 2013-07-21 20:56 - 00000000 ____D C:\Users\Jeremy\Downloads\AutoKiller Memory Optimizer
2013-07-21 19:14 - 2013-07-21 19:14 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-21 19:08 - 2013-07-21 19:09 - 39637065 _____ C:\Users\Jeremy\Desktop\20130717_214725.mp4
2013-07-21 17:04 - 2013-07-21 17:04 - 00000043 _____ C:\Users\Jeremy\Desktop\RuneScape - Deadmaul x.txt
2013-07-21 17:00 - 2013-07-21 17:00 - 00000037 _____ C:\Users\Jeremy\Desktop\RuneScape - King Moore20.txt
2013-07-21 16:57 - 2013-07-21 16:57 - 00679098 _____ C:\Users\Jeremy\Desktop\RSBot-4068.jar
2013-07-21 16:56 - 2013-07-21 16:56 - 00000071 _____ C:\Users\Jeremy\Desktop\RuneScape - xP A R T Y Z.txt
2013-07-20 23:56 - 2013-07-20 23:56 - 01125464 _____ (BitTorrent Inc.) C:\Users\Jeremy\Downloads\BitTorrent.exe
2013-07-20 20:48 - 2013-07-21 01:03 - 00000000 ____D C:\Users\Jeremy\Downloads\Falskaar
2013-07-20 20:14 - 2013-07-20 20:14 - 00000000 ____D C:\Users\Jeremy\Data
2013-07-20 20:12 - 2013-07-20 20:12 - 00000000 ____D C:\Users\Jeremy\Documents\Nexus Mod Manager
2013-07-12 14:05 - 2013-07-12 14:06 - 28484163 _____ C:\Users\Jeremy\Desktop\sims3mods.rar
2013-07-12 13:07 - 2013-07-12 13:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-07-12 12:53 - 2010-11-02 23:56 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-07-12 12:53 - 2010-11-02 23:56 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2013-07-12 12:53 - 2010-11-02 23:56 - 00201280 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-07-12 12:53 - 2010-11-02 23:56 - 00079680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-07-12 03:00 - 2013-07-12 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 02:35 - 2013-07-22 03:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\SysWOW64\BootDefrag.exe
2013-07-11 02:35 - 2013-07-22 03:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-07-11 02:35 - 2013-04-24 02:52 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\SysWOW64\Drivers\BootDefragDriver.sys
2013-07-11 02:10 - 2013-07-11 02:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-07-11 02:07 - 2013-07-28 23:26 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-07-11 02:07 - 2013-07-28 23:20 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-07-11 02:07 - 2013-07-23 11:23 - 00002634 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-07-11 02:07 - 2013-07-11 02:07 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\GlarySoft
2013-07-09 21:25 - 2013-06-06 23:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-09 21:24 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-09 21:24 - 2013-06-11 19:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-09 21:24 - 2013-06-11 19:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-09 21:24 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 21:24 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 21:24 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 21:24 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-09 21:24 - 2013-06-11 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-09 21:24 - 2013-06-11 18:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-09 21:24 - 2013-06-11 18:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 21:24 - 2013-06-06 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-09 14:22 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 14:22 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 14:18 - 2013-06-04 02:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 14:18 - 2013-06-04 00:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 14:18 - 2013-05-06 02:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 14:18 - 2013-05-06 00:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 14:12 - 2013-06-04 23:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-08 16:12 - 2013-07-08 16:12 - 00039104 _____ (Spotflux, Inc.) C:\Windows\system32\Drivers\tapSF0901.sys
2013-07-07 17:20 - 2013-07-07 17:20 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:17 - 2013-07-07 17:16 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:00 - 2013-07-07 17:16 - 00000000 ____D C:\Program Files\Java
2013-07-07 16:43 - 2013-07-07 16:43 - 00000000 ____D C:\Program Files\VS Revo Group
2013-07-07 16:43 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2013-07-07 16:32 - 2013-07-07 17:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-06 23:36 - 2013-07-06 23:36 - 00000000 ____D C:\Program Files (x86)\OpenVPN Technologies
2013-07-03 13:28 - 2013-05-13 01:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-03 13:28 - 2013-05-13 01:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-03 13:28 - 2013-05-13 01:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-03 13:28 - 2013-05-13 01:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-03 13:28 - 2013-05-13 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-03 13:28 - 2013-05-13 00:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-03 13:28 - 2013-05-13 00:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-03 13:28 - 2013-05-12 23:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-03 13:28 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-03 13:28 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-03 13:27 - 2013-05-08 02:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-03 13:27 - 2013-04-10 02:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-03 13:27 - 2013-04-10 02:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-03 13:27 - 2013-02-27 02:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-03 13:27 - 2013-02-27 01:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-03 13:27 - 2013-02-27 01:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-03 13:27 - 2013-02-27 01:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-03 13:27 - 2013-02-27 01:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-03 13:27 - 2013-02-27 00:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-03 13:27 - 2013-02-27 00:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-03 13:27 - 2013-02-27 00:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-03 13:27 - 2011-02-03 07:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-03 13:26 - 2013-04-26 01:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-03 13:26 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-03 13:26 - 2013-04-12 10:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
 
