Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pup.optional.installMonetizer detected by Malwarebytes keeps reloading


  • Please log in to reply
33 replies to this topic

#1 wpfast

wpfast

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 22 November 2013 - 02:30 AM

Hello, 

 

I have run Malwarebytes and it has detected Pup.optional.installMonetizer and even after removing and rebooting it is re-installing

 

I ran ESET scanner and it is picking up 2 viruses so far. Both are a variant of  Win32/Amonetize.W application

 

Any help is greatly appreciated!

 

wpfast 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 22 November 2013 - 03:44 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 23 November 2013 - 02:55 PM

Hi Marius,

 

Thank you for helping. Here are the 2 logs from Farbar Recovery Scan:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2013 03
Ran by Wells at 2013-11-23 13:50:45
Running from C:\Users\Wells\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

7-Zip 9.22beta (x32)
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Audio Creator LE (x32 Version: 1.0)
Auslogics BoostSpeed (x32 Version: 6.3.2.0)
Auslogics Disk Defrag (x32 Version: 3.5)
Bitdefender Antivirus Plus 2013 (Version: 16.16.0.1348)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.09)
CDBurnerXP (Version: 4.3.8.2523)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
DC-Bass Source 1.3.0 (x32)
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209)
DivX Setup (x32 Version: 2.6.1.8)
DownloadTerms (HKCU Version: 1.0)
ESET Online Scanner v3 (x32)
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0)
Glary Utilities 2.49.0.1600 (x32 Version: 2.49.0.1600)
GOM Player (x32 Version: 2.1.50.5145)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Haali Media Splitter (x32)
IE Java Block 32bit Shim
IE Java Block 64bit Shim
iTunes (Version: 11.1.2.31)
Java 7 Update 45 (x32 Version: 7.0.450)
K-Lite Codec Pack 7.1.0 (Full) (x32 Version: 7.1.0)
Lagarith Lossless Codec (1.3.27) (x32)
LAME v3.99.3 (for Windows) (x32)
LogMeIn (x32 Version: 4.0.966)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0)
Microsoft Office Converter Pack (x32 Version: 11.0.0.0)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MPC-HC 1.7.0 (x32 Version: 1.7.0.7858)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5)
RegHunter (Version: 1.2.2.1568)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Smart Defrag 2 (x32 Version: 2.8)
SpyHunter (Version: 4.13.6.4253)
SUPERAntiSpyware (Version: 5.6.1030)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Vensim PLE (x32)
VLC media player 2.1.1 (x32 Version: 2.1.1)
Window Washer (x32 Version: )
Windows 8 Codecs Pack 1.0.0 (Version: 1.0.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Xvid Video Codec (x32 Version: 1.3.2)

==================== Restore Points  =========================

17-11-2013 06:00:17 Windows Backup
19-11-2013 09:00:14 Windows Update
21-11-2013 07:27:08 Revo Uninstaller's restore point - Advanced SystemCare 6
21-11-2013 07:28:43 Revo Uninstaller's restore point - Advanced SystemCare 6
22-11-2013 17:19:20 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2013-09-08 22:31 - 00000279 ____A C:\Windows\system32\Drivers\etc\hosts
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09984755-38A2-4CC7-9E04-13F14FF78C16} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2012-09-11] (Glarysoft Ltd)
Task: {0F04521A-4227-4ACF-94F4-039DDF203E39} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1E69A44B-7645-43E6-B70E-D580D69A0F92} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-04-13] (Microsoft Corporation)
Task: {46B6BECF-68E1-4068-B174-8D612EE46833} - System32\Tasks\{6DD27E09-1028-4A4F-9948-F938BC20AA27} => C:\Program Files (x86)\XeroBank\xBBrowser.exe
Task: {68C9C8E2-B9CF-4B93-A1B2-04116DC1D07E} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Wells logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2013-10-17] (Auslogics)
Task: {A4CA1DDE-7762-4098-8C6C-35DF60A900B5} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {AC37F3E4-012A-4159-9012-1E15DB1E7718} - \PC Performer_UPDATES No Task File
Task: {AD76D978-A95A-4F56-B912-95DFA32BAD5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02] (Google Inc.)
Task: {B4F55620-4753-4293-BE76-A8A4096B496C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02] (Google Inc.)
Task: {BB6CB6FB-7E8C-46D6-BFCB-0E270E050DE2} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {BF4B16AE-E418-41E6-8C1B-A068E54CD4B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15] (Adobe Systems Incorporated)
Task: {C7B70F19-D567-4912-9A4D-0BC983FC9699} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {CB348FA9-0DBF-4DC1-8C3D-2702D0035E7C} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-20] (IObit)
Task: {D0187A42-584E-44B8-9DEC-5249F4AEF47E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D7BC3125-448F-4777-B13A-446210DBF8FC} - \DigitalSite No Task File
Task: {DEE1ED6E-33C4-44B5-8555-85A07E1EFB04} - \Scheduled Update for Ask Toolbar No Task File
Task: {DF45CF07-F25E-4E1E-BF39-45FE85A926AB} - \PC Performer_DEFAULT No Task File
Task: {E9EE2921-822F-4ACC-B862-84E9402E4A33} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {F19AF66A-5327-453C-85F0-C4E527C542D4} - \DSite No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater(4204).job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-27 07:30 - 2013-08-27 07:30 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-31 11:45 - 2011-04-20 09:11 - 00559244 _____ () C:\Program Files\Webroot\Washer\sqlite3.dll
2013-01-12 01:55 - 2012-12-09 19:46 - 00600868 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-08-28 18:25 - 2013-08-28 18:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-15 14:38 - 2013-10-17 13:30 - 00566016 _____ () C:\Program Files (x86)\Auslogics\BoostSpeed\sqlite3.dll
2013-02-22 12:11 - 2013-06-08 17:14 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
2013-11-15 14:18 - 2013-11-15 14:18 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2009-08-05 09:45 - 2009-08-05 09:45 - 00106312 _____ () C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLCTL.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Wells\Desktop\molecule.exe:BDU
AlternateDataStreams: C:\Users\Wells\Desktop\tdsskiller.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\asc-setup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\Firefox Setup 18.0.2.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\gusetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\iLividSetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\K-Lite_Codec_Pack_970_Basic.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\md6l-win-mp620-1_05-en.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\mseinstall.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\RegHunter-Installer.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\rkill.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\sdsetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\SUPERAntiSpyware.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\w8cpsetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\Windows-KB890830-V4.11.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49801609.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55010665.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59462446.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71621468.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77789312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93835946.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93979785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98262710.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49801609.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55010665.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59462446.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71621468.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77789312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93835946.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93979785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98262710.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/23/2013 01:39:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 01:41:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:31 AM) (Source: ESENT) (User: )
Description: taskhost (1272) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Wells\AppData\Local\Microsoft\Windows\WebCache\V01000B8.log.

Error: (11/22/2013 01:40:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:49:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:48:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/23/2013 01:38:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (11/23/2013 01:38:10 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.3.0 service failed to start due to the following error:
%%2

Error: (11/23/2013 01:37:48 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:37:43 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:37:43 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:36:42 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/22/2013 01:38:40 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (11/22/2013 01:38:36 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.3.0 service failed to start due to the following error:
%%2

Error: (11/22/2013 01:38:22 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/22/2013 01:38:15 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (11/23/2013 01:39:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 01:41:57 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:31 AM) (Source: ESENT)(User: )
Description: taskhost1272WebCacheLocal: C:\Users\Wells\AppData\Local\Microsoft\Windows\WebCache\V01000B8.log-1811

Error: (11/22/2013 01:40:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:49:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:48:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-01-29 22:24:29.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 22:11:35.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:49:54.338
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:35:55.629
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:11:16.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 17:32:29.200
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:22:30.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:06:55.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:48:32.758
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:38:40.346
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3839.11 MB
Available physical RAM: 2325.49 MB
Total Pagefile: 11337.29 MB
Available Pagefile: 9037.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:466.2 GB) (Free:411.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Backup) (Fixed) (Total:465.31 GB) (Free:0.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E4A390EA)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2013 03
Ran by Wells (administrator) on WELLS-PC on 23-11-2013 13:49:46
Running from C:\Users\Wells\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Webroot Software, Inc.) C:\Program Files\Webroot\Washer\WasherSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2008-08-11] (LogMeIn, Inc.)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1571072 2013-11-20] (Bitdefender)
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [404712 2013-01-04] (BillP Studios)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-12] (SUPERAntiSpyware)
HKCU\...\Run: [iLivid] - "C:\Users\Wells\AppData\Local\iLivid\iLivid.exe" -autorun
HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [404712 2013-01-04] (BillP Studios)
HKLM-x32\...\Run: [WsmUpdater] - C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
Lsa: [Notification Packages] msv1_0 scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://duckduckgo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 24.217.0.5 24.217.201.67 24.247.15.53

FireFox:
========
FF ProfilePath: C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865
FF Homepage: duckduckgo.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\searchplugins\safeguard-secure-search.xml
FF Extension: DoNotTrackMe - C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\Extensions\donottrackplus@abine.com
FF Extension: Adblock Plus - C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKCU\...\Firefox\Extensions: [{9A552862-E36C-11E1-8270-B8AC6F996F26}] - C:\Users\Wells\AppData\Local\{9A552862-E36C-11E1-8270-B8AC6F996F26}\
FF Extension: Mozilla Safe Browsing - C:\Users\Wells\AppData\Local\{9A552862-E36C-11E1-8270-B8AC6F996F26}\