==================== One Month Modified Files and Folders =======
 
2013-07-29 02:15 - 2012-09-01 00:37 - 00000000 ____D C:\Program Files\PeerBlock
2013-07-29 02:14 - 2013-07-29 02:14 - 00000000 ____D C:\FRST
2013-07-29 02:14 - 2013-07-29 02:13 - 01780547 _____ (Farbar) C:\Users\Jeremy\Downloads\FRST64.exe
2013-07-29 02:14 - 2012-10-17 16:32 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\uTorrent
2013-07-29 01:40 - 2012-05-13 13:01 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\vlc
2013-07-29 01:36 - 2013-07-23 12:31 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 01:00 - 2013-07-29 01:00 - 00000000 _____ C:\Windows\system32\SBRC.dat
2013-07-29 00:59 - 2010-03-31 09:04 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7F6A133D-8775-4524-A436-5765190CF1EC}
2013-07-28 23:26 - 2013-07-11 02:07 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-07-28 23:26 - 2009-07-14 00:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 23:26 - 2009-07-14 00:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 23:24 - 2009-11-02 12:33 - 00003004 _____ C:\Windows\System32\Tasks\ASUS Live Update
2013-07-28 23:24 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 23:21 - 2013-07-23 22:19 - 00003174 _____ C:\Windows\System32\Tasks\P4GIntlCtrl
2013-07-28 23:20 - 2013-07-23 12:31 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 23:20 - 2013-07-11 02:07 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-07-28 23:19 - 2013-07-28 14:12 - 00000112 _____ C:\Windows\setupact.log
2013-07-28 23:19 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 23:18 - 2009-11-02 11:58 - 01192093 _____ C:\Windows\WindowsUpdate.log
2013-07-28 23:14 - 2013-07-28 23:14 - 00000000 ____D C:\Qoobox
2013-07-28 23:14 - 2013-07-27 17:16 - 00000000 ___SD C:\32788R22FWJFW
2013-07-28 23:13 - 2013-07-28 23:13 - 05095176 ____R (Swearware) C:\Users\Jeremy\Downloads\ComboFix (1).exe
2013-07-28 14:13 - 2009-11-02 12:38 - 00002812 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-28 14:12 - 2013-07-28 14:12 - 00000000 _____ C:\Windows\setuperr.log
2013-07-27 23:34 - 2013-07-27 23:34 - 15696982 _____ (Skyrim Online                                               ) C:\Users\Jeremy\Downloads\setup.exe
2013-07-27 23:34 - 2013-07-27 23:34 - 00266104 _____ C:\Users\Jeremy\Downloads\skse_1_06_15_installer.exe
2013-07-27 23:25 - 2013-07-27 23:25 - 00167480 _____ () C:\Users\Jeremy\Downloads\VLCMediaPlayerSetup-eGvgG1s.exe
2013-07-27 23:03 - 2013-07-27 23:03 - 00000000 ____D C:\Users\Jeremy\Documents\My torrents
2013-07-27 22:04 - 2013-07-27 22:04 - 00000000 ____D C:\Users\Jeremy\Downloads\Sony Dex Tool
2013-07-27 21:48 - 2013-07-27 21:48 - 61478110 _____ C:\Users\Jeremy\Downloads\ProDG v4.20.1.0 + PS3Gen v3.30 Tools.rar
2013-07-27 21:24 - 2013-07-27 21:24 - 01005568 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\dotNetFx45_Full_setup (1).exe
2013-07-27 21:22 - 2013-07-27 21:22 - 01005568 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\dotNetFx45_Full_setup.exe
2013-07-27 21:22 - 2013-07-27 21:21 - 05718872 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x64.exe
2013-07-27 21:22 - 2013-07-27 21:21 - 05073240 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x86 (1).exe
2013-07-27 21:21 - 2013-07-27 21:21 - 01821192 _____ (Microsoft Corporation) C:\Users\Jeremy\Downloads\vcredist_x86.exe
2013-07-27 21:17 - 2013-07-27 21:16 - 01920194 _____ C:\Users\Jeremy\Downloads\c2d_openssl.rar
2013-07-27 21:01 - 2013-07-27 21:01 - 00071024 _____ C:\Users\Jeremy\Downloads\eEID_RKDumper.pkg
2013-07-27 17:41 - 2013-07-27 17:23 - 05095176 ____R (Swearware) C:\Users\Jeremy\Downloads\ComboFix.exe
2013-07-27 17:16 - 2013-07-27 17:16 - 00000000 ____D C:\Windows\erdnt
2013-07-27 17:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-27 15:30 - 2013-07-27 15:30 - 00000000 ____D C:\Program Files (x86)\WinPcap
2013-07-27 15:28 - 2013-03-18 19:41 - 00000000 ____D C:\Windows\Patches
2013-07-27 15:28 - 2011-12-28 23:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-27 15:28 - 2011-12-28 23:45 - 00000000 ____D C:\ProgramData\Skype
2013-07-27 15:26 - 2013-07-27 15:24 - 26660121 _____ C:\Users\Jeremy\Downloads\NetTools5.0.70.zip
2013-07-26 02:04 - 2013-07-26 02:04 - 10768507 _____ C:\Users\Jeremy\Downloads\BO2 Tool by Raz0rMind.rar
2013-07-25 23:38 - 2013-07-25 23:38 - 01488854 _____ C:\Users\Jeremy\Downloads\Black Ops II Real Time Editor 1.13 By EaZyMoDzHD.rar
2013-07-25 22:28 - 2013-07-25 22:27 - 14216280 _____ C:\Users\Jeremy\Downloads\ZOMBIE1.13_EBOOT.BIN
2013-07-25 22:27 - 2013-07-25 22:27 - 00000000 ____D C:\Users\Jeremy\Desktop\1111111
2013-07-25 22:25 - 2013-07-25 22:25 - 00000717 _____ C:\Users\Jeremy\Documents\HxD.ini