Chrome:
=======
CHR RestoreOnStartup:       "urls_to_restore_on_startup": null
CHR DefaultSearchURL: (Delta Search) - http://www.google.com
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Google Wallet) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [375728 2012-12-22] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147888 2012-12-22] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-08-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-11-20] (Bitdefender)
R2 wwEngineSvc; C:\Program Files\Webroot\Washer\WasherSvc.exe [618896 2011-04-20] (Webroot Software, Inc.)
S2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-06] (AVAST Software)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-08-01] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-12-12] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-08-01] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-20] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [15928 2008-08-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-23 13:49 - 2013-11-23 13:50 - 00016802 _____ C:\Users\Wells\Downloads\FRST.txt
2013-11-23 13:49 - 2013-11-23 13:49 - 01958396 _____ (Farbar) C:\Users\Wells\Downloads\FRST64.exe
2013-11-23 13:49 - 2013-11-23 13:49 - 00000000 ____D C:\FRST
2013-11-23 13:38 - 2013-11-23 13:38 - 00000056 _____ C:\Windows\setupact.log
2013-11-23 13:38 - 2013-11-23 13:38 - 00000000 _____ C:\Windows\setuperr.log
2013-11-23 13:37 - 2013-11-23 13:37 - 00001324 _____ C:\Windows\PFRO.log
2013-11-22 01:34 - 2013-11-22 01:34 - 01085542 _____ C:\Users\Wells\Downloads\adwcleaner (1).exe
2013-11-22 00:57 - 2013-11-22 00:57 - 00002008 _____ C:\Users\Wells\Desktop\Continue installation - FlashPlayer.lnk
2013-11-22 00:39 - 2013-11-22 00:39 - 00002433 _____ C:\Users\Wells\Desktop\FSS.txt
2013-11-22 00:38 - 2013-11-22 00:38 - 04101441 _____ C:\Users\Wells\Downloads\tdsskiller.zip
2013-11-22 00:27 - 2013-11-20 07:53 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2013-11-19 03:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-19 03:02 - 2013-11-19 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-15 19:57 - 2013-11-15 19:57 - 02434048 _____ C:\Users\Wells\Downloads\msxml.msi
2013-11-15 19:57 - 2013-11-15 19:57 - 00000000 ____D C:\MSI67e91.tmp
2013-11-15 14:39 - 2013-11-15 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Auslogics
2013-11-15 14:39 - 2013-11-15 14:39 - 00000000 ____D C:\ProgramData\Auslogics
2013-11-15 14:38 - 2013-11-15 14:38 - 00001133 _____ C:\Users\Wells\Desktop\Auslogics BoostSpeed.lnk
2013-11-15 14:18 - 2013-11-15 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-12 22:00 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-12 22:00 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-12 22:00 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-12 22:00 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 22:00 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 22:00 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-12 22:00 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 22:00 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 22:00 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-12 22:00 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-12 22:00 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 22:00 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 22:00 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 22:00 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-12 22:00 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 22:00 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-12 22:00 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-12 22:00 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-12 22:00 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-12 22:00 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-12 22:00 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-12 22:00 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-12 22:00 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-12 22:00 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-12 22:00 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 22:00 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 22:00 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 22:00 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 22:00 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-12 22:00 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-10-25 02:16 - 2013-10-25 02:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files\iPod
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified Files and Folders =======

2013-11-23 13:50 - 2013-11-23 13:49 - 00016802 _____ C:\Users\Wells\Downloads\FRST.txt
2013-11-23 13:49 - 2013-11-23 13:49 - 01958396 _____ (Farbar) C:\Users\Wells\Downloads\FRST64.exe
2013-11-23 13:49 - 2013-11-23 13:49 - 00000000 ____D C:\FRST
2013-11-23 13:41 - 2013-09-26 21:38 - 01229360 _____ C:\Windows\WindowsUpdate.log
2013-11-23 13:39 - 2012-04-02 06:54 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-23 13:38 - 2013-11-23 13:38 - 00000056 _____ C:\Windows\setupact.log
2013-11-23 13:38 - 2013-11-23 13:38 - 00000000 _____ C:\Windows\setuperr.log
2013-11-23 13:38 - 2012-09-29 12:52 - 00000324 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-23 13:38 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-23 13:37 - 2013-11-23 13:37 - 00001324 _____ C:\Windows\PFRO.log
2013-11-23 13:35 - 2012-04-02 06:54 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-23 13:02 - 2012-04-11 23:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-22 16:17 - 2012-08-17 01:33 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-22 01:45 - 2009-07-13 22:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-22 01:45 - 2009-07-13 22:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-22 01:36 - 2013-08-21 22:31 - 00000000 ____D C:\AdwCleaner
2013-11-22 01:34 - 2013-11-22 01:34 - 01085542 _____ C:\Users\Wells\Downloads\adwcleaner (1).exe
2013-11-22 00:57 - 2013-11-22 00:57 - 00002008 _____ C:\Users\Wells\Desktop\Continue installation - FlashPlayer.lnk
2013-11-22 00:53 - 2009-07-13 23:13 - 00730358 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-22 00:39 - 2013-11-22 00:39 - 00002433 _____ C:\Users\Wells\Desktop\FSS.txt
2013-11-22 00:38 - 2013-11-22 00:38 - 04101441 _____ C:\Users\Wells\Downloads\tdsskiller.zip
2013-11-21 19:15 - 2011-06-11 22:13 - 00000000 ____D C:\Users\Wells\AppData\Local\CrashDumps
2013-11-20 07:53 - 2013-11-22 00:27 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2013-11-20 07:53 - 2013-11-20 07:53 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2013-11-20 07:53 - 2012-07-13 20:26 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-11-19 17:24 - 2011-04-20 13:55 - 00001373 _____ C:\Users\Wells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-19 03:59 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2013-11-19 03:20 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-19 03:16 - 2013-10-08 04:25 - 00000954 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-19 03:02 - 2013-11-19 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:02 - 2013-11-19 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:02 - 2013-11-19 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:02 - 2013-11-19 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:02 - 2013-11-19 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:02 - 2013-11-19 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:02 - 2013-11-19 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:02 - 2013-11-19 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-15 19:57 - 2013-11-15 19:57 - 02434048 _____ C:\Users\Wells\Downloads\msxml.msi
2013-11-15 19:57 - 2013-11-15 19:57 - 00000000 ____D C:\MSI67e91.tmp
2013-11-15 14:39 - 2013-11-15 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Auslogics
2013-11-15 14:39 - 2013-11-15 14:39 - 00000000 ____D C:\ProgramData\Auslogics
2013-11-15 14:38 - 2013-11-15 14:38 - 00001133 _____ C:\Users\Wells\Desktop\Auslogics BoostSpeed.lnk
2013-11-15 14:38 - 2012-12-12 12:32 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-11-15 14:30 - 2012-04-25 16:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-15 14:18 - 2013-11-15 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 01:10 - 2012-04-11 23:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-15 01:10 - 2012-04-11 23:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-15 01:10 - 2012-04-11 23:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 19:37 - 2013-04-20 18:53 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-13 03:03 - 2009-07-13 20:34 - 00000499 _____ C:\Windows\win.ini
2013-11-13 03:02 - 2013-08-16 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 03:00 - 2011-04-20 14:08 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 05:50 - 2010-11-20 21:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-10-25 02:16 - 2013-10-25 02:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files\iPod
2013-10-25 02:16 - 2013-10-25 02:16 - 00000000 ____D C:\Program Files (x86)\iTunes

Some content of TEMP:
====================
C:\Users\Wells\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Wells\AppData\Local\Temp\MybabylonTB.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 00:34

==================== End Of Log ============================

 

Not sure if it matters but Malwarebytes scan this morning also turned up evidence of PUP.optional.Bandoo in Quarantene from earlier scan.

 

Thanks again for helping.

 

wpfast



#4 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 23 November 2013 - 03:00 PM

TDS Killer log is here:

 