2013-07-25 22:15 - 2013-07-25 22:14 - 14216280 _____ C:\Users\Jeremy\Downloads\MP113BOII.BIN
2013-07-25 22:12 - 2013-07-25 22:12 - 19448119 _____ C:\Users\Jeremy\Downloads\FIXED BO2 1.13 RAWDOG RTE ZOMBIE TOOL.rar
2013-07-25 22:07 - 2013-07-25 22:07 - 00102400 _____ C:\Users\Jeremy\Downloads\(BLUS31011) B02 Paladin Camo Fix By [XxUnkn0wnxX].pkg
2013-07-25 21:35 - 2013-07-25 21:04 - 00000000 ____D C:\Users\Jeremy\Desktop\make_fself
2013-07-25 21:10 - 2013-07-25 21:10 - 01585515 _____ C:\Users\Jeremy\Downloads\Black OPS II RTM Tool [1.13] by i_iTop_i v1.1.rar
2013-07-25 21:06 - 2013-07-25 21:04 - 00000000 ____D C:\Users\Jeremy\Desktop\TrueAncestor SELF Resigner v1.85
2013-07-25 21:04 - 2013-07-25 21:04 - 00000000 ____D C:\Users\Jeremy\Desktop\BOII Zombies [1.13] xSOKNEYx v3.2
2013-07-25 21:03 - 2013-07-25 21:03 - 00722129 _____ C:\Users\Jeremy\Downloads\TrueAncestor SELF Resigner v1.85.zip
2013-07-25 21:03 - 2013-07-25 21:03 - 00088467 _____ C:\Users\Jeremy\Downloads\make_fself.rar
2013-07-25 20:58 - 2013-07-25 20:58 - 13734676 _____ C:\Users\Jeremy\Downloads\BOII113ELFS.rar
2013-07-25 20:56 - 2013-07-25 20:52 - 161438560 _____ C:\Users\Jeremy\Downloads\UP0002-BLUS31011_00-CODBLOPS2PATCH09-A0113-V0100-PE.pkg
2013-07-25 19:46 - 2013-07-25 19:46 - 00102400 _____ C:\Users\Jeremy\Downloads\(BLUS31011) Camo Pack 3 Fix By [XxUnkn0wnxX].pkg
2013-07-25 19:18 - 2013-07-25 19:18 - 02735451 _____ C:\Users\Jeremy\Downloads\BOII Zombies [1.13] xSOKNEYx v3.2.rar
2013-07-24 15:59 - 2013-03-26 19:34 - 02481836 _____ C:\Windows\SysWOW64\lanss_v102_lnsscomm.csv
2013-07-24 13:24 - 2010-09-10 07:08 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-24 00:07 - 2012-10-30 16:25 - 00000150 _____ C:\Users\Jeremy\Documents\Config.ini
2013-07-23 23:10 - 2013-07-22 22:17 - 00000632 __RSH C:\Users\Jeremy_x3\ntuser.pol
2013-07-23 23:10 - 2013-07-22 22:17 - 00000000 ____D C:\Users\Jeremy_x3
2013-07-23 23:00 - 2013-07-23 23:00 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Apple Computer
2013-07-23 22:49 - 2013-07-23 22:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-23 22:49 - 2013-07-23 21:28 - 00000000 ____D C:\Users\Jeremy\Desktop\mbar
2013-07-23 21:24 - 2013-07-23 21:24 - 13399154 _____ C:\Users\Jeremy\Downloads\mbar-1.06.0.1004.zip
2013-07-23 21:24 - 2013-07-23 21:24 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\WinRAR
2013-07-23 21:10 - 2013-07-23 21:10 - 01129552 _____ (BitTorrent Inc.) C:\Users\Jeremy\Downloads\utorrent.exe
2013-07-23 17:03 - 2013-04-01 17:02 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-23 14:50 - 2013-07-23 14:50 - 00000000 ____D C:\ProgramData\spotflux
2013-07-23 14:47 - 2013-07-23 14:46 - 06097256 _____ C:\Users\Jeremy\Downloads\spotflux-latestPC.exe
2013-07-23 13:48 - 2013-07-23 13:45 - 00000075 _____ C:\DiskDefrag.log
2013-07-23 13:44 - 2013-07-23 13:40 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Apple Computer
2013-07-23 13:40 - 2013-07-23 13:40 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-07-23 13:40 - 2013-07-23 13:40 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Apple Computer
2013-07-23 13:40 - 2013-07-23 13:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-23 13:40 - 2013-07-23 13:39 - 00000000 ____D C:\Program Files\iTunes
2013-07-23 13:40 - 2013-07-23 13:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-23 13:40 - 2011-11-06 12:07 - 00000000 ____D C:\Users\Jeremy\AppData\Local\TempDIR
2013-07-23 13:39 - 2013-07-23 13:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-23 13:39 - 2013-07-23 13:39 - 00000000 ____D C:\Program Files\iPod
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Apple
2013-07-23 13:22 - 2013-07-23 13:22 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-23 13:21 - 2013-07-23 13:21 - 00000000 ____D C:\Program Files\Bonjour
2013-07-23 13:21 - 2013-07-23 13:20 - 00000000 ____D C:\ProgramData\Apple
2013-07-23 13:21 - 2010-05-17 06:28 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-07-23 13:19 - 2013-07-23 13:19 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Malwarebytes
2013-07-23 13:08 - 2013-07-23 13:08 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivitizeVPN
2013-07-23 13:08 - 2013-07-23 13:08 - 00000000 ____D C:\Program Files (x86)\PrivitizeVPN
2013-07-23 13:07 - 2013-07-23 13:07 - 00893000 _____ (PrivitizeVPN) C:\Users\Jeremy\Downloads\privitize_secure.exe
2013-07-23 12:59 - 2013-07-23 12:59 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\QuickScan
2013-07-23 12:51 - 2011-12-28 23:45 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Skype