13:57:54.0154 0x1250  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:58:00.0813 0x1250  ============================================================
13:58:00.0813 0x1250  Current date / time: 2013/11/23 13:58:00.0813
13:58:00.0813 0x1250  SystemInfo:
13:58:00.0814 0x1250  
13:58:00.0814 0x1250  OS Version: 6.1.7601 ServicePack: 1.0
13:58:00.0814 0x1250  Product type: Workstation
13:58:00.0814 0x1250  ComputerName: WELLS-PC
13:58:00.0814 0x1250  UserName: Wells
13:58:00.0814 0x1250  Windows directory: C:\Windows
13:58:00.0814 0x1250  System windows directory: C:\Windows
13:58:00.0814 0x1250  Running under WOW64
13:58:00.0814 0x1250  Processor architecture: Intel x64
13:58:00.0814 0x1250  Number of processors: 4
13:58:00.0814 0x1250  Page size: 0x1000
13:58:00.0814 0x1250  Boot type: Normal boot
13:58:00.0814 0x1250  ============================================================
13:58:02.0470 0x1250  KLMD registered as C:\Windows\system32\drivers\02050601.sys
13:58:02.0610 0x1250  System UUID: {ED8C9A8C-9052-44D1-EEF5-F7EBB9787EAD}
13:58:03.0072 0x1250  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:58:03.0136 0x1250  ============================================================
13:58:03.0136 0x1250  \Device\Harddisk0\DR0:
13:58:03.0137 0x1250  MBR partitions:
13:58:03.0137 0x1250  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A4683BC
13:58:03.0151 0x1250  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A46843A, BlocksNum 0x3A29D587
13:58:03.0151 0x1250  ============================================================
13:58:03.0178 0x1250  C: <-> \Device\Harddisk0\DR0\Partition1
13:58:03.0205 0x1250  D: <-> \Device\Harddisk0\DR0\Partition2
13:58:03.0205 0x1250  ============================================================
13:58:03.0205 0x1250  Initialize success
13:58:03.0205 0x1250  ============================================================
13:58:07.0621 0x0ee8  ============================================================
13:58:07.0621 0x0ee8  Scan started
13:58:07.0621 0x0ee8  Mode: Manual;
13:58:07.0621 0x0ee8  ============================================================
13:58:07.0621 0x0ee8  KSN ping started
13:58:10.0306 0x0ee8  KSN ping finished: true
13:58:10.0854 0x0ee8  ================ Scan system memory ========================
13:58:10.0854 0x0ee8  System memory - ok
13:58:10.0855 0x0ee8  ================ Scan services =============================
13:58:10.0921 0x0ee8  [ ABDCD326E1DD1C62509ED94C278A7453, 51E2722C7D2588BE1C29A1680C988B9BE45433E147CCE285C3A918216418E44B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:58:10.0925 0x0ee8  !SASCORE - ok
13:58:11.0077 0x0ee8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:58:11.0083 0x0ee8  1394ohci - ok
13:58:11.0095 0x0ee8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:58:11.0103 0x0ee8  ACPI - ok
13:58:11.0117 0x0ee8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:58:11.0118 0x0ee8  AcpiPmi - ok
13:58:11.0172 0x0ee8  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:58:11.0174 0x0ee8  AdobeARMservice - ok
13:58:11.0288 0x0ee8  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:58:11.0296 0x0ee8  AdobeFlashPlayerUpdateSvc - ok
13:58:11.0326 0x0ee8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:58:11.0337 0x0ee8  adp94xx - ok
13:58:11.0360 0x0ee8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:58:11.0369 0x0ee8  adpahci - ok
13:58:11.0392 0x0ee8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:58:11.0396 0x0ee8  adpu320 - ok
13:58:11.0415 0x0ee8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:58:11.0417 0x0ee8  AeLookupSvc - ok
13:58:11.0454 0x0ee8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
13:58:11.0466 0x0ee8  AFD - ok
13:58:11.0479 0x0ee8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:58:11.0481 0x0ee8  agp440 - ok
13:58:11.0496 0x0ee8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:58:11.0498 0x0ee8  ALG - ok
13:58:11.0512 0x0ee8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:58:11.0513 0x0ee8  aliide - ok
13:58:11.0531 0x0ee8  [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:58:11.0536 0x0ee8  AMD External Events Utility - ok
13:58:11.0548 0x0ee8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:58:11.0549 0x0ee8  amdide - ok
13:58:11.0566 0x0ee8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:58:11.0568 0x0ee8  AmdK8 - ok
13:58:11.0838 0x0ee8  [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:58:12.0060 0x0ee8  amdkmdag - ok
13:58:12.0096 0x0ee8  [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:58:12.0103 0x0ee8  amdkmdap - ok
13:58:12.0120 0x0ee8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:58:12.0122 0x0ee8  AmdPPM - ok
13:58:12.0144 0x0ee8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:58:12.0147 0x0ee8  amdsata - ok
13:58:12.0161 0x0ee8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:58:12.0166 0x0ee8  amdsbs - ok
13:58:12.0184 0x0ee8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:58:12.0185 0x0ee8  amdxata - ok
13:58:12.0200 0x0ee8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:58:12.0201 0x0ee8  AppID - ok
13:58:12.0235 0x0ee8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:58:12.0236 0x0ee8  AppIDSvc - ok
13:58:12.0260 0x0ee8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:58:12.0263 0x0ee8  Appinfo - ok
13:58:12.0343 0x0ee8  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:58:12.0345 0x0ee8  Apple Mobile Device - ok
13:58:12.0373 0x0ee8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:58:12.0378 0x0ee8  AppMgmt - ok
13:58:12.0395 0x0ee8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:58:12.0397 0x0ee8  arc - ok
13:58:12.0411 0x0ee8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:58:12.0414 0x0ee8  arcsas - ok
13:58:12.0460 0x0ee8  [ 6E98BB288696777A3A8A07A52B0EAEE9, 13ABB05B0FCFA72A3F384D6DF5C4ED7ABC95823D03DF50100CD2C8D1C06F162E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:58:12.0480 0x0ee8  aswSnx - ok
13:58:12.0492 0x0ee8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:58:12.0493 0x0ee8  AsyncMac - ok
13:58:12.0517 0x0ee8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:58:12.0518 0x0ee8  atapi - ok
13:58:12.0776 0x0ee8  [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:58:12.0944 0x0ee8  atikmdag - ok
13:58:13.0003 0x0ee8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:58:13.0019 0x0ee8  AudioEndpointBuilder - ok
13:58:13.0038 0x0ee8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:58:13.0051 0x0ee8  AudioSrv - ok
13:58:13.0091 0x0ee8  [ E058520EEE9DAC4613D846596FF82D92, 0291075CA16ACB79F4989DE44D381F5742A2A3601F22C3600AE236D864E3370E ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
13:58:13.0109 0x0ee8  avc3 - ok
13:58:13.0132 0x0ee8  [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
13:58:13.0138 0x0ee8  avchv - ok
13:58:13.0163 0x0ee8  [ 62C4DB41DAEA0FC1F5CB103B023D1068, 8C04FDF08CB487A775C8970527AE8115D9CE538781C607F703EE49674C63BA56 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
13:58:13.0178 0x0ee8  avckf - ok
13:58:13.0189 0x0ee8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:58:13.0193 0x0ee8  AxInstSV - ok
13:58:13.0221 0x0ee8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:58:13.0233 0x0ee8  b06bdrv - ok
13:58:13.0250 0x0ee8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:58:13.0256 0x0ee8  b57nd60a - ok
13:58:13.0270 0x0ee8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:58:13.0283 0x0ee8  BDESVC - ok
13:58:13.0364 0x0ee8  [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
13:58:13.0366 0x0ee8  bdfwfpf - ok
13:58:13.0404 0x0ee8  [ B9ECE7FD9F58DAF19450C88338DC5267, 9857DFE0BDDEA791F2DDA99C24A064D488B52E4AC1402A37EF22C244C9283681 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
13:58:13.0406 0x0ee8  BDSandBox - ok
13:58:13.0423 0x0ee8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:58:13.0423 0x0ee8  Beep - ok
13:58:13.0449 0x0ee8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:58:13.0466 0x0ee8  BFE - ok
13:58:13.0513 0x0ee8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:58:13.0534 0x0ee8  BITS - ok
13:58:13.0544 0x0ee8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:58:13.0546 0x0ee8  blbdrive - ok
13:58:13.0602 0x0ee8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:58:13.0612 0x0ee8  Bonjour Service - ok
13:58:13.0635 0x0ee8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:58:13.0638 0x0ee8  bowser - ok
13:58:13.0649 0x0ee8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:58:13.0650 0x0ee8  BrFiltLo - ok
13:58:13.0664 0x0ee8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:58:13.0664 0x0ee8  BrFiltUp - ok
13:58:13.0677 0x0ee8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:58:13.0679 0x0ee8  BridgeMP - ok
13:58:13.0707 0x0ee8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:58:13.0711 0x0ee8  Browser - ok
13:58:13.0735 0x0ee8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:58:13.0742 0x0ee8  Brserid - ok
13:58:13.0754 0x0ee8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:58:13.0756 0x0ee8  BrSerWdm - ok
13:58:13.0769 0x0ee8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:58:13.0770 0x0ee8  BrUsbMdm - ok
13:58:13.0778 0x0ee8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:58:13.0779 0x0ee8  BrUsbSer - ok
13:58:13.0793 0x0ee8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:58:13.0795 0x0ee8  BTHMODEM - ok
13:58:13.0816 0x0ee8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:58:13.0818 0x0ee8  bthserv - ok
13:58:13.0832 0x0ee8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:58:13.0835 0x0ee8  cdfs - ok
13:58:13.0854 0x0ee8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:58:13.0858 0x0ee8  cdrom - ok
13:58:13.0872 0x0ee8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:58:13.0875 0x0ee8  CertPropSvc - ok
13:58:13.0890 0x0ee8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:58:13.0892 0x0ee8  circlass - ok
13:58:13.0920 0x0ee8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:58:13.0929 0x0ee8  CLFS - ok
13:58:13.0976 0x0ee8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:58:13.0978 0x0ee8  clr_optimization_v2.0.50727_32 - ok
13:58:14.0013 0x0ee8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:58:14.0015 0x0ee8  clr_optimization_v2.0.50727_64 - ok
13:58:14.0045 0x0ee8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:58:14.0048 0x0ee8  clr_optimization_v4.0.30319_32 - ok
13:58:14.0057 0x0ee8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:58:14.0060 0x0ee8  clr_optimization_v4.0.30319_64 - ok
13:58:14.0078 0x0ee8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:58:14.0079 0x0ee8  CmBatt - ok
13:58:14.0091 0x0ee8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:58:14.0092 0x0ee8  cmdide - ok
13:58:14.0125 0x0ee8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:58:14.0136 0x0ee8  CNG - ok
13:58:14.0150 0x0ee8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:58:14.0151 0x0ee8  Compbatt - ok
13:58:14.0162 0x0ee8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:58:14.0164 0x0ee8  CompositeBus - ok
13:58:14.0167 0x0ee8  COMSysApp - ok
13:58:14.0182 0x0ee8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:58:14.0183 0x0ee8  crcdisk - ok
13:58:14.0203 0x0ee8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:58:14.0208 0x0ee8  CryptSvc - ok
13:58:14.0248 0x0ee8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
13:58:14.0260 0x0ee8  CSC - ok
13:58:14.0285 0x0ee8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
13:58:14.0301 0x0ee8  CscService - ok
13:58:14.0323 0x0ee8  [ 7F61FBE259C18666D8DDF862F13A5EB0, 6CA5512DC4FD8B09053296709EE7015C54876CDEA403A3FFD37E0C525A8843E3 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
13:58:14.0324 0x0ee8  dc3d - ok
13:58:14.0355 0x0ee8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:58:14.0368 0x0ee8  DcomLaunch - ok
13:58:14.0397 0x0ee8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:58:14.0404 0x0ee8  defragsvc - ok
13:58:14.0418 0x0ee8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:58:14.0421 0x0ee8  DfsC - ok
13:58:14.0438 0x0ee8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:58:14.0445 0x0ee8  Dhcp - ok
13:58:14.0460 0x0ee8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:58:14.0461 0x0ee8  discache - ok
13:58:14.0472 0x0ee8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:58:14.0475 0x0ee8  Disk - ok
13:58:14.0496 0x0ee8  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:58:14.0498 0x0ee8  dmvsc - ok
13:58:14.0530 0x0ee8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:58:14.0535 0x0ee8  Dnscache - ok
13:58:14.0568 0x0ee8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:58:14.0574 0x0ee8  dot3svc - ok
13:58:14.0592 0x0ee8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:58:14.0596 0x0ee8  DPS - ok
13:58:14.0618 0x0ee8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:58:14.0619 0x0ee8  drmkaud - ok
13:58:14.0668 0x0ee8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:58:14.0691 0x0ee8  DXGKrnl - ok
13:58:14.0723 0x0ee8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:58:14.0727 0x0ee8  EapHost - ok
13:58:14.0827 0x0ee8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:58:14.0906 0x0ee8  ebdrv - ok
13:58:14.0954 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
13:58:14.0955 0x0ee8  EFS - ok
13:58:15.0016 0x0ee8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:58:15.0032 0x0ee8  ehRecvr - ok
13:58:15.0039 0x0ee8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:58:15.0042 0x0ee8  ehSched - ok
13:58:15.0074 0x0ee8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:58:15.0088 0x0ee8  elxstor - ok
13:58:15.0101 0x0ee8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:58:15.0102 0x0ee8  ErrDev - ok
13:58:15.0131 0x0ee8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:58:15.0141 0x0ee8  EventSystem - ok
13:58:15.0162 0x0ee8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:58:15.0166 0x0ee8  exfat - ok
13:58:15.0187 0x0ee8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:58:15.0192 0x0ee8  fastfat - ok
13:58:15.0237 0x0ee8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:58:15.0254 0x0ee8  Fax - ok
13:58:15.0263 0x0ee8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:58:15.0264 0x0ee8  fdc - ok
13:58:15.0271 0x0ee8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:58:15.0287 0x0ee8  fdPHost - ok
13:58:15.0307 0x0ee8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:58:15.0309 0x0ee8  FDResPub - ok
13:58:15.0317 0x0ee8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:58:15.0319 0x0ee8  FileInfo - ok
13:58:15.0323 0x0ee8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:58:15.0324 0x0ee8  Filetrace - ok
13:58:15.0339 0x0ee8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:58:15.0340 0x0ee8  flpydisk - ok
13:58:15.0354 0x0ee8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:58:15.0361 0x0ee8  FltMgr - ok
13:58:15.0404 0x0ee8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:58:15.0432 0x0ee8  FontCache - ok
13:58:15.0463 0x0ee8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:58:15.0465 0x0ee8  FontCache3.0.0.0 - ok
13:58:15.0479 0x0ee8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:58:15.0481 0x0ee8  FsDepends - ok
13:58:15.0505 0x0ee8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:58:15.0507 0x0ee8  Fs_Rec - ok
13:58:15.0529 0x0ee8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:58:15.0534 0x0ee8  fvevol - ok
13:58:15.0543 0x0ee8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:58:15.0545 0x0ee8  gagp30kx - ok
13:58:15.0577 0x0ee8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:58:15.0578 0x0ee8  GEARAspiWDM - ok
13:58:15.0611 0x0ee8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:58:15.0630 0x0ee8  gpsvc - ok
13:58:15.0658 0x0ee8  [ 2ED7FF3E1ADA4092632393781518B3A7, FDB82CF74BE31806A6BFFC9724E54A74F822DFB4E137EEA38209418BDBCDAAB6 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
13:58:15.0659 0x0ee8  grmnusb - ok
13:58:15.0717 0x0ee8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:15.0720 0x0ee8  gupdate - ok
13:58:15.0724 0x0ee8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:58:15.0726 0x0ee8  gupdatem - ok
13:58:15.0758 0x0ee8  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
13:58:15.0762 0x0ee8  gzflt - ok
13:58:15.0772 0x0ee8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:58:15.0774 0x0ee8  hcw85cir - ok
13:58:15.0790 0x0ee8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:58:15.0798 0x0ee8  HdAudAddService - ok
13:58:15.0818 0x0ee8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:58:15.0821 0x0ee8  HDAudBus - ok
13:58:15.0838 0x0ee8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:58:15.0839 0x0ee8  HidBatt - ok
13:58:15.0848 0x0ee8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:58:15.0851 0x0ee8  HidBth - ok
13:58:15.0867 0x0ee8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:58:15.0868 0x0ee8  HidIr - ok
13:58:15.0883 0x0ee8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:58:15.0885 0x0ee8  hidserv - ok
13:58:15.0912 0x0ee8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:58:15.0913 0x0ee8  HidUsb - ok
13:58:15.0945 0x0ee8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:58:15.0948 0x0ee8  hkmsvc - ok
13:58:15.0957 0x0ee8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:58:15.0963 0x0ee8  HomeGroupListener - ok
13:58:15.0995 0x0ee8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:58:16.0001 0x0ee8  HomeGroupProvider - ok
13:58:16.0018 0x0ee8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:58:16.0021 0x0ee8  HpSAMD - ok
13:58:16.0051 0x0ee8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:58:16.0069 0x0ee8  HTTP - ok
13:58:16.0081 0x0ee8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:58:16.0082 0x0ee8  hwpolicy - ok
13:58:16.0097 0x0ee8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:58:16.0100 0x0ee8  i8042prt - ok
13:58:16.0132 0x0ee8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:58:16.0142 0x0ee8  iaStorV - ok
13:58:16.0192 0x0ee8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:58:16.0213 0x0ee8  idsvc - ok
13:58:16.0225 0x0ee8  IEEtwCollectorService - ok
13:58:16.0242 0x0ee8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:58:16.0243 0x0ee8  iirsp - ok
13:58:16.0296 0x0ee8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:58:16.0317 0x0ee8  IKEEXT - ok
13:58:16.0379 0x0ee8  [ 24EA4E2F76E216CE70353736E3556585, 6906CAE337E4E149FD2056F787B39CA7CF0EAAEF14846B2A9C8741DAFD040468 ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
13:58:16.0387 0x0ee8  IMFservice - ok
13:58:16.0413 0x0ee8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:58:16.0414 0x0ee8  intelide - ok
13:58:16.0423 0x0ee8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:58:16.0425 0x0ee8  intelppm - ok
13:58:16.0444 0x0ee8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:58:16.0447 0x0ee8  IPBusEnum - ok
13:58:16.0465 0x0ee8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:58:16.0467 0x0ee8  IpFilterDriver - ok
13:58:16.0500 0x0ee8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:58:16.0514 0x0ee8  iphlpsvc - ok
13:58:16.0527 0x0ee8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:58:16.0529 0x0ee8  IPMIDRV - ok
13:58:16.0535 0x0ee8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:58:16.0538 0x0ee8  IPNAT - ok
13:58:16.0584 0x0ee8  [ 3CBF73052CE14F1455779FE501BCDA38, C762741F2FE38C27701579C39D8C3A4D83E887FF1AC9E7A49FF3209554B96AE1 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:58:16.0599 0x0ee8  iPod Service - ok
13:58:16.0611 0x0ee8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:58:16.0612 0x0ee8  IRENUM - ok
13:58:16.0627 0x0ee8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:58:16.0628 0x0ee8  isapnp - ok
13:58:16.0649 0x0ee8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:58:16.0656 0x0ee8  iScsiPrt - ok
13:58:16.0666 0x0ee8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:58:16.0668 0x0ee8  kbdclass - ok
13:58:16.0680 0x0ee8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:58:16.0682 0x0ee8  kbdhid - ok
13:58:16.0695 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
13:58:16.0696 0x0ee8  KeyIso - ok
13:58:16.0726 0x0ee8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:58:16.0729 0x0ee8  KSecDD - ok
13:58:16.0747 0x0ee8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:58:16.0751 0x0ee8  KSecPkg - ok
13:58:16.0759 0x0ee8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:58:16.0760 0x0ee8  ksthunk - ok
13:58:16.0789 0x0ee8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:58:16.0799 0x0ee8  KtmRm - ok
13:58:16.0828 0x0ee8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:58:16.0834 0x0ee8  LanmanServer - ok
13:58:16.0859 0x0ee8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:58:16.0864 0x0ee8  LanmanWorkstation - ok
13:58:16.0876 0x0ee8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:58:16.0877 0x0ee8  lltdio - ok
13:58:16.0907 0x0ee8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:58:16.0915 0x0ee8  lltdsvc - ok
13:58:16.0927 0x0ee8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:58:16.0929 0x0ee8  lmhosts - ok
13:58:16.0998 0x0ee8  [ 7109163D8027076D2680CFC4E80E2A28, D94421EE48517CD524D33A99AFAFFD5B985ED4FC4CEC84C6247FE15A78EA689B ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
13:58:17.0007 0x0ee8  LMIGuardianSvc - ok
13:58:17.0022 0x0ee8  [ 0317335B15FF3BDA8E10197E3434CFC0, C331978E63757DFE56C0D8DD7D943D651834218508304241F9BE8503BB00BEE9 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\rainfo.sys
13:58:17.0023 0x0ee8  LMIInfo - ok
13:58:17.0035 0x0ee8  [ 8054CE1FC8B417691960D00F931516A7, D5B590EF997A7522429423E5DB4279671BC277CB064A0FBB1AEE8B420FE39E04 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:58:17.0039 0x0ee8  LMIMaint - ok
13:58:17.0062 0x0ee8  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
13:58:17.0063 0x0ee8  lmimirr - ok
13:58:17.0066 0x0ee8  LMIRfsClientNP - ok
13:58:17.0088 0x0ee8  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
13:58:17.0090 0x0ee8  LMIRfsDriver - ok
13:58:17.0108 0x0ee8  [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:58:17.0122 0x0ee8  LogMeIn - ok
13:58:17.0136 0x0ee8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:58:17.0139 0x0ee8  LSI_FC - ok
13:58:17.0157 0x0ee8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:58:17.0160 0x0ee8  LSI_SAS - ok
13:58:17.0176 0x0ee8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:58:17.0178 0x0ee8  LSI_SAS2 - ok
13:58:17.0191 0x0ee8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:58:17.0194 0x0ee8  LSI_SCSI - ok
13:58:17.0217 0x0ee8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:58:17.0220 0x0ee8  luafv - ok
13:58:17.0224 0x0ee8  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:58:17.0225 0x0ee8  MBAMProtector - ok
13:58:17.0264 0x0ee8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:58:17.0274 0x0ee8  MBAMScheduler - ok
13:58:17.0299 0x0ee8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:58:17.0316 0x0ee8  MBAMService - ok
13:58:17.0336 0x0ee8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:58:17.0339 0x0ee8  Mcx2Svc - ok
13:58:17.0407 0x0ee8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:58:17.0418 0x0ee8  MDM - ok
13:58:17.0429 0x0ee8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:58:17.0430 0x0ee8  megasas - ok
13:58:17.0460 0x0ee8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:58:17.0467 0x0ee8  MegaSR - ok
13:58:17.0491 0x0ee8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:58:17.0494 0x0ee8  MMCSS - ok
13:58:17.0512 0x0ee8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:58:17.0514 0x0ee8  Modem - ok
13:58:17.0530 0x0ee8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:58:17.0531 0x0ee8  monitor - ok
13:58:17.0546 0x0ee8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:58:17.0547 0x0ee8  mouclass - ok
13:58:17.0554 0x0ee8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:58:17.0556 0x0ee8  mouhid - ok
13:58:17.0578 0x0ee8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:58:17.0581 0x0ee8  mountmgr - ok
13:58:17.0625 0x0ee8  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:58:17.0628 0x0ee8  MozillaMaintenance - ok
13:58:17.0640 0x0ee8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:58:17.0644 0x0ee8  mpio - ok
13:58:17.0649 0x0ee8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:58:17.0652 0x0ee8  mpsdrv - ok
13:58:17.0687 0x0ee8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:58:17.0707 0x0ee8  MpsSvc - ok
13:58:17.0729 0x0ee8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:58:17.0733 0x0ee8  MRxDAV - ok
13:58:17.0764 0x0ee8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:58:17.0768 0x0ee8  mrxsmb - ok
13:58:17.0797 0x0ee8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:58:17.0804 0x0ee8  mrxsmb10 - ok
13:58:17.0821 0x0ee8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:58:17.0825 0x0ee8  mrxsmb20 - ok
13:58:17.0839 0x0ee8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:58:17.0840 0x0ee8  msahci - ok
13:58:17.0853 0x0ee8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:58:17.0857 0x0ee8  msdsm - ok
13:58:17.0864 0x0ee8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:58:17.0868 0x0ee8  MSDTC - ok
13:58:17.0886 0x0ee8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:58:17.0887 0x0ee8  Msfs - ok
13:58:17.0897 0x0ee8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:58:17.0898 0x0ee8  mshidkmdf - ok
13:58:17.0907 0x0ee8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:58:17.0908 0x0ee8  msisadrv - ok
13:58:17.0936 0x0ee8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:58:17.0940 0x0ee8  MSiSCSI - ok
13:58:17.0944 0x0ee8  msiserver - ok
13:58:17.0963 0x0ee8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:58:17.0964 0x0ee8  MSKSSRV - ok
13:58:17.0973 0x0ee8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:58:17.0974 0x0ee8  MSPCLOCK - ok
13:58:17.0989 0x0ee8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:58:17.0990 0x0ee8  MSPQM - ok
13:58:18.0009 0x0ee8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:58:18.0018 0x0ee8  MsRPC - ok
13:58:18.0033 0x0ee8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:58:18.0035 0x0ee8  mssmbios - ok
13:58:18.0051 0x0ee8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:58:18.0052 0x0ee8  MSTEE - ok
13:58:18.0062 0x0ee8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:58:18.0064 0x0ee8  MTConfig - ok