2013-07-23 12:32 - 2013-07-23 12:32 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-23 12:32 - 2013-07-23 07:40 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-23 12:31 - 2013-07-23 12:31 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-23 12:31 - 2013-07-23 12:31 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-23 12:31 - 2012-08-17 18:04 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Deployment
2013-07-23 12:29 - 2013-07-23 12:29 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Adobe
2013-07-23 11:23 - 2013-07-23 11:23 - 00001042 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-07-23 11:23 - 2013-07-11 02:07 - 00002634 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-07-23 11:22 - 2013-07-23 11:22 - 16285968 _____ C:\Users\Jeremy\Downloads\gu3setup.exe
2013-07-23 11:18 - 2013-07-23 11:18 - 35023512 _____ (Google Inc.) C:\Users\Jeremy\Downloads\ChromeStandaloneSetup.exe
2013-07-23 11:13 - 2009-12-25 11:28 - 00000000 ____D C:\Users\Jeremy
2013-07-23 11:07 - 2009-12-30 04:27 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Google
2013-07-23 11:00 - 2009-11-02 12:38 - 00002091 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-23 10:56 - 2013-07-23 10:56 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DiskDefrag
2013-07-23 10:46 - 2013-07-22 23:45 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\uTorrent
2013-07-23 09:36 - 2013-07-23 09:36 - 00003577 _____ C:\Users\Jeremy_x3\Desktop\attach.zip
2013-07-23 09:34 - 2013-07-23 09:34 - 00009273 _____ C:\Users\Jeremy_x3\Desktop\attach.txt
2013-07-23 09:33 - 2013-07-23 09:34 - 00019065 _____ C:\Users\Jeremy_x3\Desktop\dds.txt
2013-07-23 09:26 - 2013-07-23 09:26 - 00688992 ____R (Swearware) C:\Users\Jeremy_x3\Desktop\dds.com
2013-07-23 08:08 - 2013-07-23 08:08 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Malwarebytes
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-23 08:08 - 2013-07-23 08:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-23 07:57 - 2013-07-22 22:17 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\VirtualStore
2013-07-23 07:48 - 2013-07-23 07:48 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\WinRAR
2013-07-23 07:41 - 2013-07-23 07:40 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Google
2013-07-23 07:40 - 2013-07-23 07:40 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Deployment
2013-07-23 07:40 - 2013-07-23 07:40 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Apps\2.0
2013-07-23 06:21 - 2013-07-22 22:39 - 00000000 ___DC C:\Users\Jeremy_x3\AppData\Local\MigWiz
2013-07-23 06:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-07-23 00:48 - 2013-07-23 00:48 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Power2Go
2013-07-23 00:38 - 2013-07-23 00:38 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Asus WebStorage
2013-07-23 00:38 - 2013-07-22 22:18 - 00078776 _____ C:\Users\Jeremy_x3\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 00:38 - 2013-02-22 13:52 - 04895240 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-23 00:36 - 2013-02-22 13:47 - 00078776 _____ C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 00:05 - 2013-07-23 00:05 - 00002033 _____ C:\Users\Jeremy\Desktop\VIPRE Internet Security.lnk
2013-07-22 23:40 - 2009-11-02 11:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-22 23:39 - 2009-07-14 03:45 - 00000000 ____D C:\Windows\ShellNew
2013-07-22 23:38 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-22 23:33 - 2013-07-22 23:33 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\VS Revo Group
2013-07-22 23:21 - 2009-11-02 12:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-22 23:20 - 2013-07-22 23:17 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\Adobe
2013-07-22 23:15 - 2009-11-02 12:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 22:44 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-07-22 22:38 - 2013-07-22 22:38 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\GlarySoft
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\GFI Software
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Roaming\Adobe
2013-07-22 22:18 - 2013-07-22 22:18 - 00000000 ____D C:\Users\Jeremy_x3\AppData\Local\SRS Labs
2013-07-22 22:17 - 2013-07-22 22:17 - 00000020 ___SH C:\Users\Jeremy_x3\ntuser.ini
2013-07-22 22:14 - 2010-03-29 22:37 - 00000632 __RSH C:\Users\Jeremy\ntuser.pol
2013-07-22 22:11 - 2012-06-22 16:19 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-22 21:52 - 2013-07-22 21:52 - 00003558 _____ C:\Windows\System32\Tasks\{C1709A1B-B4F0-4CFB-B2B3-196F94D82F49}
2013-07-22 21:52 - 2010-04-17 16:36 - 00000000 ____D C:\Program Files (x86)\RealArcade
2013-07-22 20:27 - 2010-06-15 07:29 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-07-22 20:26 - 2012-01-20 08:18 - 00000258 __RSH C:\ProgramData\ntuser.pol