13:58:18.0075 0x0ee8  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:58:18.0076 0x0ee8  MTsensor - ok
13:58:18.0090 0x0ee8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:58:18.0092 0x0ee8  Mup - ok
13:58:18.0119 0x0ee8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:58:18.0132 0x0ee8  napagent - ok
13:58:18.0154 0x0ee8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:58:18.0162 0x0ee8  NativeWifiP - ok
13:58:18.0216 0x0ee8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:58:18.0239 0x0ee8  NDIS - ok
13:58:18.0250 0x0ee8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:58:18.0251 0x0ee8  NdisCap - ok
13:58:18.0264 0x0ee8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:58:18.0265 0x0ee8  NdisTapi - ok
13:58:18.0277 0x0ee8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:58:18.0284 0x0ee8  Ndisuio - ok
13:58:18.0299 0x0ee8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:58:18.0303 0x0ee8  NdisWan - ok
13:58:18.0317 0x0ee8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:58:18.0319 0x0ee8  NDProxy - ok
13:58:18.0331 0x0ee8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:58:18.0333 0x0ee8  NetBIOS - ok
13:58:18.0342 0x0ee8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:58:18.0348 0x0ee8  NetBT - ok
13:58:18.0362 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
13:58:18.0363 0x0ee8  Netlogon - ok
13:58:18.0396 0x0ee8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:58:18.0405 0x0ee8  Netman - ok
13:58:18.0420 0x0ee8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:58:18.0433 0x0ee8  netprofm - ok
13:58:18.0459 0x0ee8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:58:18.0462 0x0ee8  NetTcpPortSharing - ok
13:58:18.0477 0x0ee8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:58:18.0479 0x0ee8  nfrd960 - ok
13:58:18.0513 0x0ee8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:58:18.0521 0x0ee8  NlaSvc - ok
13:58:18.0536 0x0ee8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:58:18.0537 0x0ee8  Npfs - ok
13:58:18.0560 0x0ee8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:58:18.0562 0x0ee8  nsi - ok
13:58:18.0575 0x0ee8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:58:18.0575 0x0ee8  nsiproxy - ok
13:58:18.0638 0x0ee8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:58:18.0677 0x0ee8  Ntfs - ok
13:58:18.0704 0x0ee8  [ 317020D31F1696334679B9D0416EB62E, 7A12A86FAD9F3767B8578D5A79B7AE109E3FADC8FD876A8A326FCC70D83D4E7E ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
13:58:18.0706 0x0ee8  NuidFltr - ok
13:58:18.0719 0x0ee8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:58:18.0720 0x0ee8  Null - ok
13:58:18.0733 0x0ee8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:58:18.0737 0x0ee8  nvraid - ok
13:58:18.0758 0x0ee8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:58:18.0762 0x0ee8  nvstor - ok
13:58:18.0776 0x0ee8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:58:18.0779 0x0ee8  nv_agp - ok
13:58:18.0807 0x0ee8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:58:18.0810 0x0ee8  ohci1394 - ok
13:58:18.0838 0x0ee8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:58:18.0840 0x0ee8  ose - ok
13:58:18.0873 0x0ee8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:58:18.0881 0x0ee8  p2pimsvc - ok
13:58:18.0904 0x0ee8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:58:18.0915 0x0ee8  p2psvc - ok
13:58:18.0931 0x0ee8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:58:18.0933 0x0ee8  Parport - ok
13:58:18.0963 0x0ee8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:58:18.0966 0x0ee8  partmgr - ok
13:58:18.0978 0x0ee8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:58:18.0983 0x0ee8  PcaSvc - ok
13:58:18.0991 0x0ee8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:58:18.0996 0x0ee8  pci - ok
13:58:19.0011 0x0ee8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:58:19.0013 0x0ee8  pciide - ok
13:58:19.0030 0x0ee8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:58:19.0036 0x0ee8  pcmcia - ok
13:58:19.0048 0x0ee8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:58:19.0050 0x0ee8  pcw - ok
13:58:19.0071 0x0ee8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:58:19.0087 0x0ee8  PEAUTH - ok
13:58:19.0148 0x0ee8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:58:19.0181 0x0ee8  PeerDistSvc - ok
13:58:19.0266 0x0ee8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:58:19.0271 0x0ee8  PerfHost - ok
13:58:19.0328 0x0ee8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:58:19.0362 0x0ee8  pla - ok
13:58:19.0401 0x0ee8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:58:19.0412 0x0ee8  PlugPlay - ok
13:58:19.0428 0x0ee8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:58:19.0430 0x0ee8  PNRPAutoReg - ok
13:58:19.0440 0x0ee8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:58:19.0446 0x0ee8  PNRPsvc - ok
13:58:19.0459 0x0ee8  [ 33328FA8A580885AB0065BE6DB266E9F, 645A1B1702ADB0D3F784B998CDF17524CC6C4891594AA075D538A0656BAE69B8 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
13:58:19.0461 0x0ee8  Point64 - ok
13:58:19.0491 0x0ee8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:58:19.0503 0x0ee8  PolicyAgent - ok
13:58:19.0528 0x0ee8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:58:19.0534 0x0ee8  Power - ok
13:58:19.0563 0x0ee8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:58:19.0566 0x0ee8  PptpMiniport - ok
13:58:19.0582 0x0ee8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:58:19.0584 0x0ee8  Processor - ok
13:58:19.0608 0x0ee8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:58:19.0614 0x0ee8  ProfSvc - ok
13:58:19.0631 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:58:19.0632 0x0ee8  ProtectedStorage - ok
13:58:19.0644 0x0ee8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:58:19.0647 0x0ee8  Psched - ok
13:58:19.0669 0x0ee8  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
13:58:19.0670 0x0ee8  PSI - ok
13:58:19.0726 0x0ee8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:58:19.0762 0x0ee8  ql2300 - ok
13:58:19.0780 0x0ee8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:58:19.0783 0x0ee8  ql40xx - ok
13:58:19.0806 0x0ee8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:58:19.0813 0x0ee8  QWAVE - ok
13:58:19.0823 0x0ee8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:58:19.0825 0x0ee8  QWAVEdrv - ok
13:58:19.0841 0x0ee8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:58:19.0842 0x0ee8  RasAcd - ok
13:58:19.0864 0x0ee8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:58:19.0866 0x0ee8  RasAgileVpn - ok
13:58:19.0881 0x0ee8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:58:19.0884 0x0ee8  RasAuto - ok
13:58:19.0891 0x0ee8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:58:19.0894 0x0ee8  Rasl2tp - ok
13:58:19.0911 0x0ee8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:58:19.0920 0x0ee8  RasMan - ok
13:58:19.0926 0x0ee8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:58:19.0928 0x0ee8  RasPppoe - ok
13:58:19.0934 0x0ee8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:58:19.0936 0x0ee8  RasSstp - ok
13:58:19.0952 0x0ee8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:58:19.0959 0x0ee8  rdbss - ok
13:58:19.0974 0x0ee8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:58:19.0975 0x0ee8  rdpbus - ok
13:58:19.0982 0x0ee8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:58:19.0982 0x0ee8  RDPCDD - ok
13:58:20.0002 0x0ee8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:58:20.0007 0x0ee8  RDPDR - ok
13:58:20.0010 0x0ee8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:58:20.0011 0x0ee8  RDPENCDD - ok
13:58:20.0026 0x0ee8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:58:20.0027 0x0ee8  RDPREFMP - ok
13:58:20.0053 0x0ee8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:58:20.0054 0x0ee8  RdpVideoMiniport - ok
13:58:20.0079 0x0ee8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:58:20.0084 0x0ee8  RDPWD - ok
13:58:20.0092 0x0ee8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:58:20.0099 0x0ee8  rdyboost - ok
13:58:20.0138 0x0ee8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:58:20.0142 0x0ee8  RemoteAccess - ok
13:58:20.0162 0x0ee8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:58:20.0167 0x0ee8  RemoteRegistry - ok
13:58:20.0198 0x0ee8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:58:20.0201 0x0ee8  RpcEptMapper - ok
13:58:20.0211 0x0ee8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:58:20.0212 0x0ee8  RpcLocator - ok
13:58:20.0234 0x0ee8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:58:20.0244 0x0ee8  RpcSs - ok
13:58:20.0250 0x0ee8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:58:20.0252 0x0ee8  rspndr - ok
13:58:20.0277 0x0ee8  [ 4FE1CEF69D36E913738234303986FBB3, 595002FD2B6D1545DE0FF7761DAA70776DA752E759D255A54A3A117AF02DE9B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:58:20.0287 0x0ee8  RTL8167 - ok
13:58:20.0312 0x0ee8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:58:20.0313 0x0ee8  s3cap - ok
13:58:20.0327 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
13:58:20.0329 0x0ee8  SamSs - ok
13:58:20.0377 0x0ee8  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:58:20.0378 0x0ee8  SASDIFSV - ok
13:58:20.0385 0x0ee8  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:58:20.0385 0x0ee8  SASKUTIL - ok
13:58:20.0402 0x0ee8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:58:20.0405 0x0ee8  sbp2port - ok
13:58:20.0408 0x0ee8  SBRE - ok
13:58:20.0425 0x0ee8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:58:20.0431 0x0ee8  SCardSvr - ok
13:58:20.0442 0x0ee8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:58:20.0443 0x0ee8  scfilter - ok
13:58:20.0483 0x0ee8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:58:20.0511 0x0ee8  Schedule - ok
13:58:20.0540 0x0ee8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:58:20.0541 0x0ee8  SCPolicySvc - ok
13:58:20.0555 0x0ee8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:58:20.0561 0x0ee8  SDRSVC - ok
13:58:20.0570 0x0ee8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:58:20.0571 0x0ee8  secdrv - ok
13:58:20.0593 0x0ee8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:58:20.0595 0x0ee8  seclogon - ok
13:58:20.0670 0x0ee8  [ 05E383849FA1FBBBC160612B0080618C, 43A33CC6BD24635EE849E89DB4391AB36292DDC0AC407E1B480B6E1DF7FC3BC5 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:58:20.0700 0x0ee8  Secunia PSI Agent - ok
13:58:20.0751 0x0ee8  [ F8173F1454F21C451439CB47EF75830A, CF87917CD061686CD956884D4ED73AA8C0B04B0B7B5BA36BAA4CC4A03C8C0263 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:58:20.0767 0x0ee8  Secunia Update Agent - ok
13:58:20.0779 0x0ee8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:58:20.0782 0x0ee8  SENS - ok
13:58:20.0797 0x0ee8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:58:20.0799 0x0ee8  SensrSvc - ok
13:58:20.0806 0x0ee8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:58:20.0807 0x0ee8  Serenum - ok
13:58:20.0821 0x0ee8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:58:20.0824 0x0ee8  Serial - ok
13:58:20.0840 0x0ee8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:58:20.0841 0x0ee8  sermouse - ok
13:58:20.0868 0x0ee8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:58:20.0872 0x0ee8  SessionEnv - ok
13:58:20.0880 0x0ee8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:58:20.0881 0x0ee8  sffdisk - ok
13:58:20.0895 0x0ee8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:58:20.0896 0x0ee8  sffp_mmc - ok
13:58:20.0915 0x0ee8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:58:20.0916 0x0ee8  sffp_sd - ok
13:58:20.0930 0x0ee8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:58:20.0931 0x0ee8  sfloppy - ok
13:58:20.0976 0x0ee8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:58:20.0985 0x0ee8  SharedAccess - ok
13:58:21.0019 0x0ee8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:58:21.0029 0x0ee8  ShellHWDetection - ok
13:58:21.0048 0x0ee8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:58:21.0050 0x0ee8  SiSRaid2 - ok
13:58:21.0068 0x0ee8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:58:21.0071 0x0ee8  SiSRaid4 - ok
13:58:21.0120 0x0ee8  [ DD0443BC6CC78A19FD399817F8C51401, 06D945DB1E2C45C01D9900A4C9A557269CCD7F0AD5F1864E31E03879BC4CDF7F ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:58:21.0121 0x0ee8  SmartDefragDriver - ok
13:58:21.0136 0x0ee8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:58:21.0138 0x0ee8  Smb - ok
13:58:21.0157 0x0ee8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:58:21.0159 0x0ee8  SNMPTRAP - ok
13:58:21.0170 0x0ee8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:58:21.0171 0x0ee8  spldr - ok
13:58:21.0206 0x0ee8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:58:21.0220 0x0ee8  Spooler - ok
13:58:21.0352 0x0ee8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:58:21.0434 0x0ee8  sppsvc - ok
13:58:21.0459 0x0ee8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:58:21.0462 0x0ee8  sppuinotify - ok
13:58:21.0498 0x0ee8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:58:21.0509 0x0ee8  srv - ok