2013-07-22 17:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-22 15:32 - 2012-12-31 01:55 - 00000000 ____D C:\Program Files (x86)\DigiDNA
2013-07-22 14:57 - 2010-11-05 06:48 - 00775084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-22 14:10 - 2013-07-22 02:56 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-07-22 13:17 - 2013-07-22 13:17 - 00000385 _____ C:\Users\Jeremy\AppData\Roaminguser_gensett.xml
2013-07-22 03:36 - 2013-07-22 03:36 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-07-22 03:34 - 2013-07-11 02:35 - 00117024 _____ (Glarysoft Ltd) C:\Windows\SysWOW64\BootDefrag.exe
2013-07-22 03:34 - 2013-07-11 02:35 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-07-22 03:21 - 2013-07-22 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-07-21 20:56 - 2013-07-21 20:56 - 00000000 ____D C:\Users\Jeremy\Downloads\AutoKiller Memory Optimizer
2013-07-21 19:14 - 2013-07-21 19:14 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-21 19:09 - 2013-07-21 19:08 - 39637065 _____ C:\Users\Jeremy\Desktop\20130717_214725.mp4
2013-07-21 17:04 - 2013-07-21 17:04 - 00000043 _____ C:\Users\Jeremy\Desktop\RuneScape - Deadmaul x.txt
2013-07-21 17:00 - 2013-07-21 17:00 - 00000037 _____ C:\Users\Jeremy\Desktop\RuneScape - King Moore20.txt
2013-07-21 16:57 - 2013-07-21 16:57 - 00679098 _____ C:\Users\Jeremy\Desktop\RSBot-4068.jar
2013-07-21 16:56 - 2013-07-21 16:56 - 00000071 _____ C:\Users\Jeremy\Desktop\RuneScape - xP A R T Y Z.txt
2013-07-21 01:03 - 2013-07-20 20:48 - 00000000 ____D C:\Users\Jeremy\Downloads\Falskaar
2013-07-20 23:56 - 2013-07-20 23:56 - 01125464 _____ (BitTorrent Inc.) C:\Users\Jeremy\Downloads\BitTorrent.exe
2013-07-20 20:14 - 2013-07-20 20:14 - 00000000 ____D C:\Users\Jeremy\Data
2013-07-20 20:12 - 2013-07-20 20:12 - 00000000 ____D C:\Users\Jeremy\Documents\Nexus Mod Manager
2013-07-17 23:31 - 2012-12-27 16:31 - 00000000 ____D C:\Users\Jeremy\Desktop\allipod
2013-07-12 14:06 - 2013-07-12 14:05 - 28484163 _____ C:\Users\Jeremy\Desktop\sims3mods.rar
2013-07-12 13:07 - 2013-07-12 13:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-07-12 03:03 - 2013-07-12 03:00 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 02:26 - 2009-11-02 12:11 - 00000000 ____D C:\Windows\games
2013-07-11 02:22 - 2013-02-22 12:21 - 00000000 ____D C:\Windows\pss
2013-07-11 02:15 - 2011-10-04 20:07 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REFOG Keylogger
2013-07-11 02:11 - 2009-12-25 11:28 - 00000000 ___RD C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-11 02:10 - 2013-07-11 02:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-07-11 02:07 - 2013-07-11 02:07 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\GlarySoft
2013-07-11 02:05 - 2009-07-29 02:03 - 00000000 ____D C:\Windows\Panther
2013-07-09 22:05 - 2009-07-14 03:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-09 22:05 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-09 22:05 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-09 22:04 - 2013-03-15 19:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-09 22:04 - 2013-03-15 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-08 16:12 - 2013-07-08 16:12 - 00039104 _____ (Spotflux, Inc.) C:\Windows\system32\Drivers\tapSF0901.sys
2013-07-07 17:33 - 2013-02-22 11:29 - 00000000 ____D C:\Program Files\CCleaner
2013-07-07 17:20 - 2013-07-07 17:20 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 17:20 - 2013-07-07 17:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 17:20 - 2012-06-06 14:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 17:20 - 2011-02-21 13:17 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 17:19 - 2010-01-25 04:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 17:16 - 2013-07-07 17:17 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-07 17:16 - 2013-07-07 17:16 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-07 17:16 - 2013-07-07 17:00 - 00000000 ____D C:\Program Files\Java
2013-07-07 17:16 - 2011-12-28 13:54 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-07-07 17:16 - 2011-02-20 00:22 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-07 17:04 - 2013-07-07 16:32 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-07 16:43 - 2013-07-07 16:43 - 00000000 ____D C:\Program Files\VS Revo Group
2013-07-07 01:23 - 2013-04-03 01:22 - 00000418 _____ C:\Windows\SysWOW64\CountScans.XML
2013-07-06 23:36 - 2013-07-06 23:36 - 00000000 ____D C:\Program Files (x86)\OpenVPN Technologies
2013-07-03 15:41 - 2009-12-25 11:29 - 00000000 ___RD C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-06-30 15:25 - 2009-07-14 01:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-07-23 06:03
 
==================== End Of Log ============================

Attached Files


Edited by ZerkOnFire, 29 July 2013 - 01:28 AM.


#12 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 29 July 2013 - 05:26 AM

You could remove them through Chrome Manager Extension if you still see them after running the tools.

 

  • Download RogueKiller (by tigzy) on the desktop
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan. Once finished, click on Report

Please post the contents of the RKreport.txt in your next Reply.

===================================================

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

===================================================

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

===================================================

On your next reply please post :
RK report
Adwcleaner log
JRT log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#13 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 29 July 2013 - 11:31 AM

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jeremy [Admin rights]
Mode : Scan -- Date : 07/29/2013 12:30:31
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableCMD (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 7 ¤¤¤
[V2][SUSP PATH] {0C7787F9-FAA5-4CD6-B828-1B762CFF8D9D} : C:\Users\Jeremy\Desktop\Old Desktop Folders\MW2 Leaderboard Tool.exe [x] -> FOUND
[V2][SUSP PATH] {2F2608B3-42B0-4019-9C2D-C277F1315FFF} : "c:\users\jeremy\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar [x][x] -> FOUND
[V2][SUSP PATH] {378B2020-CB7F-4B08-8ED7-EB65C1646FB9} : "c:\users\jeremy\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar [x][x] -> FOUND
[V2][SUSP PATH] {72821919-1CA0-4736-A029-31274ECFEEF7} : C:\Users\Jeremy\Desktop\Old Desktop Folders\MW2 Leaderboard Tool.exe [x] -> FOUND
[V2][SUSP PATH] {A1E90720-1798-4669-A778-45A62A63D306} : C:\Users\Jeremy\Desktop\Old Desktop Folders\MW2 Leaderboard Tool.exe [x] -> FOUND
[V2][SUSP PATH] {A57F63A2-C11B-454E-AEE3-A0354B62EDE6} : "c:\users\jeremy\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar [x][x] -> FOUND
[V2][SUSP PATH] {E18971CF-4859-4D96-A00F-CDB5D313B40C} : "c:\users\jeremy\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar [x][x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] a3344f1acdb774c67638a91002841b9c
[BSP] ba7218981e13a587b0937e6cd93cfb0a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14998 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30717952 | Size: 461940 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_07292013_123031.txt >>
 
 
 
 

 

 

# AdwCleaner v2.306 - Logfile created 07/29/2013 at 12:36:39
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jeremy - JEREMY-PC
# Boot Mode : Normal
# Running from : C:\Users\Jeremy\Downloads\adwcleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Jeremy\AppData\Local\TempDir
Folder Deleted : C:\Users\Jeremy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jeremy\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Jeremy\AppData\LocalLow\jZip
Folder Deleted : C:\Users\Jeremy\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Jeremy\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Teytey?\AppData\LocalLow\Search Settings
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F3FD492-229D-471F-8461-452B1363279A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDEAF0AF-F8DC-4D36-A1B5-62EAF3AF19DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16635
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.72
 
File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Users\Jeremy_x3\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [6279 octets] - [29/07/2013 12:33:22]
AdwCleaner[S1].txt - [6352 octets] - [29/07/2013 12:36:39]
 
########## EOF - C:\AdwCleaner[S1].txt - [6412 octets] ##########
 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.7 (07.29.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jeremy on 29/07/2013 at 12:49:34.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasmancs
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/07/2013 at 12:53:39.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by ZerkOnFire, 29 July 2013 - 12:01 PM.


#14 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 29 July 2013 - 10:32 PM

Please try ComboFix again.


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#15 ZerkOnFire

ZerkOnFire
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 29 July 2013 - 11:25 PM

Finally appeared..

 

 

 