13:58:21.0540 0x0ee8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:58:21.0550 0x0ee8  srv2 - ok
13:58:21.0558 0x0ee8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:58:21.0562 0x0ee8  srvnet - ok
13:58:21.0580 0x0ee8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:58:21.0586 0x0ee8  SSDPSRV - ok
13:58:21.0591 0x0ee8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:58:21.0594 0x0ee8  SstpSvc - ok
13:58:21.0616 0x0ee8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:58:21.0617 0x0ee8  stexstor - ok
13:58:21.0649 0x0ee8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:58:21.0665 0x0ee8  stisvc - ok
13:58:21.0687 0x0ee8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:58:21.0689 0x0ee8  storflt - ok
13:58:21.0710 0x0ee8  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
13:58:21.0712 0x0ee8  StorSvc - ok
13:58:21.0727 0x0ee8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:58:21.0729 0x0ee8  storvsc - ok
13:58:21.0742 0x0ee8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:58:21.0743 0x0ee8  swenum - ok
13:58:21.0764 0x0ee8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:58:21.0778 0x0ee8  swprv - ok
13:58:21.0834 0x0ee8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:58:21.0876 0x0ee8  SysMain - ok
13:58:21.0895 0x0ee8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:58:21.0899 0x0ee8  TabletInputService - ok
13:58:21.0910 0x0ee8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:58:21.0918 0x0ee8  TapiSrv - ok
13:58:21.0923 0x0ee8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:58:21.0926 0x0ee8  TBS - ok
13:58:21.0995 0x0ee8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:58:22.0041 0x0ee8  Tcpip - ok
13:58:22.0094 0x0ee8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:58:22.0128 0x0ee8  TCPIP6 - ok
13:58:22.0159 0x0ee8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:58:22.0160 0x0ee8  tcpipreg - ok
13:58:22.0174 0x0ee8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:58:22.0175 0x0ee8  TDPIPE - ok
13:58:22.0196 0x0ee8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:58:22.0198 0x0ee8  TDTCP - ok
13:58:22.0216 0x0ee8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:58:22.0219 0x0ee8  tdx - ok
13:58:22.0226 0x0ee8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:58:22.0228 0x0ee8  TermDD - ok
13:58:22.0255 0x0ee8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:58:22.0273 0x0ee8  TermService - ok
13:58:22.0287 0x0ee8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:58:22.0290 0x0ee8  Themes - ok
13:58:22.0309 0x0ee8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:58:22.0311 0x0ee8  THREADORDER - ok
13:58:22.0335 0x0ee8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:58:22.0339 0x0ee8  TrkWks - ok
13:58:22.0374 0x0ee8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:58:22.0379 0x0ee8  TrustedInstaller - ok
13:58:22.0401 0x0ee8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:58:22.0403 0x0ee8  tssecsrv - ok
13:58:22.0430 0x0ee8  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:58:22.0432 0x0ee8  TsUsbFlt - ok
13:58:22.0443 0x0ee8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:58:22.0444 0x0ee8  TsUsbGD - ok
13:58:22.0457 0x0ee8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:58:22.0461 0x0ee8  tunnel - ok
13:58:22.0472 0x0ee8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:58:22.0474 0x0ee8  uagp35 - ok
13:58:22.0502 0x0ee8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:58:22.0524 0x0ee8  udfs - ok
13:58:22.0551 0x0ee8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:58:22.0582 0x0ee8  UI0Detect - ok
13:58:22.0598 0x0ee8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:58:22.0600 0x0ee8  uliagpkx - ok
13:58:22.0609 0x0ee8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:58:22.0611 0x0ee8  umbus - ok
13:58:22.0625 0x0ee8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:58:22.0626 0x0ee8  UmPass - ok
13:58:22.0653 0x0ee8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:58:22.0659 0x0ee8  UmRdpService - ok
13:58:22.0717 0x0ee8  [ 745B247DFB4C2466B382AE4B2062EB02, A391BFC9A2AD02D2A23112F16FF3CE8E291CAAA93F7C91FB2B2C1A8E1853DA5F ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
13:58:22.0718 0x0ee8  UPDATESRV - ok
13:58:22.0735 0x0ee8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:58:22.0744 0x0ee8  upnphost - ok
13:58:22.0771 0x0ee8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:58:22.0773 0x0ee8  USBAAPL64 - ok
13:58:22.0801 0x0ee8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:58:22.0804 0x0ee8  usbaudio - ok
13:58:22.0825 0x0ee8  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:58:22.0828 0x0ee8  usbccgp - ok
13:58:22.0858 0x0ee8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:58:22.0861 0x0ee8  usbcir - ok
13:58:22.0877 0x0ee8  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:58:22.0879 0x0ee8  usbehci - ok
13:58:22.0890 0x0ee8  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:58:22.0899 0x0ee8  usbhub - ok
13:58:22.0903 0x0ee8  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:58:22.0905 0x0ee8  usbohci - ok
13:58:22.0918 0x0ee8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:58:22.0919 0x0ee8  usbprint - ok
13:58:22.0949 0x0ee8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
13:58:22.0951 0x0ee8  usbscan - ok
13:58:22.0980 0x0ee8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:58:22.0983 0x0ee8  USBSTOR - ok
13:58:22.0994 0x0ee8  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:58:22.0995 0x0ee8  usbuhci - ok
13:58:23.0008 0x0ee8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:58:23.0010 0x0ee8  UxSms - ok
13:58:23.0022 0x0ee8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
13:58:23.0024 0x0ee8  VaultSvc - ok
13:58:23.0031 0x0ee8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:58:23.0033 0x0ee8  vdrvroot - ok
13:58:23.0054 0x0ee8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:58:23.0069 0x0ee8  vds - ok
13:58:23.0084 0x0ee8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:58:23.0085 0x0ee8  vga - ok
13:58:23.0119 0x0ee8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:58:23.0121 0x0ee8  VgaSave - ok
13:58:23.0142 0x0ee8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:58:23.0147 0x0ee8  vhdmp - ok
13:58:23.0167 0x0ee8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:58:23.0168 0x0ee8  viaide - ok
13:58:23.0193 0x0ee8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:58:23.0199 0x0ee8  vmbus - ok
13:58:23.0209 0x0ee8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:58:23.0210 0x0ee8  VMBusHID - ok
13:58:23.0229 0x0ee8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:58:23.0231 0x0ee8  volmgr - ok
13:58:23.0243 0x0ee8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:58:23.0252 0x0ee8  volmgrx - ok
13:58:23.0272 0x0ee8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:58:23.0277 0x0ee8  volsnap - ok
13:58:23.0291 0x0ee8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:58:23.0296 0x0ee8  vsmraid - ok
13:58:23.0358 0x0ee8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:58:23.0397 0x0ee8  VSS - ok
13:58:23.0467 0x0ee8  [ F16A970479C4747EC6E5DA793E4D63EC, B8FAFBF2EF19DCE3583EFD6D3F1FB5310DF548F9D9E7F9440F4A96638D28173A ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
13:58:23.0497 0x0ee8  VSSERV - ok
13:58:23.0503 0x0ee8  vToolbarUpdater15.3.0 - ok
13:58:23.0521 0x0ee8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:58:23.0522 0x0ee8  vwifibus - ok
13:58:23.0534 0x0ee8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:58:23.0544 0x0ee8  W32Time - ok
13:58:23.0561 0x0ee8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:58:23.0562 0x0ee8  WacomPen - ok
13:58:23.0567 0x0ee8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:58:23.0570 0x0ee8  WANARP - ok
13:58:23.0574 0x0ee8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:58:23.0576 0x0ee8  Wanarpv6 - ok
13:58:23.0634 0x0ee8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:58:23.0664 0x0ee8  WatAdminSvc - ok
13:58:23.0715 0x0ee8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:58:23.0752 0x0ee8  wbengine - ok
13:58:23.0764 0x0ee8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:58:23.0770 0x0ee8  WbioSrvc - ok
13:58:23.0782 0x0ee8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:58:23.0791 0x0ee8  wcncsvc - ok
13:58:23.0803 0x0ee8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:58:23.0806 0x0ee8  WcsPlugInService - ok
13:58:23.0823 0x0ee8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:58:23.0824 0x0ee8  Wd - ok
13:58:23.0869 0x0ee8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:58:23.0887 0x0ee8  Wdf01000 - ok
13:58:23.0894 0x0ee8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:58:23.0898 0x0ee8  WdiServiceHost - ok
13:58:23.0902 0x0ee8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:58:23.0905 0x0ee8  WdiSystemHost - ok
13:58:23.0941 0x0ee8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:58:23.0949 0x0ee8  WebClient - ok
13:58:23.0958 0x0ee8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:58:23.0965 0x0ee8  Wecsvc - ok
13:58:23.0975 0x0ee8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:58:23.0978 0x0ee8  wercplsupport - ok
13:58:23.0983 0x0ee8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:58:23.0986 0x0ee8  WerSvc - ok
13:58:23.0993 0x0ee8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:58:23.0994 0x0ee8  WfpLwf - ok
13:58:24.0015 0x0ee8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:58:24.0016 0x0ee8  WIMMount - ok
13:58:24.0031 0x0ee8  WinDefend - ok
13:58:24.0035 0x0ee8  WinHttpAutoProxySvc - ok
13:58:24.0087 0x0ee8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:58:24.0093 0x0ee8  Winmgmt - ok
13:58:24.0162 0x0ee8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:58:24.0210 0x0ee8  WinRM - ok
13:58:24.0252 0x0ee8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:58:24.0274 0x0ee8  Wlansvc - ok
13:58:24.0286 0x0ee8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:58:24.0287 0x0ee8  WmiAcpi - ok
13:58:24.0305 0x0ee8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:58:24.0310 0x0ee8  wmiApSrv - ok
13:58:24.0320 0x0ee8  WMPNetworkSvc - ok
13:58:24.0331 0x0ee8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:58:24.0333 0x0ee8  WPCSvc - ok
13:58:24.0348 0x0ee8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:58:24.0352 0x0ee8  WPDBusEnum - ok
13:58:24.0367 0x0ee8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:58:24.0367 0x0ee8  ws2ifsl - ok
13:58:24.0376 0x0ee8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:58:24.0380 0x0ee8  wscsvc - ok
13:58:24.0383 0x0ee8  WSearch - ok
13:58:24.0467 0x0ee8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:58:24.0526 0x0ee8  wuauserv - ok
13:58:24.0562 0x0ee8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:58:24.0565 0x0ee8  WudfPf - ok
13:58:24.0585 0x0ee8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:58:24.0590 0x0ee8  WUDFRd - ok
13:58:24.0607 0x0ee8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:58:24.0610 0x0ee8  wudfsvc - ok
13:58:24.0644 0x0ee8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:58:24.0651 0x0ee8  WwanSvc - ok
13:58:24.0713 0x0ee8  [ D42B153CD9AC1237B7FAC8BA24E1A7E4, 304ED148A2ABD530EE3E01E3D4D17024B9C54779C6F61CD5B0515985CC83027F ] wwEngineSvc     C:\Program Files\Webroot\Washer\WasherSvc.exe
13:58:24.0729 0x0ee8  wwEngineSvc - ok
13:58:24.0736 0x0ee8  ================ Scan global ===============================
13:58:24.0784 0x0ee8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:58:24.0815 0x0ee8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:58:24.0828 0x0ee8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:58:24.0850 0x0ee8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:58:24.0875 0x0ee8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:58:24.0882 0x0ee8  [ Global ] - ok
13:58:24.0882 0x0ee8  ================ Scan MBR ==================================
13:58:24.0892 0x0ee8  [ 043CE75BFCD7A71B1B2C082F207DEAA9 ] \Device\Harddisk0\DR0
13:58:25.0247 0x0ee8  \Device\Harddisk0\DR0 - ok
13:58:25.0248 0x0ee8  ================ Scan VBR ==================================
13:58:25.0250 0x0ee8  [ 90DE6FBACC42FC216D13B9EB44E91668 ] \Device\Harddisk0\DR0\Partition1
13:58:25.0255 0x0ee8  \Device\Harddisk0\DR0\Partition1 - ok
13:58:25.0272 0x0ee8  [ 066CDB6B065CABC535E90F8A47C5740B ] \Device\Harddisk0\DR0\Partition2
13:58:25.0305 0x0ee8  \Device\Harddisk0\DR0\Partition2 - ok
13:58:25.0306 0x0ee8  Waiting for KSN requests completion. In queue: 345
13:58:26.0306 0x0ee8  Waiting for KSN requests completion. In queue: 345
13:58:27.0306 0x0ee8  Waiting for KSN requests completion. In queue: 38
13:58:28.0341 0x0ee8  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x41000 ( enabled : updated )
13:58:28.0342 0x0ee8  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x40010 ( disabled )
13:58:28.0364 0x0ee8  Win FW state via NFP2: enabled
13:58:31.0129 0x0ee8  ============================================================
13:58:31.0129 0x0ee8  Scan finished
13:58:31.0129 0x0ee8  ============================================================
13:58:31.0136 0x11e0  Detected object count: 0
13:58:31.0136 0x11e0  Actual detected object count: 0
 