ComboFix 13-07-27.01 - Jeremy 30/07/2013   0:43.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.2339 [GMT -4:00]
Running from: c:\users\Jeremy\Downloads\ComboFix.exe
AV: GFI Software VIPRE *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
FW: GFI Software VIPRE *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
SP: GFI Software VIPRE *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\FullRemove.exe
c:\users\Jeremy\AppData\Roaming\.#
c:\users\Jeremy\AppData\Roaming\.#\MBX@4EC@2252770.###
c:\users\Jeremy\AppData\Roaming\.#\MBX@4EC@22527A0.###
c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\XSxS
.
.
(((((((((((((((((((((((((   Files Created from 2013-06-28 to 2013-07-30  )))))))))))))))))))))))))))))))
.
.
2013-07-30 04:51 . 2013-07-30 04:51 -------- d-----w- c:\users\TEYTEY~1\AppData\Local\temp
2013-07-30 04:51 . 2013-07-30 04:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-07-30 04:51 . 2013-07-30 04:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-30 01:36 . 2013-07-30 04:25 -------- d-----w- c:\users\Jeremy\AppData\Local\NETGEARGenie
2013-07-30 01:36 . 2013-07-30 01:36 -------- d-----w- c:\program files (x86)\NETGEAR Genie
2013-07-29 16:49 . 2013-07-29 16:49 -------- d-----w- c:\windows\ERUNT
2013-07-27 19:30 . 2013-07-27 19:30 -------- d-----w- c:\program files (x86)\WinPcap
2013-07-24 02:00 . 2013-07-24 02:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-23 18:50 . 2013-07-23 18:50 -------- d-----w- c:\programdata\spotflux
2013-07-23 17:48 . 2013-04-24 06:52 16640 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-07-23 17:40 . 2013-07-23 17:44 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Apple Computer
2013-07-23 17:40 . 2013-07-23 17:40 -------- d-----w- c:\users\Jeremy\AppData\Local\Apple Computer
2013-07-23 17:40 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-07-23 17:39 . 2013-07-23 17:39 -------- d-----w- c:\program files\iPod
2013-07-23 17:39 . 2013-07-23 17:40 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-23 17:39 . 2013-07-23 17:40 -------- d-----w- c:\program files\iTunes
2013-07-23 17:39 . 2013-07-23 17:40 -------- d-----w- c:\program files (x86)\iTunes
2013-07-23 17:39 . 2013-07-23 17:39 -------- d-----w- c:\programdata\Apple Computer
2013-07-23 17:22 . 2013-07-23 17:22 -------- d-----w- c:\users\Jeremy\AppData\Local\Apple
2013-07-23 17:22 . 2013-07-23 17:22 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-07-23 17:21 . 2013-07-23 17:21 -------- d-----w- c:\program files\Bonjour
2013-07-23 17:20 . 2013-07-23 17:21 -------- d-----w- c:\programdata\Apple
2013-07-23 17:19 . 2013-07-23 17:19 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Malwarebytes
2013-07-23 16:59 . 2013-07-23 16:59 -------- d-----w- c:\users\Jeremy\AppData\Roaming\QuickScan
2013-07-23 14:56 . 2013-07-23 14:56 -------- d-----w- c:\users\Jeremy\AppData\Roaming\DiskDefrag
2013-07-23 12:08 . 2013-07-23 12:08 -------- d-----w- c:\programdata\Malwarebytes
2013-07-23 12:08 . 2013-07-23 12:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-23 12:08 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-23 11:40 . 2013-07-23 16:32 -------- d-----w- c:\program files (x86)\Google
2013-07-23 02:17 . 2013-07-24 03:10 -------- d-----w- c:\users\Jeremy_x3
2013-07-22 18:51 . 2013-05-02 06:06 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-07-22 18:46 . 2013-07-15 07:34 9460976 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71FDCB9A-3DCF-486C-8D8B-84AD17943069}\mpengine.dll
2013-07-22 07:21 . 2007-04-11 15:11 511328 ----a-w- c:\windows\capicom.dll
2013-07-22 06:56 . 2013-07-22 18:10 -------- d-----w- c:\program files\Common Files\Bitdefender
2013-07-21 23:14 . 2013-07-21 23:14 -------- d-----w- c:\programdata\NVIDIA
2013-07-21 00:14 . 2013-07-21 00:14 -------- d-----w- c:\users\Jeremy\Data
2013-07-12 16:53 . 2010-11-03 03:56 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-07-12 16:53 . 2010-11-03 03:56 79680 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-07-12 16:53 . 2010-11-03 03:56 201280 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-07-12 16:53 . 2010-11-03 03:56 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-07-12 07:00 . 2013-07-12 07:03 -------- d-----w- c:\windows\system32\MRT
2013-07-11 06:35 . 2013-07-22 07:34 117024 ----a-w- c:\windows\SysWow64\BootDefrag.exe
2013-07-11 06:35 . 2013-07-22 07:34 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2013-07-11 06:35 . 2013-04-24 06:52 16640 ----a-w- c:\windows\SysWow64\drivers\BootDefragDriver.sys
2013-07-11 06:10 . 2013-07-11 06:10 -------- d-----w- c:\programdata\GlarySoft
2013-07-11 06:07 . 2013-07-11 06:07 -------- d-----w- c:\users\Jeremy\AppData\Roaming\GlarySoft
2013-07-11 06:07 . 2013-07-29 16:41 -------- d-----w- c:\program files (x86)\Glary Utilities 3
2013-07-10 01:25 . 2013-06-07 03:22 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-09 18:22 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-09 18:22 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-09 18:21 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-09 18:21 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-09 18:21 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-09 18:21 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-09 18:21 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-09 18:21 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 18:21 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-09 18:18 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-09 18:18 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-09 18:18 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-09 18:18 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-09 18:12 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-09 18:10 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-09 18:10 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-09 18:10 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 18:10 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-09 18:10 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-08 20:12 . 2013-07-08 20:12 39104 ----a-w- c:\windows\system32\drivers\tapSF0901.sys
2013-07-07 21:20 . 2013-07-07 21:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-07 21:20 . 2013-07-07 21:20 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-07 21:17 . 2013-07-07 21:16 312232 ----a-w- c:\windows\system32\javaws.exe
2013-07-07 21:16 . 2013-07-07 21:16 189352 ----a-w- c:\windows\system32\javaw.exe
2013-07-07 21:16 . 2013-07-07 21:16 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-07 21:16 . 2013-07-07 21:16 188840 ----a-w- c:\windows\system32\java.exe
2013-07-07 21:00 . 2013-07-07 21:16 -------- d-----w- c:\program files\Java
2013-07-07 20:43 . 2009-12-30 15:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2013-07-07 20:43 . 2013-07-07 20:43 -------- d-----w- c:\program files\VS Revo Group
2013-07-07 20:32 . 2013-07-07 21:04 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-07-07 03:36 . 2013-07-07 03:36 -------- d-----w- c:\program files (x86)\OpenVPN Technologies
2013-07-03 17:28 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-07-03 17:28 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-07-03 17:28 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-07-03 17:28 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-03 17:28 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-03 17:28 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-07-03 17:28 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-03 17:28 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-03 17:28 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-03 17:28 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-07-03 17:27 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-03 17:27 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-03 17:27 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-07-03 17:27 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-07-03 17:27 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-07-03 17:27 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-07-03 17:27 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-07-03 17:27 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-07-03 17:27 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-07-03 17:27 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-03 17:26 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-07-03 17:26 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-07-03 17:26 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-30 01:36 . 2010-06-25 17:07 96784 ----a-w- c:\windows\SysWow64\packet.dll
2013-07-30 01:36 . 2010-06-25 17:07 106000 ----a-w- c:\windows\system32\packet.dll
2013-07-30 01:36 . 2010-06-25 17:07 369168 ----a-w- c:\windows\system32\wpcap.dll
2013-07-30 01:36 . 2010-06-25 17:07 35344 ----a-w- c:\windows\system32\drivers\npf.sys
2013-07-30 01:36 . 2010-06-25 17:07 281104 ----a-w- c:\windows\SysWow64\wpcap.dll
2013-07-23 00:27 . 2010-06-15 11:29 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-07-07 21:20 . 2012-06-06 18:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-07 21:20 . 2011-02-21 17:17 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-07 21:16 . 2011-12-28 17:54 1093032 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-07 21:16 . 2011-02-20 04:22 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 04:57 . 2013-03-17 21:27 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-20 23:31 . 2013-06-20 23:31 34840 ----a-w- c:\windows\system32\drivers\cnnctfy3.sys
2013-06-20 21:48 . 2013-06-20 21:48 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2013-05-06 00:49 . 2013-05-06 00:44 1778032 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Glary Memory Optimizer"="c:\program files (x86)\Glary Utilities 3\memdefrag.exe" [2013-07-22 117536]
"NETGEARGenie"="c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" [2012-10-16 1041736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"SBAMTray"="c:\program files (x86)\GFI Software\VIPRE\SBAMTray.exe" [2012-10-30 3149704]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-11-2 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 20:30 272952 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 03:52 104936 ------w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFVA64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgcfltr;DGC Filter Driver;c:\windows\system32\DRIVERS\ACFDCP64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFDCP64.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys;c:\windows\SYSNATIVE\DRIVERS\easytthr.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver 10/05/2012 0.0.0.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\pnetmdm64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys;c:\windows\SYSNATIVE\DRIVERS\sbfwim.sys [x]
R3 SbHips;SbHips;c:\windows\system32\drivers\sbhips.sys;c:\windows\SYSNATIVE\drivers\sbhips.sys [x]
R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys;c:\windows\SYSNATIVE\DRIVERS\sbwtis.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SMServer;SMServer;c:\windows\SysWOW64\snmvtsvc.exe;c:\windows\SysWOW64\snmvtsvc.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x]
R3 tapSF0901;Spotflux Virtual Network Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys;c:\windows\SYSNATIVE\DRIVERS\tapSF0901.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 pfs_dokan;pfs_dokan;c:\windows\system32\DRIVERS\pfs_dokan.sys;c:\windows\SYSNATIVE\DRIVERS\pfs_dokan.sys [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys;c:\windows\SYSNATIVE\drivers\SbFw.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
S2 AcfXAudioService;AcfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [x]
S2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;c:\program files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe;c:\program files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SBAMSvc;VIPRE Internet Security;c:\program files (x86)\GFI Software\VIPRE\SBAMSvc.exe;c:\program files (x86)\GFI Software\VIPRE\SBAMSvc.exe [x]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
S2 SBPIMSvc;SB Recovery Service;c:\program files (x86)\GFI Software\VIPRE\SBPIMSvc.exe;c:\program files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [x]
S2 SCEFSMounter;SCE File System Driver;c:\program files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe;c:\program files (x86)\SCE\Common\File System Driver\bin\pfs_mounter.exe [x]
S3 DbusAudio;DbusAudio;c:\windows\system32\drivers\DbusAudio.sys;c:\windows\SYSNATIVE\drivers\DbusAudio.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys;c:\windows\SYSNATIVE\DRIVERS\SBFWIM.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NPF
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-23 16:32 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-29 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files (x86)\Glary Utilities 3\Initialize.exe [2013-07-22 07:32]
.
2013-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-23 16:31]
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-23 16:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
"SBRegRebootCleaner"="c:\program files (x86)\GFI Software\VIPRE\SBRC.exe" [2012-10-30 201608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: >> Download This Youtube Video - UnlockForUs - c:\users\Jeremy\AppData\Local\Temp\Rar$EX01.937\YoutubeFileHack\lawrence.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: cinemanow.com
TCP: DhcpNameServer = 8.8.8.8 209.55.27.13
TCP: Interfaces\{AFA18CC3-1100-4AFA-AC5A-097CBC6B6936}: NameServer = 127.0.0.1
TCP: Interfaces\{D5B5FABB-1F4C-4A3F-A380-37E0EF95AAD4}\B425638563: NameServer = 8.8.8.8,8.8.4.4
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\06\03\06\0c\1a/O"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-30  00:54:37
ComboFix-quarantined-files.txt  2013-07-30 04:54
.
Pre-Run: 67,129,294,848 bytes free
Post-Run: 66,815,733,760 bytes free
.
- - End Of File - - 5351B1325EDDF8B283F174B12DCC7FBC
5C616939100B85E558DA92B899A0FC36

Edited by ZerkOnFire, 29 July 2013 - 11:58 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users