wpfast



#5 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 24 November 2013 - 11:36 PM

Marius,

 

I thought I posted this log earlier but it looks like I may've overlooked posting it.

 

Sorry if I did.

 

wpfast

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2013 03
Ran by Wells at 2013-11-23 13:50:45
Running from C:\Users\Wells\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

7-Zip 9.22beta (x32)
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Audio Creator LE (x32 Version: 1.0)
Auslogics BoostSpeed (x32 Version: 6.3.2.0)
Auslogics Disk Defrag (x32 Version: 3.5)
Bitdefender Antivirus Plus 2013 (Version: 16.16.0.1348)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.09)
CDBurnerXP (Version: 4.3.8.2523)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
DC-Bass Source 1.3.0 (x32)
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209)
DivX Setup (x32 Version: 2.6.1.8)
DownloadTerms (HKCU Version: 1.0)
ESET Online Scanner v3 (x32)
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0)
Glary Utilities 2.49.0.1600 (x32 Version: 2.49.0.1600)
GOM Player (x32 Version: 2.1.50.5145)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Haali Media Splitter (x32)
IE Java Block 32bit Shim
IE Java Block 64bit Shim
iTunes (Version: 11.1.2.31)
Java 7 Update 45 (x32 Version: 7.0.450)
K-Lite Codec Pack 7.1.0 (Full) (x32 Version: 7.1.0)
Lagarith Lossless Codec (1.3.27) (x32)
LAME v3.99.3 (for Windows) (x32)
LogMeIn (x32 Version: 4.0.966)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0)
Microsoft Office Converter Pack (x32 Version: 11.0.0.0)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MPC-HC 1.7.0 (x32 Version: 1.7.0.7858)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5)
RegHunter (Version: 1.2.2.1568)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Smart Defrag 2 (x32 Version: 2.8)
SpyHunter (Version: 4.13.6.4253)
SUPERAntiSpyware (Version: 5.6.1030)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Vensim PLE (x32)
VLC media player 2.1.1 (x32 Version: 2.1.1)
Window Washer (x32 Version: )
Windows 8 Codecs Pack 1.0.0 (Version: 1.0.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Xvid Video Codec (x32 Version: 1.3.2)

==================== Restore Points  =========================

17-11-2013 06:00:17 Windows Backup
19-11-2013 09:00:14 Windows Update
21-11-2013 07:27:08 Revo Uninstaller's restore point - Advanced SystemCare 6
21-11-2013 07:28:43 Revo Uninstaller's restore point - Advanced SystemCare 6
22-11-2013 17:19:20 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2013-09-08 22:31 - 00000279 ____A C:\Windows\system32\Drivers\etc\hosts
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09984755-38A2-4CC7-9E04-13F14FF78C16} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2012-09-11] (Glarysoft Ltd)
Task: {0F04521A-4227-4ACF-94F4-039DDF203E39} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-04-13] (Microsoft Corporation)
Task: {1E69A44B-7645-43E6-B70E-D580D69A0F92} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-04-13] (Microsoft Corporation)
Task: {46B6BECF-68E1-4068-B174-8D612EE46833} - System32\Tasks\{6DD27E09-1028-4A4F-9948-F938BC20AA27} => C:\Program Files (x86)\XeroBank\xBBrowser.exe
Task: {68C9C8E2-B9CF-4B93-A1B2-04116DC1D07E} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Wells logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2013-10-17] (Auslogics)
Task: {A4CA1DDE-7762-4098-8C6C-35DF60A900B5} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {AC37F3E4-012A-4159-9012-1E15DB1E7718} - \PC Performer_UPDATES No Task File
Task: {AD76D978-A95A-4F56-B912-95DFA32BAD5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02] (Google Inc.)
Task: {B4F55620-4753-4293-BE76-A8A4096B496C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02] (Google Inc.)
Task: {BB6CB6FB-7E8C-46D6-BFCB-0E270E050DE2} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {BF4B16AE-E418-41E6-8C1B-A068E54CD4B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15] (Adobe Systems Incorporated)
Task: {C7B70F19-D567-4912-9A4D-0BC983FC9699} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {CB348FA9-0DBF-4DC1-8C3D-2702D0035E7C} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-20] (IObit)
Task: {D0187A42-584E-44B8-9DEC-5249F4AEF47E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D7BC3125-448F-4777-B13A-446210DBF8FC} - \DigitalSite No Task File
Task: {DEE1ED6E-33C4-44B5-8555-85A07E1EFB04} - \Scheduled Update for Ask Toolbar No Task File
Task: {DF45CF07-F25E-4E1E-BF39-45FE85A926AB} - \PC Performer_DEFAULT No Task File
Task: {E9EE2921-822F-4ACC-B862-84E9402E4A33} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {F19AF66A-5327-453C-85F0-C4E527C542D4} - \DSite No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater(4204).job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-27 07:30 - 2013-08-27 07:30 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-31 11:45 - 2011-04-20 09:11 - 00559244 _____ () C:\Program Files\Webroot\Washer\sqlite3.dll
2013-01-12 01:55 - 2012-12-09 19:46 - 00600868 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-08-28 18:25 - 2013-08-28 18:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-15 14:38 - 2013-10-17 13:30 - 00566016 _____ () C:\Program Files (x86)\Auslogics\BoostSpeed\sqlite3.dll
2013-02-22 12:11 - 2013-06-08 17:14 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
2013-11-15 14:18 - 2013-11-15 14:18 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2009-08-05 09:45 - 2009-08-05 09:45 - 00106312 _____ () C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLCTL.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Wells\Desktop\molecule.exe:BDU
AlternateDataStreams: C:\Users\Wells\Desktop\tdsskiller.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\asc-setup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\Firefox Setup 18.0.2.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\gusetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\iLividSetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\K-Lite_Codec_Pack_970_Basic.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\md6l-win-mp620-1_05-en.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\mseinstall.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\RegHunter-Installer.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\rkill.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\sdsetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\SUPERAntiSpyware.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\w8cpsetup.exe:BDU
AlternateDataStreams: C:\Users\Wells\Downloads\Windows-KB890830-V4.11.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49801609.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55010665.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59462446.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71621468.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77789312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93835946.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93979785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98262710.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49801609.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55010665.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59462446.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71621468.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77789312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93835946.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93979785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98262710.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/23/2013 01:39:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 01:41:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 01:41:31 AM) (Source: ESENT) (User: )
Description: taskhost (1272) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Wells\AppData\Local\Microsoft\Windows\WebCache\V01000B8.log.

Error: (11/22/2013 01:40:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:49:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:48:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/23/2013 01:38:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (11/23/2013 01:38:10 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.3.0 service failed to start due to the following error:
%%2

Error: (11/23/2013 01:37:48 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:37:43 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:37:43 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/23/2013 01:36:42 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/22/2013 01:38:40 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
SBRE

Error: (11/22/2013 01:38:36 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater15.3.0 service failed to start due to the following error:
%%2

Error: (11/22/2013 01:38:22 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (11/22/2013 01:38:15 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (11/23/2013 01:39:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 01:41:57 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 01:41:31 AM) (Source: ESENT)(User: )
Description: taskhost1272WebCacheLocal: C:\Users\Wells\AppData\Local\Microsoft\Windows\WebCache\V01000B8.log-1811

Error: (11/22/2013 01:40:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:49:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 00:48:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (11/22/2013 00:48:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-01-29 22:24:29.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 22:11:35.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:49:54.338
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:35:55.629
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 21:11:16.293
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 17:32:29.200
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:22:30.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 16:06:55.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:48:32.758
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-29 15:38:40.346
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_026\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3839.11 MB
Available physical RAM: 2325.49 MB
Total Pagefile: 11337.29 MB
Available Pagefile: 9037.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:466.2 GB) (Free:411.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Backup) (Fixed) (Total:465.31 GB) (Free:0.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E4A390EA)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=OF Extended)

==================== End Of Log ============================



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 25 November 2013 - 03:42 AM

Fix with FRST (normal mode)

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    HKCU\...\Run: [iLivid] - "C:\Users\Wells\AppData\Local\iLivid\iLivid.exe" -autorun
    FF HKCU\...\Firefox\Extensions: [{9A552862-E36C-11E1-8270-B8AC6F996F26}] - C:\Users\Wells\AppData\Local\{9A552862-E36C-11E1-8270-B8AC6F996F26}\
    FF Extension: Mozilla Safe Browsing - C:\Users\Wells\AppData\Local\{9A552862-E36C-11E1-8270-B8AC6F996F26}\
    CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
    CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
    CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
    CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx
    CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    
    AlternateDataStreams: C:\Users\Wells\Desktop\molecule.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Desktop\tdsskiller.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\asc-setup.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\Firefox Setup 18.0.2.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\gusetup.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\iLividSetup.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\K-Lite_Codec_Pack_970_Basic.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\md6l-win-mp620-1_05-en.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\mseinstall.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\RegHunter-Installer.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\rkill.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\sdsetup.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\SUPERAntiSpyware.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\w8cpsetup.exe:BDU
    AlternateDataStreams: C:\Users\Wells\Downloads\Windows-KB890830-V4.11.exe:BDU
    
    S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]
    
    C:\Users\Wells\AppData\Local\iLivid
    C:\Users\Wells\AppData\Local\Temp\BundleSweetIMSetup.exe
    C:\Users\Wells\AppData\Local\Temp\MybabylonTB.exe
    
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 25 November 2013 - 11:36 PM

Marius,

I tried to cut & paste code as you instruct to notepad, several times, but program (Fix) would not run after I cut & pasted code...said I had incompatible or something. I tried it as frst64.exe as my machine is a 64

I also tried to run JRT and all it does is flash very quickly a black screen and disappears. I tried in SAFE mode as well and same result. 

Best, wpfast



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 26 November 2013 - 09:27 AM

Scan with FRST (Recovery Environment)


To run FRST on Vista and Windows7:



Plug the flashdrive into the infected PC.

Enter System Recovery Options.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.



To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Edited by TB-Psychotic, 26 November 2013 - 09:27 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 26 November 2013 - 09:37 AM

TB Psychotic, I love it...you are taking me to the "next level" of understanding as I have never used a flash drive...call me techno timid (!)...but I will buy a flash drive at Walmart and follow your instructions. This is very empowering, friend. Thank you for your help!

best,

wpfast



#10 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 28 November 2013 - 01:44 AM

TB-Psychotic

 

I managed to get a flash drive and use it to save log. 

 

Unfortunately I found I do not have a system disk, so I am going to have to track one down. Actually there may be one here and I need to e-mail the guy who built my computer. 

 

Thank you for your patience. I will send an inquiry in the morning to the vendor and hopefully he'll answer that he left me with a Windows disk, but I have a feeling he just installed Windows on the new computer and handed it over, without me getting my own registration. If that is the case can you advise? What I mean is could the vender have had a mutli-user Microsoft license and used it to install on my new computer without giving me a copy? 

 

Thanks, 

 

wpfast



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 28 November 2013 - 03:08 PM

No, he cannot sell a windows installed computer without the license but without the disk.

But any other Windows 7 Disk will work.

 

Try this option from inside windows: http://windows.microsoft.com/en-us/windows7/create-a-system-repair-disc


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 30 November 2013 - 12:43 AM

thank you, I will try this option tonight!

 

wpfast



#13 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 02 December 2013 - 12:54 AM

Sorry to take so long...I did not have a disk but I have some new ones now..

 

I followed instructions to create a repair disk and just got back an "unspecified error message system Disk Could Not Be Created (0x80004005)

 

I'm going to reboot in safe mode and see if that makes any difference.

 

thanks!



#14 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:07:41 AM

Posted 02 December 2013 - 03:08 AM

Dear TB-Psychotic:

 

Here's what instructions from you I've been able to execute and the results...

 

1. download FRST64 recovery tool and save to Flash Drive K...problem is K: does not show up when I select computer in Notepad

 

2. create system disk and boot from it...I got a clean system recovery disk, no errors, on the second time around, and have been able to boot from it using F8...problem is as I say above the computer cannot find FRST64.exe because it cannot even see the Flashdrive which is plugged in and identified as Drive K

 

3.  I'm doing this in standard mode, not SAFE becasue SAFE does not allow some of these functions it seems

 

4.  I am completely confused by this directive issued above and it may be the source of my error: 

     

     "Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt"    I have never seen that term used before..."same direction" and have no idea what it means or how to execute it

 

I assumed it meant to save the log to a .txt file but I think this is where I screwed up?

5.  I did disable anti-virus software to avoid any blocking

 

Summary:  I have started over a couple of times and re-downloaded the Farber Recovery Scan Tool and run Fix I am getting a message:

 

No fixlist.txt found.

The fixlist.txt should be made and saved in the same directory the tool is located.  

 

Just so you know, I am a real novice here and so you may need to spell out exactly how I should save the files and where...I know, you already did that, right? 

 

BTW, when I type in FRST in the Windows Search Box it finds three FRST files, and one is .exe If I click on that one it tells me the "version of this file is not compatible with the version of Windows I am running and gives me the business about whether I'm running a 32-bit or a 64-bit...I am FTR running the 64-bit and thought I specified this when I downloaded the Farber Tool

 

Please advise. 

 

Oh! One more thing that is weird: when I go to Computer and open Drive K I see listed FRST.txt but no other FRST is there, yet the FRST64.exe shows up in my search, so clearly I did not save it correctly, in the same location as the .txt 

would you be kind enough to tell me how to do that simple task (simple for you, unfortunately not for me...I grew up with 8 track tape players if that tells you anything...)

 

Thanks.

 

wpfast

 



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 02 December 2013 - 03:30 AM

Plug the flash device into another usb port.

Then boot into the recovery environment as before and try to locate the flash device to scan with FRST as mentioned.

 

Report if anything isn´t working.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users